BetterHelp absorbed sensitive user health data, then gave it to Facebook

BetterHelp, a mental health platform, boomed during the COVID-19 pandemic. It claimed to have helped many – but, as it now turns out, the firm was also sending sensitive user information to data-hungry social media companies.

In the press release, the US Federal Trade Commission (FTC) says BetterHelp users were told by the company that their answers in the provided questionnaire “will stay private between you and your counselor.”

This wasn’t the case, though. The FTC alleges BetterHelp passed its users’ mental health information to social media companies such as Facebook or Snapchat. The latter, of course, find such data useful in order to make money through targeted ads based on it.

BetterHelp is alleged to have compiled lists of visitors' and users' email addresses, which it uploaded to Facebook to match the individuals to their Facebook user accounts. They were then targeted with ads, the 2022 complaint said.

The filing alleges that between 2017 and 2018, Respondent uploaded over 7 million user email addresses to Facebook, which then matched more than 4 million with their social media user IDs, "linking their use of the service for mental health treatment with their Facebook accounts."

According to the FTC, it was “effectively impossible” for users to know that the firm was abusing their personal health information for advertising purposes since BetterHelp was actively concealing these practices.

Moreover, BetterHelp "prominently" displayed a seal that attested to purported compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), a law that outlines privacy and information security protection that residents can expect for their health information.

Unsurprisingly, the Commission has now asked the company to pay $7.8 million and banned it from sharing consumers' health data with advertisers. The money will be used to provide partial refunds to people who signed up and paid for BetterHelp’s services between 2017 and 2020, the FTC said.

"When a person struggling with mental health issues reaches out for help, they do so in a moment of vulnerability and with an expectation that professional counseling services will protect their privacy," said Samuel Levine, director of the FTC's Bureau of Consumer Protection.

"Instead, BetterHelp betrayed consumers' most personal health information for profit. Let this proposed order be a stout reminder that the FTC will prioritize defending Americans' sensitive data from illegal exploitation."

BetterHelp has denied wrongdoing and said in a statement that the settlement is “no admission of wrongdoing.”

“The FTC alleged we used limited, encrypted information to optimize the effectiveness of our advertising campaigns so we could deliver more relevant ads and reach people who may be interested in our services. This industry-standard practice is routinely used by some of the largest health providers, health systems, and healthcare brands,” said BetterHelp.

“Nonetheless, we understand the FTC's desire to set new precedents around consumer marketing, and we are happy to settle this matter with the agency. This settlement, which is no admission of wrongdoing, allows us to continue to focus on our mission to help millions of people around the world get access to quality therapy.”

More from Cybernews:

The Sandbox discloses security breach

Chick-fil-A hacked: customer financial information stolen

Big tech tackles online safety for children and teens with new AI powered apps and controls

WhatsApp business payments approved in Brazil as Meta looks to diversify revenues

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked