Tech companies will continue to provide free services in exchange for the right to collect and commoditize our data. And most of us will continue to be complicit in handing over that private, personal information. Then, we’ll throw up our hands and say, “We can’t control it!” — especially when that data is connected to our health.
The Facebook and Cambridge Analytica scandal brought this privacy discussion front and center in the category of election data. But at the same time, this discussion can be applied to the dozens of companies handling data in the health realm. Examples of those struggling to protect user privacy there?
The dating app Grinder shared data about users’ HIV status and location with third parties.
These are not isolated examples. Researchers at the AV-TEST Institute found that more than 80 percent of 60 tested Android health apps lacked proper privacy policies. One big reason may be that many of those apps demand access to photos, GPS data, device IDs, cameras, microphones and other functions unrelated to their services.
In some cases, health apps become fronts for data harvesting. A study of 110 apps by researchers at MIT, Harvard and Carnegie-Mellon found that 73 percent of Android apps studied shared users’ email addresses, and 47 percent of iOS apps shared location data. More disturbingly, three out of 30 health apps, including Drugs.com, were sharing search terms and user inputs like “herpes” with advertising networks.
There’s not necessarily a shadowy bald man with a white cat plotting to steal your data. Abuse often happens when well-meaning app developers try to create useful health services. Thinking no one will pay for those services, they convince users to pay with their free time and attention, which are far more valuable resources. Alternatively, developers sell the health data.