Published in IoT

Medical apps too wide open

by on14 October 2019

Sharing too much data 

A study in the British Medical Journal that looked at 24 of the 100s of medical apps available on Google Play found that 79 percent pass all sorts of user info -- including sensitive medical info like your reported symptoms are and which medications you are taking in some cases -- on to third and fourth parties


A German-made and apparently very popular medical app named Ada was found to share user data with trackers like Facebook, Adjust and Amplitude for example.

The study said: "19/24 (79 percent) of sampled apps shared user data. 55 unique entities, owned by 46 parent companies, received or processed app user data, including developers and parent companies (first parties) and service providers (third parties).

More than 33 percent provided infrastructure related services such as cloud services and 67 percent provided services related to the collection and analysis of user data, including analytics or advertising, suggesting heightened privacy risks.

Network analysis revealed that first and third parties received a median of three (interquartile range 1-6, range 1-24) unique transmissions of user data.

Third parties advertised the ability to share user data with 216 "fourth parties" and within this network (n=237), entities had access to a median of 3 (interquartile range 1-11, range 1-140) unique transmissions of user data. Several companies occupied central positions within the network with the ability to aggregate and re-identify user data.

Last modified on 14 October 2019
Rate this item
(0 votes)

Read more about: