According to a new study, published in the British Medical Journal, found the sharing of user data from health-related mobile apps on the Android platform was routine and yet far from transparent. It will probably come as no surprise that Google and Amazon are the biggest receivers of the app’s information.
This can range from information such as your age, sex, medical conditions, current symptoms, as well as any drugs you take.
It can also include sensitive health data. And all of it is being handed over to app developers, their parent companies, and potentially dozens of third-party entities — posing an “unprecedented risk” to consumer privacy.
The study follows a recent report from the Wall Street Journal that found several apps, including period tracker Flo Health, were sending sensitive user data — including weight, blood pressure, and ovulation status — to Facebook.
Lead author Dr. Quinn Grundy said health apps were a “booming market”, but one with many privacy failings.
“I think many of us would expect that this kind of data should be treated differently,” said Dr. Grundy, an assistant professor at the University of Toronto.
“Unfortunately, our study shows that that’s not the case. These apps behave in much the same way as your fitness app, weather app or music app.”
The standard privacy policies on most health apps do disclose data sharing arrangements in their terms and conditions, the disclosures are often buried in the fine print. They also do not indicate who the information is being shared with and for what purpose.
And for something as personal and potentially sensitive as medical data, not to mention valuable, Dr. Grundy suggested privacy regulators should recognise that loss of privacy is not a fair cost for the use of free or minimal cost digital health services.
According to the ABC, data sharing is pervasive in the app ecosystem, with no end in sight, said Peter Hannay, an adjunct lecturer and security researcher at Edith Cowan University, who has previously studied security vulnerabilities in Android apps.
For those who want to use these services, there aren’t many choices if you don’t like the situation: “It’s not a matter of ‘swap to a different app’,” he said.
“It would be a matter of just not using those sorts of services at all.”
If you have any questions about the security of your phone and apps you are using please get in touch with any questions. We are always happy to help.
