The “Invisible Web” Undermines Health Information Privacy

“The goal of privacy is not to protect some stable self from erosion but to create boundaries where this self can emerge, mutate, and stabilize. What matters here is the framework— or the procedure— rather than the outcome or the substance. Limits and constraints, in other words, can be productive— even if the entire conceit of “the Internet” suggests otherwise.

         Evgeny Morozov in “To Save Everything, Click Here: The Folly of Technological Solutionism

 

We cherish privacy in health matters because our health has such a profound impact on how we interact with other humans. If you are diagnosed with an illness, it should be your right to decide when and with whom you share this piece of information. Perhaps you want to hold off on telling your loved ones because you are worried about how it might affect them. Maybe you do not want your employer to know about your diagnosis because it could get you fired. And if your bank finds out, they could deny you a mortgage loan. These and many other reasons have resulted in laws and regulations that protect our personal health information. Family members, employers and insurances have no access to your health data unless you specifically authorize it. Even healthcare providers from two different medical institutions cannot share your medical information unless they can document your consent.

Health Information Privacy via Shutterstock
Health Information Privacy via Shutterstock

The recent study “Privacy Implications of Health Information Seeking on the Web” conducted by Tim Libert at the Annenberg School for Communication (University of Pennsylvania) shows that we have a for more nonchalant attitude regarding health privacy when it comes to personal health information on the internet. Libert analyzed 80,142 health-related webpages that users might come across while performing online searches for common diseases. For example, if a user uses Google to search for information on HIV, the Center for Disease Control and Prevention (CDC) webpage on HIV/AIDS (http://www.cdc.gov/hiv/) is one of the top hits and users will likely click on it. The information provided by the CDC will likely provide solid advice based on scientific results but Libert was more interested in investigating whether visits to the CDC website were being tracked. He found that by visiting the CDC website, information of the visit is relayed to third-party corporate entities such as Google, Facebook and Twitter. The webpage contains “Share” or “Like” buttons which is why the URL of the visited webpage (which contains the word “HIV”) is passed on to them – even if the user does not explicitly click on the buttons.

Libert found that 91% of health-related pages relay the URL to third parties, often unbeknownst to the user, and in 70% of the cases, the URL contains sensitive information such as “HIV” or “cancer” which is sufficient to tip off these third parties that you have been searching for information related to a specific disease. Most users probably do not know that they are being tracked which is why Libert refers to this form of tracking as the “Invisible Web” which can only be unveiled when analyzing the hidden http requests between the servers. Here are some of the most common (invisible) partners which participate in the third-party exchanges:

Entity                                      Percent of health-related pages

Google                                                78

Facebook                                            31

Twitter                                               18

Amazon                                              16

Experian                                             5

What do the third parties do with your data? We do not really know because the laws and regulations are rather fuzzy here. We do know that Google, Facebook and Twitter primarily make money by advertising so they could potentially use your info and customize the ads you see. Just because you visited a page on breast cancer does not mean that the “Invisible Web” knows your name and address but they do know that you have some interest in breast cancer. It would make financial sense to send breast cancer related ads your way: books about breast cancer, new herbal miracle cures for cancer or even ads by pharmaceutical companies. It would be illegal for your physician to pass on your diagnosis or inquiry about breast cancer to an advertiser without your consent but when it comes to the “Invisible Web” there is a continuous chatter going on in the background about your health interests without your knowledge.

Some users won’t mind receiving targeted ads. “If I am interested in web pages related to breast cancer, I could benefit from a few book suggestions by Amazon,” you might say. But we do not know what else the information is being used for. The appearance of the data broker Experian on the third-party request list should serve as a red flag. Experian‘s main source of revenue is not advertising but amassing personal data for reports such as credit reports which are then sold to clients. If Experian knows that you are checking out breast cancer pages then you should not be surprised if this information will be stored in some personal data file about you.

How do we contain this sharing of personal health information? One obvious approach is to demand accountability from the third parties regarding the fate of your browsing history. We need laws that regulate how information can be used, whether it can be passed on to advertisers or data brokers and how long the information is stored.

 

Here is the Privacy Policy Summary for WebMD, a commonly visited health information portal:

   We may use information we collect about you to:

 ·         Administer your account;

·         Provide you with access to particular tools and services;

·         Respond to your inquiries and send you administrative communications;

·         Obtain your feedback on our sites and our offerings;

·         Statistically analyze user behavior and activity;

·         Provide you and people with similar demographic characteristics and interests with more relevant content and advertisements;

·         Conduct research and measurement activities;

·         Send you personalized emails or secure electronic messages pertaining to your health interests, including news, announcements, reminders and opportunities from WebMD; or

·         Send you relevant offers and informational materials on behalf of our sponsors pertaining to your health interests.

 

Users are provided with instructions for how they can opt out of the tracking and receiving information from the (undisclosed) sponsors but it is unlikely that the majority of users read the privacy policy pages of the various health-related websites. It is even less likely that users will go through the cumbersome process of requesting that all their information be kept private and not passed on to corporate sponsors.

