As someone that has spent a sizable amount of my career in ad products, the outrage here is kind of (sadly) funny. A conversion pixel? Hah, if you only had an <i>idea</i> of what the Facebook data faucet looked like in 2007-2017, your hairs would stand.<p>Pretty sure they were breaking all kinds of PII laws.
The amount of tracking on this page is astounding. Just from the screenshot, I count 9 trackers:<p><pre><code> Uber Eats' own analytics
sc-static.net (Snapchat? whois doesn't reveal anything.)
Google Tag Manager
Facebook Connect
Yahoo
TikTok
ispot.tv (Some sort of ad management solution.)
Hotjar (Behavioural analytics.)
Bing</code></pre>
Just in general look at those cookie consent dialogs at any site living on advertising or using it and really see the insanity of number of partners... That should show that we might actually need to burn it all down...
As many people have pointed out these are for tracking the performance of ad traffic. Savvy, "privacy minded" businesses may listen to this sort of outrage, and pull the pixels off their websites. But you are kidding yourself if you think you aren't being tracked because the frontend JS is all first party.<p>The same thing can, and is happening server side. Every platform out there now has an event/conversion API [1]. If you are logging in to Uber Eats with a email/phone number you have used elsewhere then you are going to be tracked full-stop.<p>1. Here is TikTok's for example <a href="https://ads.tiktok.com/help/article?aid=10003669" rel="nofollow">https://ads.tiktok.com/help/article?aid=10003669</a>
38.9 kB of JavaScript is a very generous interpretation of ‘pixel’.<p>Interestingly, it only loads after you agree to third party cookies by clicking “Got it”. So I guess they at least respect that.
I used to be extremely privacy focused. I was the stereotypical noscript, don't load email remote content, all services off on phone, etc kind of guy. But recently at a certain point, I just stopped caring. I use ad blockers, so what harm is there to Google knowing my information?<p>I don't really have any information worth hiding. Even the worst case catostrophic leak scenarios are really not a big deal for me. So I just decided to stop making my life harder; I got a smartphone, I turned on the convenience services that track me, I started looking at pictures in my emails. I still think privacy is important, but I stopped caring about mine.
People here talking about PII reminds me every day that we still haven't grasped what Personal Data is, and how incredibly different it is from PII. Ah, sad.
The answer to this is the same as to all similar questions: <i>why are you not blocking third-party content by default</i>? To which the reaction tends to be that this is too difficult/too much hassle/should not be necessary. No, it should not be necessary just like locking your door should be necessary. Unfortunately, it is.<p>By the way, in this specific case another answer is "UberEats? Learn To Cook™!"
Is it a good time and place to mention Tracker Control ?<p><a href="https://trackercontrol.org/" rel="nofollow">https://trackercontrol.org/</a>
<a href="https://www.businessinsider.com/tiktok-ghost-kitchens-launch-viral-food-trends-2021-12" rel="nofollow">https://www.businessinsider.com/tiktok-ghost-kitchens-launch...</a><p>Might be an answer.
As one can see from comments on HN, it bothers some website developers when these basic tactics are openly discussed. The user gets no choice over whether her data is shared, or with whom it is shared. The expectation appears to be that no one will ever complain, whether for the first time or on a consistent basis. Perhaps there is a belief that if a certain amount of time passes without any complaints, this signifies a common "ad tech" practice is acceptable to the general population, and passes any sort of ethical, regulatory or legal analysis. A sort of "waiver". Silence equals acceptance.<p>"Everyone else was doing it, so therefore we in particular are not guilty of any wrongdoing." Perhaps some folks think that is a good defense.
At a quick glance it seems rather easy for tiktok to slip in whatever it wants in that source from time to time. Is this the status quo for third party cookies?
Anything that tracking pixel does could also have been done server side, with users none-the-wiser.<p>Unless of course they list the (likely hundreds of) companies they're sharing data with in a dreaded GDPR "cookie banner".