What did Become get wrong?
Become Charity is the charity for chlidren in care and young care leavers.
Their website provides information for all, but notably for children in care with information pages and community pages for them.
Sadly, the charity has decided to include spyware in their site: a feature called Facebook Pixel, that where it can will identifiably track a user's habit on the site.
The tool from Facebook collects this data to support audience metrics for the site, but also to add metadata to the user's account about what it learns to help Facebook target related content and adverts to the user.
Should data that a child is in a community site or looking for infromation be part of an advertising system without their consent or knowledge? Apart from the safeguarding responsibilities, this is a breach of data protection law.
Their site includes community pages like this one Day 18: End the Care Cliff
The problem with that page is it uses a Vimeo embed that looks like this
Imagine the page title and the vimeo logo are swapped with links to PornHub. Would that be okay?
No, because PornHub is for over 18s.... but Vimeo is for over 16s, so whilst not as inappropriate for cihldren as a porn site it is still not appropriate for most kids.
Raising the complaint
9th January 2023
A complaint was sent to Become Charity's mailbox and the ICO, including screenshot evidence and links to the Facebook and Vimeo terms and cookies poliices that they are breaching.
23rd January 2023
Further details provided regarding ongoing failure.
Is it fixed?
When last checked no
However, it did appear the site is improving with consideration of cookie consent and perhaps the removal of Vimeo content in at least one place.