WASHINGTON: Online advertisers such as Google and Facebook along with data brokers may be watching as you surf health websites, researchers have warned.
Nine out of ten visits to a health-related website result in a personal health information being leaked to third parties, including online advertisers and data brokers, showed an analysis of over 80,000 web pages.
"Personal health information -- historically protected by the Hippocratic Oath -- has suddenly become the property of private corporations who may sell it to the highest bidder or accidentally misuse it to discriminate against the ill," said study author Timothy Libert, doctoral student at University of Pennsylvania.
Libert authored a software tool that investigates Hypertext Transfer Protocol (HTTP) requests initiated to third party advertisers and data brokers. He found that 91% of health-related web pages initiate HTTP requests to third parties.
Seventy percent of these requests include information about specific symptoms, treatment, or diseases (AIDS, cancer, etc.).
The vast majority of these requests go to a handful of online advertisers. Google collects user information from 78% of pages, comScore 38%, and Facebook 31%, the findings showed.
Two data brokers, Experian and Acxiom, were also found on thousands of pages. Given that data brokers are free to sell any information they collect regarding visits to health websites, those visiting such sites are potentially at risk of being discriminated by potential employers, retailers, or anybody with the money to buy the data.
Moreover many online marketers use algorithmic tools which automatically cluster people into groups with names like "target" and "waste".
Predictably, those in the "target" category are extended favourable discounts at retailers and advance notice of sales. It is possible that anyone visiting medical websites may be grouped into the "waste" category and denied favourable offers, the study pointed out.
These findings are forthcoming in the journal Communication of the ACM.
Nine out of ten visits to a health-related website result in a personal health information being leaked to third parties, including online advertisers and data brokers, showed an analysis of over 80,000 web pages.
"Personal health information -- historically protected by the Hippocratic Oath -- has suddenly become the property of private corporations who may sell it to the highest bidder or accidentally misuse it to discriminate against the ill," said study author Timothy Libert, doctoral student at University of Pennsylvania.
Libert authored a software tool that investigates Hypertext Transfer Protocol (HTTP) requests initiated to third party advertisers and data brokers. He found that 91% of health-related web pages initiate HTTP requests to third parties.
Seventy percent of these requests include information about specific symptoms, treatment, or diseases (AIDS, cancer, etc.).
The vast majority of these requests go to a handful of online advertisers. Google collects user information from 78% of pages, comScore 38%, and Facebook 31%, the findings showed.
Two data brokers, Experian and Acxiom, were also found on thousands of pages. Given that data brokers are free to sell any information they collect regarding visits to health websites, those visiting such sites are potentially at risk of being discriminated by potential employers, retailers, or anybody with the money to buy the data.
Moreover many online marketers use algorithmic tools which automatically cluster people into groups with names like "target" and "waste".
Predictably, those in the "target" category are extended favourable discounts at retailers and advance notice of sales. It is possible that anyone visiting medical websites may be grouped into the "waste" category and denied favourable offers, the study pointed out.
These findings are forthcoming in the journal Communication of the ACM.
0 Comments