‘Creepy’ Mental Health And Prayer Apps Are Sharing Your Personal Data


'Creepy' Mental Health And Prayer Apps Are Sharing Your Personal Data

A review of mental health and prayer apps has concluded that they offer poorer privacy and security than any other type of app.

Mozilla’s investigation of 32 mental health and prayer apps, including Talkspace, Better Help, Calm, and Glorify found that 28 raised strong concerns over user data management, while 25 failed to meet Mozilla’s minimum security standards, such as requiring strong passwords and managing security updates and vulnerabilities.

Despite dealing with sensitive issues — depression, anxiety, suicidal thoughts, domestic violence, eating disorders and PTSD — these apps routinely share data, allow weak passwords, target vulnerable users with personalized ads, and feature vague and poorly written privacy policies. Some harvest additional data from third-party platforms such as Facebook, from elsewhere on users’ phones or from data brokers.

“The vast majority of mental health and prayer apps are exceptionally creepy. They track, share, and capitalize on users’ most intimate personal thoughts and feelings, like moods, mental state, and biometric data,” says Jen Caltrider, Mozilla’s ‘Privacy Not Included’ lead.

“Turns out, researching mental health apps is not good for your mental health, as it reveals how negligent and craven these companies can be with our most intimate personal information.”

The six worst offenders, according to Mozilla, are Better Help, Youper, Woebot, Better Stop Suicide, Pray.com, and Talkspace. Youper, Pray.com and Woebot were found to be sharing personal information with third parties, while Talkspace even collects chat transcripts.

Meanwhile, at least eight apps allowed weak passwords ranging from “1” to “11111111″.

The only two apps found to be protecting data responsibly were TSD Coach, an app created by the US Department of Veterans Affairs and the AI chatbot Wysa.

Mozilla warns that parents of kids and teens should be particularly wary, as many mental health and prayer apps target this market.

“When teens share information on these apps, it could be leaked, hacked, or used to target them with personalized ads and marketing for years to come,” it says.

It’s not the first time that mental health products have been found to be sharing data. Three years ago, Privacy International revealed that more than 97 per cent of the mental health web pages that it examined contained a third-party element such as third-party cookies, third-party JavaScript or an image hosted on a third-party server. More than three quarters contained third-party trackers for marketing purposes.

“Hundreds of millions of dollars are being invested in these apps despite their flaws. In some cases, they operate like data-sucking machines with a mental health app veneer,” says Mozilla researcher Misha Rykov. “In other words, a wolf in sheep’s clothing.”


Source link