Perhaps one of the most effective solutions would be to make the “Invisible Web” more visible. If health-related pages were mandated to disclose all third-party requests in real-time such as pop-ups (“Information about your visit to this page is now being sent to Amazon“) and ask for consent in each case, users would be far more aware of the threat to personal privacy posed by health-related pages. Such awareness of health privacy and potential threats to privacy are routinely addressed in the real world and there is no reason why this awareness should not be extended to online information.

 

 

 

Note: An earlier version of this article was first published on the 3Quarksdaily Blog.

Reference:

Libert, Tim. “Privacy implications of health information seeking on the Web” Communications of the ACM, Vol. 58 No. 3, Pages 68-77, March 2015, doi: 10.1145/2658983 (PDF)

 

ResearchBlogging.org

Libert, T. (2015). Privacy implications of health information seeking on the web Communications of the ACM, 58 (3), 68-77 DOI: 10.1145/2658983

Advertisements

Should Doctors ‘Google’ Their Patients?

Here is an excerpt from my latest post on the 3Quarksdaily blog:

 

Beware of what you share. Employers now routinely utilize internet search engines or social network searches to obtain information about job applicants. A survey of 2,184 hiring managers and human resource professionals conducted by the online employment website CareerBuilder.com revealed that 39% use social networking sites to research job candidates. Of the group who used social networks to evaluate job applicants, 43% found content on a social networking site that caused them to not hire a candidate, whereas only 19% found information that that has caused them to hire a candidate. The top reasons for rejecting a candidate based on information gleaned from social networking sites were provocative or inappropriate photos/information, including information about the job applicants’ history of substance abuse. This should not come as a surprise to job applicants in the US. After all, it is not uncommon for employers to invade the privacy of job applicants by conducting extensive background searches, ranging from the applicant’s employment history and credit rating to checking up on any history of lawsuits or run-ins with law enforcement agencies. Some employers also require drug testing of job applicants. The internet and social networking websites merely offer employers an additional array of tools to scrutinize their applicants. But how do we feel about digital sleuthing when it comes to relationship that is very different than the employer-applicant relationship – one which is characterized by profound trust, intimacy and respect, such as the relationship between healthcare providers and their patients?


The Hastings Center Report is a peer-reviewed academic bioethics journal which discusses the ethics of “Googling a Patient” in its most recent issue. It first describes a specific case of a twenty-six year old patient who sees a surgeon and requests a prophylactic mastectomy of both breasts. She says that she does not have breast cancer yet, but that her family is at very high risk for cancer. Her mother, sister, aunts, and a cousin have all had breast cancer; a teenage cousin had ovarian cancer at the age of nineteen; and that her brother was treated for esophageal cancer at the age of fifteen. She also says that she herself has suffered from a form of skin cancer (melanoma) at the age of twenty-five and that she wants to undergo the removal of her breasts without further workup because she wants to avoid developing breast cancer. She says that her prior mammogram had already shown abnormalities and she had been told by another surgeon that she needed the mastectomy.

Such prophylactic mastectomies, i.e. removal of both breasts, are indeed performed if young women are considered to be at very high risk for breast cancer based on their genetic profile and family history. The patient’s family history – her mother, sister and aunts being diagnosed with breast cancer – are indicative of a very high risk, but other aspects of the history such as her brother developing esophageal cancer at the age of fifteen are rather unusual. The surgeon confers with the patient’s primary care physician prior to performing the mastectomy and is puzzled by the fact that the primary care physician cannot confirm many of the claims made by the patient regarding her prior medical history or her family history. The physicians find no evidence of the patient ever having been diagnosed with a melanoma and they also cannot find documentation of the prior workup. The surgeon then asks a genetic counselor to meet with the patient and help resolve the discrepancies. During the evaluation process, the genetic counselor decides to ‘google’ the patient.

The genetic counselor finds two Facebook pages that are linked to the patient. One page appears to be a personal profile of the patient, stating that in addition to battling stage four melanoma (a very advanced stage of skin cancer with very low survival rates), she has recently been diagnosed with breast cancer. She also provides a link to a website soliciting donations to attend a summit for young cancer patients. The other Facebook page shows multiple pictures of the patient with a bald head, suggesting that she is undergoing chemotherapy, which is obviously not true according to what the genetic counselor and the surgeon have observed. Once this information is forwarded to the surgeon, he decides to cancel the planned surgery. It is not clear why the patient was intent on having the mastectomy and what she would gain from it, but the obtained information from the Facebook pages and the previously noted discrepancies are reason enough for the surgeon to rebuff the patient’s request for the surgery.

 

If you want to learn more about how ethics experts analyzed the situation and how common it is for psychologists enrolled in doctoral programs to use search engines or social networking sites in order to obtain more information about their patients/clients, please read the complete article at 3Quarksdaily.com.