Because The U.S. Is Too Corrupt To Pass Privacy Legislation, Data Brokers Increasingly Traffic In Sensitive Mental Health Data
from the have-you-ever-noticed-that-making-money-is-the-only-thing-we-actually-care-about dept
We’ve noted for a long while that the performative hysteria surrounding TikTok is basically a giant distraction from our failures on consumer protection and privacy legislation.
Case in point: the growing number of mental health apps that routinely collect and monetize sensitive consumer mental health data, yet fail to meaningfully protect the data they collect. Mozilla, for example, last May found that most mental health apps have abysmal privacy and security standards, and often sell access to this data to a wide variety of dodgy data brokers and middlemen (including governments).
This week the Washington Post unsurprisingly found that a long line of data brokers traffic in sensitive user mental health data thanks to pandemic-era rise of telehealth and therapy apps, including the addresses of those diagnosed with depression, anxiety, post-traumatic stress or bipolar disorder:
After contacting data brokers to ask what kinds of mental health information she could buy, researcher Joanne Kim reported that she ultimately found 11 companies willing to sell bundles of data that included information on what antidepressants people were taking, whether they struggled with insomnia or attention issues, and details on other medical ailments, including Alzheimer’s disease or bladder-control difficulties.
It’s telling that this story didn’t even bother to include the usual industry defense about how this isn’t a big deal because this data is “anonymized,” a term data scientists have found to be meaningless.
This whole mess is, of course, a direct result of our failure to pass even basic privacy legislation for the internet era; legislation that includes meaningful accountability for corporations and executives who play fast and loose with sensitive U.S. consumer data, and adequate enforcement funding for historically understaffed privacy regulators at the FTC.
While the FTC did recently fine GoodRX for the unauthorized sharing of consumer health data, the agency lacks the staff or funding to go after bad actors at the scale they’re now operating. Even in the wake of Roe’s overturn, and the resulting concerns about the dangers of this data being abused by activists and vigilantes, interest in meaningful reform has proven to be tepid at best.
There’s simply too much money to be made.
Instead, we’ve watched as the same policymakers that created this oversight-optional data hoovering hellscape focus the entirety of their political attention hyperventilating about a single app: TikTok. Either ignoring or oblivious to the fact that the entirety of the unaccountable wild west they created can also be exploited by the Chinese intelligence agencies they pretend to be so concerned about.