“ Premom broke its hope and compromise consumers ’ privateness , ” said Samuel Levine , theater director of the FTC ’s Bureau of Consumer Protection , in apress releaseWednesday . “ We will smartly impose the Health Breach Notification Rule to fend for consumer ’s health data point from exploitation . Companies collecting this information should be cognisant that the FTC will not permit wellness privateness abuse . ”
The Department of Justice charge a proposed guild on behalf of the FTC which ban Easy Healthcare Corporation , which operates the Premom app , from sharing health data point with third political party advertising troupe . Easy Health would also have to get consent before sharing any other data , and it would have to let substance abuser know about all of its privacy practices ( which , one hopes , will be less gross going forward ) . The order has to be approved by a judge before it goes into effect .
The secure tidings is Premom is the only company that would ever do something like this . Just kidding ! It is passing common for society to portion out users ’ health datum . In 2021 , the FTC decide a similar casing with period trackerFlo Health . ( Flo now has an optional “ anon. mode,”which is n’t really anonymous . ) Other period trackers havesimilar problems , not to mentionmental health apps . The FTC took a similaraction against GoodRX , a prescription medicine coupon outfit that was just as easy with drug user data . If you ’re curious what happens to all that data , why not revisitGizmodo ’s 2022 investigation , which found 32 data point brokers selling 2.9 billion profiles ’ worth of pregnancy data , right on after the Supreme Court said it ’s ok to make miscarriage illegal .
Image: Premom
Reached for comment , Easy Health pointed to astatementon its website . “ We recently gain a settlement with the FTC . Our agreement with the FTC is not an admission price of any wrongdoing , ” Premom write . “ quietus control that we do not , and will not , ever betray any data about users ’ health to third party , nor do we share it for advertizing purposes . ” observe that these guarantees are cautiously written in the present tense , make believe no mention of whether or not Premom did this in the past . The company wrote it keeps its promises to drug user .
Here ’s a weird , sad fact about health privacy in the United States : we do n’t have much of it . Until recently , the police force leave a gaping hole that medical data hoarders waltzed through for ten . HIPAA , the law formerly known as the Health Information Portability and Accountability Act , does not protect youthe way you think it does . Basically , HIPAA only apply to healthcare provider ( doctor and nurses , mostly ) , insurance companies , and their business enterprise associates . Anyone else , like a menses tracking app , Google , WebMD , and most other sorry apps and site where you give up health details were gratuitous to do whatever they desire with the most personal entropy about your life .
Sound bad ? The FTC thinks so . That ’s why it ’s been try out with a young sound theory tolay the smackdown on graverobber who violate your wellness privacy .
A few years ago , the FTC made a novel rule about health breach notifications . The rule say company that have health records have to say consumer , and in some suit the media , when there ’s “ unauthorized access ” to that health information . At the time , it seemed like this law was geared towards data break , i.e. hacking or other unintentional leaks .
But in February , the FTC made a bold arguing . The commission said it counts as a “ breach ” when companies share wellness entropy with advertizement companies without your consent . It ’s essentiallya pro - consumer power grabwhich gives the FTC the authority to prevail in health privacy wrongdoer . Much to this newsman ’s delight , the FTC based its move on an investigation I didon GoodRXfor Consumer Reports back in 2020 , survey bya standardised study in Gizmodo .
This sound argument is , however , a bit of a stretch . If GoodRX or Premom ’s owner Easy Health want to fight , they could take the FTC to court and argue that the Health Breach Notification Rule ( capitalized for formality ) does n’t apply in this position . The FTC could very well lose a case like that , acquire us back to the aesculapian data point feeding fury status quo .
But GoodRX and Premom did n’t gainsay the government , belike because the FTC tie such a diminished amercement to these problems that it bring in more sense for the company to just roll over . ( It might also be a bad look to pass eld in court of justice arguing in favour of your creepazoid seclusion drill ) . The FTC dong GoodRX just $ 1.5 million dollars , a measly 0.2 % of GoodRx ’s $ 745 million 2021 revenue . In its late proposed ordination , Premom owner Easy Health would pay an impotent $ 100,000 fine . The FTC said Easy Health also tally to pay $ 100,000 to Connecticut , Washington , DC , and Oregon , which worked with the FTC on the case , for violating their respective laws .
In other words , the FTC looks like ready an example out of this wellness privacy bozo behavior , go under a common law to give itself more authority , and attempting to scare away other companies into treating people ’s medical data with the regard they take up they already have . In central , the FTC is sacrificing meaningful fines , permit GoodRX and Easy Health sneak by with a smack on the radiocarpal joint and some unfit insistency .
Update , May 18 , 2:28 phase modulation EST : This tale has been update with a remark from Premom .
Corporate crimeGoogleInternet privacyPrivacy lawSecurity
Daily Newsletter
Get the dependable technical school , scientific discipline , and culture news show in your inbox day by day .
News from the future , delivered to your nowadays .
Please take your desired newssheet and give in your email to promote your inbox .
You May Also Like
