Health sites let ads track visitors without telling them
Third-party tools grab personal information from medical, genetic-testing company sites.
Further analysis of those websites—using tracker identification tools like the Electronic Frontier Foundation's Privacy Badger and The Markup's Blacklight—revealed which ad tech modules the companies had embedded on their sites. . .
"My reaction was shock at realizing the big missing pieces in these policies," says Andrea Downing, a co-author of the study, independent security researcher, and president of the Light Collective. "And when we talked to some of these companies it really seemed like they just didn't fully understand the ad tech they were using. So this needs to be an awakening. . ."
[...] "The question in this experiment was 'Can patients believe the terms and conditions they agree to on health-related sites? And if they can't, do the companies even know that they can't?'" Perakslis says. "And many of the companies we looked at aren't HIPAA-covered entities, so this health-related data exists in an almost wholly unregulated space. Research has consistently shown that the flow of such information for advertising can disproportionately harm vulnerable populations."
The vast majority of users, of course, click through terms of service and privacy policies without actually reading them. But the researchers say that this is all the more reason to shed light on how digital ad targeting, lead generation, and cross-site tracking can erode user privacy. . ."
No comments:
Post a Comment