Two lawmakers are demanding answers from the U.S. Department of Education after an investigation by The Markup found online student aid applicants were unwittingly sharing detailed personal information with Facebook through code embedded on a government website.
Citing the investigation, published last month, two Republican lawmakers from North Carolina, Sen. Richard Burr and Rep. Virginia Foxx, said in a letter sent this week to Secretary of Education Miguel Cardona that it was “completely inappropriate” for aid applicants to be tracked by Facebook through “predatory data collection.”
Applied for Student Aid Online? Facebook Saw You
The FAFSA form included code that sent personal information back to Facebook
“This unprecedented breach, seemingly perpetrated by the Department, will likely increase the discomfort already felt by many parents who are asked to provide sensitive financial information to the Department,” the lawmakers wrote in the letter.
“Federal Student Aid works hard to protect the privacy and security of customer data for those who visit our StudentAid.gov website,” chief operating officer for Federal Student Aid Rich Cordray said in a statement to The Markup in response to the letter. “In this instance, we have determined that we need to go back and do more research on an issue dating from April 2020. We are doing that and will provide more information as it becomes available.”
The Markup found that code from Facebook parent company Meta was tracking students and parents who filled out the Free Application for Federal Student Aid on studentaid.gov, the primary way potential college students apply for financial assistance. Each year, millions of families fill out the FAFSA form, which requires students and their families to disclose financial and demographic information.
The tracking code, which was disabled after The Markup questioned the Department of Education about the practice, collected information on visitors including first and last names, email addresses, and zip codes. The code appeared on pages requesting personal information on both students and parents. After The Markup approached the department, the site stopped sharing some details, like name and address, with Facebook, though some less invasive information, like what page on the site a Facebook user may have viewed, is still transmitted.
It’s not clear exactly how many families had their information scooped up, although The Markup documented the code tracking visitors to studentaid.gov as far back as January. According to Meta, data collected through these means can be kept for years and used by the company for advertising purposes.
The Markup’s investigation was produced as part of the Pixel Hunt project, a collaboration between The Markup and Mozilla’s Rally team. The Pixel Hunt is a first-of-its-kind, crowdsourced attempt to understand the use of the Meta Pixel, a widespread but largely invisible tool that lets Facebook track visitors to websites, whether those visitors have a Facebook account or not. Millions of websites use the pixel, Facebook has said, but consumers rarely know when they’re being watched.
After the article was published, FSA’s Cordray said in a statement that an advertising campaign that used the pixel had “inadvertently caused some StudentAid.gov user information that falls outside of FSA’s normal collection efforts, such as a user’s first and last name, to be tracked.”
In the letter sent this week, the lawmakers said their offices had requested a briefing with the department on the issue but that they have so far been denied one. The letter concludes with a series of questions asking the Department of Education to detail the incident and a request that the answers be publicly released later this month.
“To gain back the trust from students and parents, the Department must be as transparent as possible,” the letter said. “We look forward to your response explaining to the American people exactly what happened with this breach of trust.”