Nine out of ten health apps collect personal data about their users, according to a recent global study.
In recent years, Internet privacy has become an increasingly important topic for countries and users. This is reflected, for example, by implementing the GDPR, as well as by the recent arrival of an option to refuse all cookies from a website. Through a new global study relayed by The Guardian newspaper, we now learn that health applications collect the personal data of their users extensively.
Published in the British Medical Journal, the study highlighted the results of an in-depth analysis of over 20,000 health applications on the Google Play Store application store. The work initially underlines that health applications today have a wide range of functions, “from health management and symptom checking to step and calorie counters, in particular. through period tracking devices”. However, these applications raise several issues around the confidentiality of personal data “ because of the sensitive information they can access, the use of a business model focused on selling subscriptions or sharing user data, and the lack of enforcement of privacy standards around the world,” explain Researchers.
The results of the study thus show that 88% of the health applications analyzed (18,472 out of 20,991) are likely to collect personal data. Muhammad Ikram, lecturer at Macquarie University Cyber Security Hub, explains in part that these services use “tracking IDs and cookies to track user activity on mobile devices, and some of these apps actually use tracking on different platforms.” .
The researchers add that “most data collection operations in app code and data transmissions in app traffic involve external service providers (third parties).” The latter are also responsible for most of the data collection operations. 3.9% (616) of health apps provided personal information to a third party, typically name and location data.
Other important facts to note are that 28.1% (5,903) of health applications did not provide the Google Play Store with their privacy statement regarding the collection of personal data. This is against the policy of the app store. Finally, the study states that 47% (1,479) of user data transmissions complied with the privacy policy.
“This analysis revealed serious privacy concerns and inconsistent privacy practices in healthcare applications. Clinicians should know this and expose it to patients when determining the benefits and risks of health applications,” the study concludes.
