It’s code, Jim, but not as we know it.
Via Ben Simo:
HealthCare.gov uses a variety of Web measurement software tools. We use them to collect the information listed in the “Types of information collected” section above. The tools collect information automatically and continuously. No personally identifiable information is collected by these tools.
However, the system sends some personal information to 3rd party analytics and advertising companies. For example, the following two images show my username and password reset codes being sent to a couple of 3rd parties:
Not only does this violate Healthcare.gov’s stated privacy policy, it likely also violates the privacy policies of these 3rd parties. Even if the 3rd parties receiving the data can be trusted to not abuse the data, they may not protect it as personally identifiable information should be protected — especially if they are not expecting to receive personal information.
