This study addresses the lack of systematic understanding regarding how Meta Pixel is configured on health-related websites and how it tracks sensitive user information. The authors propose PixelConfig, a framework that enables the first large-scale longitudinal reverse engineering of Meta Pixel deployments by leveraging historical snapshots from the Internet Archive, differential configuration comparisons, and combined static and dynamic JavaScript analysis. Focusing on three configuration categories—activity tracking, identity identification, and tracking restrictions—the research reveals that 98.4% of health websites enable activity and identity tracking capable of capturing sensitive medical interactions. Although 34.3% of sites implement tracking restrictions, these measures offer limited protection and are easily circumvented, highlighting the gap between high adoption driven by default configurations and the practical efficacy of privacy safeguards.

Tracking pixels are used to optimize online ad campaigns through personalization, re-targeting, and conversion tracking. Past research has primarily focused on detecting the prevalence of tracking pixels on the web, with limited attention to how they are configured across websites. A tracking pixel may be configured differently on different websites. In this paper, we present a differential analysis framework: PixelConfig, to reverse-engineer the configurations of Meta Pixel deployments across the web. Using this framework, we investigate three types of Meta Pixel configurations: activity tracking (i.e., what a user is doing on a website), identity tracking (i.e., who a user is or who the device is associated with), and tracking restrictions (i.e., mechanisms to limit the sharing of potentially sensitive information). Using data from the Internet Archive's Wayback Machine, we analyze and compare Meta Pixel configurations on 18K health-related websites with a control group of the top 10K websites from 2017 to 2024. We find that activity tracking features, such as automatic events that collect button clicks and page metadata, and identity tracking features, such as first-party cookies that are unaffected by third-party cookie blocking, reached adoption rates of up to 98.4%, largely driven by the Pixel's default settings. We also find that the Pixel is being used to track potentially sensitive information, such as user interactions related to booking medical appointments and button clicks associated with specific medical conditions (e.g., erectile dysfunction) on health-related websites. Tracking restriction features, such as Core Setup, are configured on up to 34.3% of health websites and 8.7% of control websites. However, even when enabled, these tracking restriction features provide limited protection and can be circumvented in practice.