Skip to main content

Mental health apps have terrible privacy protections, report finds

Illustration by Alex Castro / The Verge

As a category, mental health apps have worse privacy protections for users than most other types of apps, according to a new analysis from researchers at Mozilla. Prayer apps also had poor privacy standards, the team found.

“The vast majority of mental health and prayer apps are exceptionally creepy,” Jen Caltrider, the Mozilla *Privacy Not Included guide lead, said in a statement. “They track, share, and capitalize on users’ most intimate personal thoughts and feelings, like moods, mental state, and biometric data.”

In the latest iteration of the guide, the team analyzed 32 mental health and prayer apps. Of those apps, 29 were given a “privacy not included” warning label, indicating that the team had concerns about how the app managed user data. The apps are designed for sensitive issues like mental health conditions, yet collect large amounts of personal data under vague privacy policies, the team said in the statement. Most apps also had poor security practices, letting users create accounts with weak passwords despite containing deeply personal information.

The apps with the worst practices, according to Mozilla, are Better Help, Youper, Woebot, Better Stop Suicide, Pray.com, and Talkspace. The AI chatbot Woebot, for example, says it collects information about users from third parties and shares user information for advertising purposes. Therapy provider Talkspace collects user chat transcripts.

The Mozilla team said in a statement that it reached out to the companies behind these apps to ask about their policies multiple times, but only three responded.

In-person, traditional mental health care can be hard for many people to find — most therapists have long waiting lists, and navigating insurance and costs can be a major barrier to care. The problem got worse during the COVID-19 pandemic when more and more people started to need care. Mental health apps sought to fill that void by making resources more accessible and readily available. But that access could come with a privacy tradeoff, the report shows.

“They operate like data-sucking machines with a mental health app veneer,” said Mozilla researcher Misha Rykov in a statement. “In other words: A wolf in sheep’s clothing,”



Source: The Verge

Popular posts from this blog

FCC approves broadband 'nutrition labels' to help you shop for internet

The FCC is pushing nutrition labels for internet providers. What you need to know The FCC has voted to move forward with new rules for ISPs to display nutrition labels. The proposed rulemaking would mandate ISPs to display relevant speed and pricing information to consumers. This should make it easier for consumers to make an informed decision on their broadband. The FCC voted unanimously on a plan that would allow consumers to make better decisions about their broadband internet. The proposal will require internet service providers (ISPs) - including many of the best wireless carriers in the U.S. — to display "nutrition labels" that display relevant service information for consumers at point-of-sale. This includes internet speeds, allowances, and clear information on rates. "If you walk into any grocery store and pull boxes of cereal from the shelves, you can easily compare calories and carbohydrates," FCC Chair Jessica Rosenworcel said in a statemen

Slack’s new integration deal with AWS could also be about tweaking Microsoft

Slack and Amazon announced a big integration late yesterday afternoon. As part of the deal, Slack will use Amazon Chime for its call feature, while reiterating its commitment to use AWS as its preferred cloud provider to run its infrastructure. At the same time, AWS has agreed to use Slack for internal communications. Make no mistake, this is a big deal as the SaaS communications tool increases its ties with AWS, but this agreement could also be about slighting Microsoft and its rival Teams product by making a deal with a cloud rival. In the past Slack CEO Stewart Butterfield has had choice words for Microsoft saying the Redmond technology giant sees his company as an “existential threat.” Whether that’s true or not — Teams is but one piece of a huge technology company — it’s impossible not to look at the deal in this context. Aligning more deeply with AWS sends a message to Microsoft, whose Azure infrastructure services compete with AWS. Butterfield didn’t say that of course

Yandex spins out self-driving car unit from its Uber JV, invests $150M into newco

Self-driving cars are still many years away from becoming a ubiquitous reality, but today one of the bigger efforts to build and develop them is taking a significant step out as part of its strategy to be at the forefront for when they do. Yandex — the publicly-traded Russian tech giant that started as a search engine but has expanded into a number of other, related areas (similar to US counterpart Google) — today announced that it is spinning out its self-driving car unit from MLU BV — a ride-hailing and food delivery joint venture it operates in partnership with Uber. The move comes amid reports that Yandex and Uber were eyeing up an IPO for MLU  last year. At the time, the JV was estimated to be valued at around $7.7 billion. It’s not clear how those plans will have been impacted in recent months, with COVID-19 putting huge pressure on ride-hailing and food-delivery businesses globally, and IPOs generally down compared to a year ago. In that context, spinning out the unit could

Elon Musk sends yet another notice trying to terminate the Twitter deal

Kristen Radtke / The Verge; Getty Images Elon Musk has sent a third letter to Twitter attempting to terminate his $44 billion acquisition of the company . Musk’s legal team cited Twitter’s multimillion dollar severance payment to former security chief and whistleblower Peiter Zatko as a violation of the merger agreement and a reason to end the deal. The letter, dated September 9th, was sent to Twitter’s chief legal officer Vijaya Gadde, and was included in a filing Twitter made with the SEC on Friday (which you can read at the bottom of this article). Last month, Zatko made headlines by accusing Twitter of misleading investors about the number of bots on the service, failing to delete users’ data, and having poor security practices, among other things. Musk jumped on the accusations, citing them in his second termination letter and subpoenaing Zatko to testify in the lawsuit. Zatko was set to be deposed on Friday. Elon Musk sent his first letter of termination in July , say