As reported in a November 12, 2019, Financial Times article,1 dozens of popular health websites are tracking, storing and sharing your personal data, including WebMD (the leading health website) and Healthline (currently the third most popular health site2).
These two websites also, as of this year, dominate Google health searches, which virtually guarantees their continued growth and influence. “Establishment, big corporate pharma websites like WebMD are monopolizing the first page of results,” Google Whistleblower Zach Vorhies confirmed in an interview with The Epoch Times.3
I wrote about how these two websites use and share your data in my November 8, 2019, article “Shocking Proof How Google Censors Health News.” I’ve also covered this issue in other articles, so the Financial Times’ report came as no surprise to me.
What some might not know is that this kind of information sharing is illegal in Europe. As reported by Financial Times:4
“Using open-source tools to analyse 100 health websites, which include WebMD, Healthline, Babycentre and Bupa, an FT investigation found that 79 per cent of the sites dropped ‘cookies’ — little bits of code that, when embedded in your browser, allow third-party companies to track individuals around the internet. This was done without the consent that is a legal requirement in the UK.”
Seventy-eight percent of the sites shared user data with DoubleClick, Google’s advertising arm, while 48% shared data with Amazon. Facebook, Microsoft and AppNexus, another advertising firm, also received user data.
What this means is DoubleClick, Google’s ad service, will know which prescriptions you’ve searched for on these websites, thus providing you with personalized drug ads, and Facebook will know what you’ve searched for in WebMD’s symptom checker, as well as any diagnoses you received.
European Law Is Unambiguous and Far Stricter Than the US
According to Financial Times,5 “keywords such as ‘heart disease’ and ‘considering abortion’ were shared” from several sites, including Healthline, and eight of the 100 sites tested included specific identifiers that allow third parties to tie the information to specific individuals. Tracker cookies were also dropped without consent or before any consent was given.
The following graphic, created by Financial Times, illustrates the flow of data from BabyCenter.com, a site that focuses on pregnancy, children’s health and parenting, to third parties, and the types of advertising these third parties then generate.
Wolfie Christl, a technologist and researcher, told Financial Times:6 “These findings are quite remarkable, and very concerning. From my perspective, this kind of data are clearly sensitive, has special protections under the [General Data Protection Regulation] and transmitting this data most likely violates the law.”
Phil Smith, director-general of the U.K.s Incorporated Society of British Advertisers told Campaignlive.com7 that the EU’s General Data Protection Regulation — which was implemented in May 2018 — is unambiguous and straight-forward: Websites must request and obtain “explicit consent for the sharing of ‘special category data,’” which includes health data.
Other special category data considered to be particularly sensitive and needing explicit consent to be shared include race, ethnic origin, political persuasion, religious affiliation, trade union membership, genetics, biometrics, sexual orientation and details relating to your sex life.
Weeding Out 'Undesirables'
In response to Financial Times’ report, Google said it “does not build advertising profiles from sensitive data,” and that it has “strict policies preventing advertisers from using such data to target ads."8 Well, if it’s not being used to personalize medical ads, what is the health data being used for, and why is it collected and shared in the first place?
According to Tim Libert, a computer scientist at Carnegie Mellon University who developed the open-source tool Financial Times used to investigate the information sharing, medical information can be used to “prey on the ill and vulnerable.”9 Health data can also be used to secretly discriminate against certain individuals. As noted by Libert:10
“As medical expenses leave many with less to spend on luxuries, these users may be segregated into ‘data silos’ of undesirables who are then excluded from favorable offers and prices. This forms a subtle, but real, form of discrimination against those perceived to be ill.”