08 Jul 2026

Privacy Commissioner Finds Breaches in Third-Party Tracking Pixel Investigation

The Australian Privacy Commissioner has found that health service providers Medmate Australia and Monash IVF breached the privacy of individuals after sensitive information was collected through third-party tracking pixels on their websites.

Pixels.png

The findings conclude a year-long OAIC investigation into how tracking pixels were used on telehealth and fertility service websites to monitor visitors and support targeted advertising on social media platforms. The decision confirms that when tracking pixels collect sensitive information, including health-related data, website providers must obtain user consent under the Privacy Act.

Alongside the determinations, the OAIC has released Your life, pixelated: how tracking pixels watch your every click, a report examining the use of tracking pixels across 50 health service provider websites. The report includes findings, case studies and practical recommendations to help organisations better understand and manage privacy risks.

The OAIC is encouraging all APP entities to review their use of third-party tracking pixels and ensure they understand their obligations under the Privacy Act 1988.

Read the full article on the OAIC website