back to article Free health apps laugh in the face of privacy, sell your wheezing data

Free health tracker apps pose a severe privacy risk, security researchers warn. Developers frequently neglect data protection and, worse, intentionally lure in users with free health gimmicks in order to monetise their data. Other sharp practices uncovered by the researchers include unsecured data transmission and ad tracking …

  1. Steve Davies 3 Silver badge

    If enough people

    use their site/app and give totally wrong data including address and name, the dataset they sell will be so innaccurate that they won't find a market for it long term.

    Would require a lot of people to actually troll their site. You'd have to be careful NOT to use a real person's Id though. That might be a tad illegal.

    This is just a thought. I'm not proposing that anyone does this natrually. That would be a conspiracy.

    There is no such thing as a free lunch. If this type of app is free then there is a cost but you just don't know it yet.

    1. frank ly

      Re: If enough people

      I've told my Health-Track-O-Tron app that I have low blood pressure, rabies and bubonic plague. I'm waiting for adverts for pills to see what it comes up with.

      1. Anonymous Coward
        Anonymous Coward

        Re: If enough people

        Don't forget the clap. Lyme disease is good too. Keep us posted (before you kick it) please.

  2. Your alien overlord - fear me

    Makes you wonder how they got onto the Play store in the first place. You'd think Google would be shit hot by now on apps slurping user data (that is Google's job after all).

    1. Halfmad

      You'd at least think they'd want to stifle the competition for it..

    2. wolfetone Silver badge

      "Makes you wonder how they got onto the Play store in the first place. "

      You assume they check these things. But they don't.

      I submitted an app to the Play store and the App store and - by pure accident - the app was broken. (I uploaded the wrong version). But they happily accepted it and it was published.

      Whats more, when I updated it with the working app you still needed a username and password to access it. So if you didn't have the credentials, all you could do was open it, see a splash screen, and see a form.

  3. Anonymous Coward
    Anonymous Coward

    Why should health apps be different.

    Pretty much all other apps ask for more permissions than they need, presumably to snoop your private data.

    1. Robert Helpmann??
      Big Brother

      Re: Why should health apps be different.

      Beat me to it. I routinely turn off all permissions and only activate those that I feel make sense for the app to have access to. If it breaks, there are plenty of others that do the exact same thing I can use instead. It begs the question why an average device user should have to have sysadmin training to have a reasonable level of privacy.

  4. sebt
    Stop

    Perhaps this is all just first-gen nonsense

    I used to think stories like this (and the zillion other stories like it) meant that the end of civilisation as we know it was at hand. Beam me up Scotty, there's no intelligent life down here: only a mould-culture of roughly 4 billion proto-sentient lifeforms, happily letting themselves be exploited for the sake of the latest shiny-shiny.

    Sometimes - like today - I feel better about it. I want no part of this IoS nonsense. But maybe this explosion of idiocy is just the first rush; a kind of co-operative act of lunacy between

    1. millions of gullible consumers

    2. startup shops desperate to join the feeding-frenzy with their crappy, Agile-developed little "Apps"; and

    3. greedy and cynical marketing companies.

    As stories like this one pile up, perhaps the bottom will fall out of this pumped-up South Sewer Bubble, and we'll start to get actually useful, properly written, secure applications to use all that network bandwidth.

    Then (1) will - if they can't entirely stop being gullible - at least be gullible about something else. (2) can either start working on these useful, properly-written applications, or do something more useful than what they're doing now (like, for example, picking litter off the streets). In the absence of a B Ark, (3) are never going to go away; but if they can be kept busy staring up their own fundaments with a few of the giant stocks of Smart Internet-Enabled Colonoscopes they've entirely failed to sell, rather than bothering the the rest of us, that would improve life on the planet enormously.

    1. Anonymous Coward
      Anonymous Coward

      Re: Perhaps this is all just first-gen nonsense

      "we'll start to get actually useful, properly written, secure applications to use all that network bandwidth"

      That didn't happen last time, so what makes you think it will be any different this cycle?

      What has been will be again, what has been done will be done again; there is nothing new under the sun.

      1. Stoneshop
        Coffee/keyboard

        Re: Perhaps this is all just first-gen nonsense

        there is nothing new under the sun.

        Tell that to what started as a puddle of coffee under the Ultra 10, now growing blueish-green tendrils and hissing menacingly at the cleaning rag.

  5. Ken Moorhouse Silver badge

    call information were not infrequently requested

    This is presumably so that the app can associate blood pressure spikes with phone calls from the boss, and recommend that another job would benefit your health.

  6. Anonymous Coward
    Anonymous Coward

    Does this mean at some point no health app will mean more expensive insurance or indeed no health app no insurance?

    Seems the logical conclusion albeit wrong.

  7. Anonymous Coward
    Anonymous Coward

    Like solar energy

    suckers are an important, renewable source of economic growth.

  8. fidodogbreath
    Megaphone

    Can this be true?!?!?

    Smart phone apps slurp your private data in order to profile you and sell your information?!?!? Man the clarions! Sound the alarm! We must warn the people about this! Surely if they knew, they would never stand for such a thing.

    ...

    What?

    ...

    Oh. Never mind. And yes, I'll stop calling you Shirley.

  9. Mark 85

    Question...

    Is the data actually going to the App authors or company? Or is it going to Google, Apple, etc.? Or maybe both?

    1. Alistair
      Pint

      Re: Question...

      @Mark 85

      Right idea, wrong TLA.

  10. Gigabob

    The importance of letting Service Providers sell your data is clear

    A case could be made before that any app that touched on personal medical data needed personal authorization to sell. Now your service provider can sell it as part of their seeing all the traffic going to and from your devices to the network. With the legal ability of the carriers to monetize your data - without your permission - it becomes impossible to get a court judgment to slow down this process and install safeguards preventing insurance companies from discriminating against a person who health scores drop for some reason - or an employer seeking to remove an employee with health problems.

    The standards needed to be in place before the monetization gates were opened. Great time to be a data scientist.

    Wish someone would focus their attention on Congress.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like