As someone who spent the past 4.5 years in ad tech, this isn't all that surprising. There are a number of ways they likely tagged them as being likely "connected" and thus the suggestion.
1. The individual visited the doctors website, which has a Facebook tracking pixel. This pixel is associated with the doctors page.
2. Contact lists. The user has given FB access to their contacts and the doctor is there.
3. The patient used the doctors free wifi. The user browsed a website which has tracking information that leaks to a third party some identifiable information along with the IP. The third party knows that IP belongs to the doctors office, so they know you are connected. This data is sold back to facebook via one of their DMP (data management platform) partners.
I could go on. Lots of ways leak information without it being purposeful. Ad blockers also don't necessarily solve this problem as tracking can be done server side as well.
Facebook suggested a link between me and my insurance agent.
1. I have not visited the insurance agent's website.
2. He is not in my contact list. (And I've not given FB access to my contact list).
3. I've never been to his office.
I have visited the website of the national insurance company that he represents, so if he was my local agent I could see them inferring a connection. However, he is not my local agent. He's from the city I lived in two moves ago--a city I lived in before FB existed.
As far as I know, I have no friends that use him as an insurance agent. I did switch to that insurance company on the recommendation of friends, but that was three moves ago, when I lived in a completely different state. Those friends and I both moved to this state at about the same time, but to different cities, and we switched to different agents when we moved.
Overall, I'd like to see more transparency from companies as to the "why" for these recommendations. I doubt we will see that happen without legislation, as I'm sure FB and Google would never want to present to end users that they know you are pregnant because of in store purchases you made. The creepiness factor takes a huge leap once people understand how something ends up in their feed.
Oh you can go further than that, you on facebook you likely are on their mobile version too which means hardware id is known and can be correlated. So you just need to visit your doctors office and your phones attempt to connect with wifi should be enough. Friend of mine do something similar for hotels.
Nobody is mentioning the p-hacking going on here. There are tons and tons of false positives in the friends suggestions. It is not like Facebook knows your relationship with the surgeon, it just suspect that there might be a connection.
Discussion on a somewhat similar story from a few months ago ("Facebook recommended that a psychiatrist’s patients friend each other"): https://news.ycombinator.com/item?id=12388370
You have to intentionally leak medical information. Much of our laws are about intent. The other comments cover what most likely happened (both visiting FB on the same wi-fi, the physicians website or hospital website had a tracking pixel from some 3rd party service that got aggregated back and sold to FB, etc.)
Keep in mind FB is only making a guess based on attributes it's been fed. I'm sure friend suggestions may also include other people who have visited the same hospital you have nothing in common with. They're hoping to get a few friend hits by aggregating as many signals as possible.
Not using Facebook is kind of like people who refuse to use gmail... in the end it doesn't matter because every time you email someone who uses gmail, they get the conversation anyway through the other end of the link.
To avoid Facebook's surveillance network, you have to not use Facebook AND only interact ONLY with people who don't use Facebook.
Scenario #1: Exactly as above; your physician uploads his contacts to FB. Congratulations, FB has now linked your email address as a relationship to your physician. You didn't execute any code or interact with FB in any way.
Scenario #2: You are at a party and someone takes a photo of your group, and tags you in the photo. Congratulations, your name, photo, and a link to the person who posted the photo are now on FB without your consent and possibly without your knowledge. Again, you had no personal interaction with FB.
Scenario #3: You email someone at xyzcorp.com. XYZCorp uses gmail for their email hosting. Congratulations, gmail has now linked you to XYZCorp. Here also, you had no intentional interaction directly with Gmail.
The ways in which the likes of Gmail and FB build their social graph are many and varied. Don't underestimate them.
But the aim of these social graphs is for them to sell you junk you don't want. The graphs are useless if you got adblock and JS disabled. Good luck throwing crap at me via the web when I basically neuter your site's DOM too.
Scenarios #1 and #3 allow a 3rd party with access to the graph to send you e-mail related to the Physician (#1), and XYZCorp (#3)... and that is with a single edge. The graphs are not useless.
What if I flag the email as spam? And go as far to block your list of domains which you use to make solicitations? The funny thing is I don't actually do that but it seems GMail has gotten too good at its job to where the only solicitations I get are the ones I actively pursue. I'm not faulting them for using social graphs, I'm just saying that at some point that their utility is subjective to such a point to be a kind of solipsism. Sure you know who I am but what if I never read the email? Sure you know my doctor but what if I only use them as a rubber stamp for my medications and maybe check my health once a year? How do you get your marketing shim in there to wedge my wallet open? I can't see how it works maybe because I'm the extreme case here of a hard customer.
I don't use Facebook or WhatsApp, That's not a helpful option - they have all my contacts from the other side of the contact, because almost none of my acquaintances cares.
More than likely his surgeon has an email that mentioned his name and he (the surgeon) ha given Facebook permission to check his email for contacts. It's the same scam that LinkedIn does that leads to me getting spammed by people on mailing lists I occasionally post on.
This. The user does not have to use Facebook at all, ever, for Facebook to establish the link. If the surgeon has the user's email address in his (the surgeon's) address book, and he (the surgeon) allows Facebook to access his address book, that is sufficient to establish the link.
In the other thread about the psychiatrist, you can find where I discussed a similar incident that occurred some time ago between myself and a professor.
Facebook says they don't use location data for friend recommendations (anymore), and given the contact linking it seems reasonable to assume that it is correct.
Linkedin knows some guy I went on vacation with over a decade ago. Linkedin keeps bringing him up. I only met him once, nearly 15 years ago, and we didn't keep in touch.
So already stated that the person could have given his own contact list to facebook, but also the opposite. The surgeon could have given his contact list to facebook and figures if person X has me in their contact list, I must know them.
Lesson: give facebook a throwaway email and phone number if you can, if you really do not want this to happen. Also only browse facebook in incognito mode.
I've done it. I have a throwaway facebook account that doesn't seem to connect to any of my normal points of contact (say for free offers where you have to share something on fb). Not that facebook couldn't figure out who I am (say via IP), but they just don't actively do that or at least expose that to end users.
1. The individual visited the doctors website, which has a Facebook tracking pixel. This pixel is associated with the doctors page.
2. Contact lists. The user has given FB access to their contacts and the doctor is there.
3. The patient used the doctors free wifi. The user browsed a website which has tracking information that leaks to a third party some identifiable information along with the IP. The third party knows that IP belongs to the doctors office, so they know you are connected. This data is sold back to facebook via one of their DMP (data management platform) partners.
I could go on. Lots of ways leak information without it being purposeful. Ad blockers also don't necessarily solve this problem as tracking can be done server side as well.