Leading Mobile Health Apps Pose Consumer Secrecy Risks

Most consumers lack the tools and knowledge to analyze data flows and security, so they have no way of knowing what is happening behind the scenes
Consumers lack knowledge to analyze data security

Apps in the health space carry “considerable privacy risks for users,”according to a study released by Privacy Rights Clearinghouse, Fierce Mobile Healthcare reports.

They evaluated 20 of the top paid health and fitness apps and 23 of the most popular no-cost wellness apps in Google Play and Apple’s App Store. The researchers examined the apps from both a consumer and technical perspective to determine privacy risks based on data collected, stored and transmitted. After studying 43 popular health and fitness apps, the researchers found that there are considerable privacy risks for users and that the privacy policies for those apps that have policies do not describe those risks. However, these apps appeal to a wide range of consumers because they can be beneficial, convenient, and are often free to use.

The problem, according to the report, is that “most consumers lack the tools and knowledge to analyze data flows and security, so they have no way of knowing what is happening behind the scenes.” And, “even if privacy and security practices are accurately detailed in a privacy policy, the average user has no way to decipher them,” the report concluded.

Among the Privacy Rights Clearinghouse’s other findings:

Many apps send data in the clear–unencrypted–without user knowledge
Many apps connect to several third-party sites without user knowledge
72 percent of the apps had medium (32 percent) to high (40 percent) risk regarding personal privacy

As the report points out, the danger that health and fitness apps pose is that they “appeal to a wide range of consumers because they can be beneficial, convenient, and are often free to use.” However, as the group warns consumers should not assume any of their data is private in the mobile app environment–even health data that they consider sensitive.

Last month, rogue Booz Allen Hamilton employee Edward Snowden exposed a massive effort by the National Security Agency to track cell phone calls and monitor the e-mail and Internet traffic of virtually all Americans. And, it was also revealed that the NSA and the FBI are siphoning personal data from the main computer servers of nine major U.S. Internet firms.

Did you like this? Share it:

Leave a Reply

Your email address will not be published.

31  +    =  41