“Ho hum,” you’ll be saying if you’re a technorati type. “Any third-grader knows that the Internet is full of cookies that follow you around like pesky puppies and help ad-buyers target you with pitches for tennis balls and shoes the day after you order a racket. Facebook does it. Google does it. This is our online world.”
But if you’re less tech-aware, a paper just out in the journal JAMA Internal Medicine may open your eyes a bit to the potential aftermath of your searches on some health Websites. In Privacy Threats When Seeking Online Health Information, Marco D. Huesch of the University of Southern California reports using privacy software to detect whether his forays onto 20 popular health Websites resulted in leaks of the medical information he entered.
A patient who searches on a “free” health-related website for information related to “herpes” should be able to assume that the inquiry is anonymous. If not anonymous, the information knowingly or unknowingly disclosed by the patient should not be divulged to others.
Unfortunately, neither assumption may be true. Anonymity is threatened by the visible Internet address of the patient’s computer or the often unique configuration of the patient’s web browser. Confidentiality is threatened by the leakage of information to third parties through code on websites (eg, iframes, conversion pixels, social media plug-ins) or implanted on patients’ computers (eg, cookies, beacons).
Many third parties use the information they collect only to target advertising (eg, DoubleClick). However, nearly 300 third parties use the information to track consumers, delivering advertising related more directly to the user’s known or inferred interests, demographics, and prior online behavior.
These weaknesses in privacy practices have been detailed in the news media. The Federal Trade Commission has called for consumer privacy legislation. Online privacy guidelines for searches on health topics have been published. But privacy threats are poorly understood because of the technical nature of online data collection and aggregation.
So what did Huesch actually find? From the press release: Continue reading