Mental health app might share your data without telling you
That mental health apps might share your data without telling you adds to a string of worrying revelations about what apps are doing with the health information we entrust to them. For instance, a Wall Street Journal investigation recently revealed the period tracking app Flo shared users’ period dates and pregnancy plans with Facebook.
In this new study, published Friday in the journal JAMA Network Open, researchers searched for apps using the keywords “depression” and “smoking cessation.” Much of the data the apps shared didn’t immediately identify the user or was even strictly medical. But 33 of the 36 apps shared information that could give advertisers or data analytics companies insights into people’s digital behavior. And a few shared very sensitive information, like health diary entries, self reports about substance use, and usernames.
“Potentially advertisers could use this to compromise someone’s privacy and sway their treatment decisions,” says Steven Chan. For example, what if an advertiser discovers someone is trying to quit smoking? “Maybe if someone is interested in smoking, would they be interested in electronic cigarettes?” Chan says. “Or could they potentially introduce them to other similar products, like alcohol?”
Does it worry you that advertiser might know more about your mental health than you want them to?
Wow. That continues to be kind of "creepy".
If it's free, assume they're making their money from it somewhere. That's just how these things work. I'd venture to assume more of these companies don't care about your health, and the ones that do need to fund their programs somehow. I think it's unfortunate that if people were really aware of how it's used and how the tech works there would be a lot less use. This is easy to bypass, in part, by creating fake accounts, using a different name, and using a vpn.
It concerns me very much as people make themselves more vulnerable when they believe no one is watching. It needs to be made very clear that their information is being shared and not just "You agree to the use of 'cookies' when surfing this site." In health care we are very particular in how we share information and especially how we document it. In public health if we document a group, the lesson plan etc is public, but the registration list is held under Personal Health Information and Privacy Act (PHIPA). Registration is attached to a client and not the course.Why would private companies be allowed to breach PHIPA?
Also, don't fool yourself around VPNs. In many cases, the original location can be easily found. Therefore the person using the app can be easily known. Health care VPN's are different than most made available to the public for streaming or surfing the web.