Late last month a European study found that 80% of health apps tested, did not
follow well-known practices and guidelines, not even legal restrictions imposed by contemporary data protection regulations, thus jeopardizing the privacy of millions of users.
Health apps encourage us to enter personal data from weight targets, exercise routes and x-rays.
This isn’t about buying a free app with your personal data. It is much worse. This is a simple lack of concern, understanding or attention to the privacy of ‘customers’. Let us count the ways:
- Only 20% of the apps stored personal data on the users’ phones, which affords the most protection. The remaining 80% shared the data with third parties (reading between the lines this means server farms, not companies set up to exploit the data)
- And only half of the apps that uploaded data to the intranet did so securely, i.e. using https – though all that means is that the recipient has bought a readily available SSL certificate
- More than half the apps use a URL link to send data, making it potentially available to anyone who works out the URL
- Many of the apps demand access to functionality – such as Bluetooth, contacts and camera – they don’t need
You might argue that you get what you pay for and a free app can’t be expected to invest in privacy. But these are legal requirements and easy to get right.
Most surprisingly the apps tested weren’t the strange unloved apps at the bottom of the list. All had at least 100,000 downloads (some 10 million). And they were all rated 3.5/5 or higher.
If you are using a health app, now is the time to find out whether it protects your personal data. If you process personal data, ask yourself if you adhere to the existing, let alone new, regulations.
- https://eandt.theiet.org/content/articles/2018/02/many-health-apps-neglect-the-privacy-of-its-users-study-finds/?utm_source=Adestra&utm_campaign=New%20EandT%20News%20-%20Automation%20FINAL%20-%20MEMBER&utm_medium=Newsletters%20-%20E%26T%20News&utm_content=E%26T%20News%20-%20Members&utm_term=https%3A%2F%2Feandt.theiet.org%2Fcontent%2Farticles%2F2018%2F02%2Fmany-health-apps-neglect-the-privacy-of-its-users-study-finds%2F – only available to IET members