Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Privacy Technology

A Researcher Tried To Buy Mental Health Data. It Was Surprisingly Easy. (nbcnews.com) 30

Posted by msmash from the privacy-woes dept.
Sensitive mental health data is for sale by little-known data brokers, at times for a few hundred dollars and with little effort to hide personal information such as names and addresses, according to research released Monday. From a report: The research, conducted over the span of two months at Duke University's Sanford School of Public Policy, which studies the ecosystem of companies buying and selling personal data, consisted of asking 37 data brokers for bulk data on people's mental health. Eleven of them agreed to sell information that identified people by issues, including depression, anxiety and bipolar disorder, and often sorted them by demographic information such as age, race, credit score and location.

The researchers did not buy the data, but in many cases received free samples to prove that the broker was legitimate, a common industry practice. The study doesn't name the data brokers. Some of the brokers were particularly cavalier with sensitive data. One made no demands on how information it sold was used and advertised that it could offer names and addresses of people with "depression, bipolar disorder, anxiety issues, panic disorder, cancer, post-traumatic stress disorder, obsessive-compulsive disorder and personality disorder, as well as individuals who have had strokes and data on theirs races and ethnicities," the report found. "[T]he industry appears to lack a set of best practices for handling individuals' mental health data, particularly in the areas of privacy and buyer vetting." the report found.
This discussion has been archived. No new comments can be posted.

A Researcher Tried To Buy Mental Health Data. It Was Surprisingly Easy. More

A Researcher Tried To Buy Mental Health Data. It Was Surprisingly Easy.

Comments Filter:

  • Makes sense (Score:5, Insightful)

    by saloomy ( 2817221 ) on Monday February 13, 2023 @03:14PM (#63290011)
    Data is practically currency at this point. Consider the largest firms in the world. What do they have and what do they sell? Half of it is data about people.
    • Remove practically. Data is currency. TV makers have been subsidizing your costs by selling your data. Apple can opt out all they want. But whatever goes across the screen or mic of your tv. Is sold Daily. App makers are adding permissions to basically scrape your health data from your phone. They arent held by HIPA. They are âoebrokeringâan âoeanonymousâ data set.

  • The moral of that story is... (Score:5, Insightful)

    by javaman235 ( 461502 ) on Monday February 13, 2023 @03:15PM (#63290019)

    If you are having symptoms, do not seek help, it will be used against you.

    This is why HIPAA exists, it is larger than mental health. Would people get transmissible diseases if they knew the diagnosis of them could make lose their jobs? Medical privacy is a part of effective medicine.

    • meant "Would people get transmissible diseases treated". Slashdot needs an edit button.

    • Online streaming seems to be saturated with cut rate pill mills and cheap insurance offers. I imagine that the real business model of these are data mining, at the edge of what the law allows. So the moral is if the only medical care one can afford is paid for with your data it might be reasonable. Much more reasonable than trading your kids future fir image storage.

    • If you are having symptoms, do not seek help, it will be used against you.

      That's exactly correct. If you ask for help with mental health in the USA, it's proof that you need help with your mental health, because you're fucking crazy.

      California and New York are both planning to subject the homeless to involuntary "medical care", and every week several thousand more layoffs are announced. We should all suffer from anxiety at this point, but some are suffering from cognitive dissonance instead.

    • I would imagine a lot of this data can be inferred from things like social media data, or transaction data.
  • Awesome... so where can I get a list of all the people that have used the 988 emergency line? No HIPAA violation, there, right?

    • If they call it from their cellphone, their antenna is already blasting all the info you need.

    • Re:Simple solution (Score:5, Insightful)

      by sound+vision ( 884283 ) on Monday February 13, 2023 @05:19PM (#63290377) Journal

      HIPAA isn't what people think it is. It only applies to certain entities, generally healthcare providers, and not even all of those in all circumstances.

      It would be interesting to see where they are mining this information. I'm sure it's multiple sources. Some of it probably comes from the Goog and the socials, but I'm sure a lot of it is coming from the healthcare industry itself. If not hospitals directly, then some vendors that they use.

      Strong data privacy laws are the only way to fix this. HIPAA isn't it.

      • I suspect there are two main sources: (a) insurance companies, and (b) pharmacy companies. Insurance companies know the ICD (diagnosis) codes for you, while pharmacies obviously know what drugs you use.

        In addition, many providers use 3rd party services to send you texts or email reminders. I wonder what it means when a psychiatrist is sending you appointment reminders.

  • The problem (Score:3)

    by wakeboarder ( 2695839 ) on Monday February 13, 2023 @05:28PM (#63290401)
    is web data aggregators and people stupid enough to let them integrate their filthy data claws into their websites. It's crazy to me how many companies allow this and how many consumers are blind to it. If you run a javascript blocker it really becomes apparent how many people are analyzing your web traffic, and they make boatloads off of selling the data.

    The thing that its the most disturbing to me is the medical websites that do this. But I also don't want people to know every faucet of my life. Web data aggregators know everything about you. Any life event, death, birth, marriage or divorce, any health issue. And all because people are to stupid to know how the web works and don't care if their information is given away, or don't care enough to think more than: "That's weird why am I getting ads for X, how did they know?".
    • You are aware that Slashdot aggregates your ID, IP, browser, comments and computer config, and sells it to anyone who will pay? You do know that, right? Mention Ford trucks and you get ads for, oh crap!
      • Yeah, but you know who is not tracking me on slashdot? taboola, pro-market.net, google-analytics, jobbio.net, chipstatic and btloader. I'm fine if slashdot has my info, they also have more info than that with my username.

  • it does have my name on it, I think it belongs to me. I know, crazy right?

  • Just donâ(TM)t get treated. If medical data is for sale, what else might be? Perhaps intentional misdiagnosis could be had for a price. Maybe they could sell psychosis or other mental illness inducing substances to demonstrate targets that are otherwise healthy people require involuntary treatment. Or what if psychoinformatics from this dataset helps another Cambridge Analytica? Was leveraging research into the proclivities of serial killers effective when used with all that yummy data? Itâ(TM)s v

  • because some dumb startups thought it would be a good idea to store medical data in public blockchains.

  • Expect the housing baron to rubber stamp [LOON] on the application because you suffered a documented severe 'bout of depression,

      Nothing good can come out of any of this.

  • Cardiomyopathy is a disease in which the myocardium suffers. It is accompanied by various structural and functional disorders of the heart and can lead to the development of arrhythmia, heart failure, and other complications. My father faced this disease and the main thing is that he did not even suspect the reason. After the examination https://easystd.com/free-std-t... [easystd.com] the main cause of this disease was discovered in him and now the father is being treated

Slashdot Top Deals

2.4 statute miles of surgical tubing at Yale U. = 1 I.V.League

Close