Kroger, the largest supermarket chain in the U.S., is being sued in federal court for the unauthorized sharing of personally identifiable information and health data with Meta.
Two different proposed class-action lawsuits were filed on Nov. 10 and Nov. 13 in the Southern District of Ohio, Western Division. The plaintiffs, both from Ohio, are anonymous.
The suits alleged that Kroger essentially ”planted a bug” on its website, which includes an online pharmacy, and was “looking over the shoulder of each visitor for the entire duration of their Website interaction.” That “bug” refers to the Meta Pixel and the other trackers Kroger used on its website. The Nov. 10 suit claimed that as a result, Kroger leaked details of which medications and dosages a patient sought or purchased from Kroger’s pharmacy, which then allowed “third parties to reasonably infer that a specific patient was being treated for a specific type of medical condition such as cancer, pregnancy, HIV, mental health conditions, and an array of other symptoms or conditions.”
In February, The Markup revealed that Kroger collects extensive data through its loyalty program. The investigation detailed Kroger’s use of the Meta pixel on kroger.com, including how the company sent information to Meta when a pregnancy test was added to a virtual shopping cart. A similar example was included in the Nov. 10 lawsuit, showing that Meta is informed when a user searches on Kroger.com for Plan B contraceptives. The Nov. 13 lawsuit, in trying to establish the harms of “mishandling medical information,” also cited a Markup story on hospital websites disclosing sensitive information to Meta through the pixel.