Rob Dillard

DocwireNews

<p>Mobile health applications (apps) commonly share user data without consent, according to researchers from the University of Sydney, the University of Toronto, and the University of California, who published their <a href="https://www.bmj.com/content/364/bmj.l920">findings</a> in <em>BMJ.</em><p>In this traffic, content, and network analysis, researchers evaluated 24 medicine-related apps that were considered prominent and often downloaded, and that were rated or endorsed by credible organizations. From October to November 2017, researchers used two strategies for identifying apps. The first strategy involved a crawling program that interacted directly with the app store&rsquo;s programming interface and systematically sampled the metadata of the top 100 ranked free and paid apps in the Medical store category on Google Play across four countries (United Kingdom, United States, Australia, and Canada) on a weekly basis. In the researcher&rsquo;s second strategy, they screened for recommended or endorsed apps on the website of an Australian medicine-related non-profit organization, a curated health app library, a published systematic review, and personal networks of practicing pharmacists.</p><p>Researchers discerned privacy leaks using a technique called Differential Traffic Analysis. &ldquo;The idea is to capture a baseline of the normal network data that an app causes, and then change privacy-related settings in the app,&rdquo; said Dr. Ralph Holz from the University of Sydney&rsquo;s School of Computer Science, and co-author of this study, in a <a href="https://www.eurekalert.org/pub_releases/2019-03/uos-dsb031919.php">press release</a>. &nbsp;&ldquo;The places where the new settings turn up in any fresh network data shows us where and to whom the app is leaking it.&rdquo;</p><blockquote class="twitter-tweet" data-width="500" data-dnt="true">
<p lang="en" dir="ltr">&#128488; <a href="https://t.co/FAQEPz0hyw">https://t.co/FAQEPz0hyw</a> Data sharing by popular health apps is &ldquo;routine&rdquo;, research finds &ndash; News &ndash; The University of Sydney <a href="https://t.co/VT0kDXpsvQ">https://t.co/VT0kDXpsvQ</a> <a href="https://t.co/hDd4FnD4Hp">pic.twitter.com/hDd4FnD4Hp</a></p>
<p>&mdash; Blockchain Decoders (@b_decoders) <a href="https://twitter.com/b_decoders/status/1108653865585377281?ref_src=twsrc%5Etfw">March 21, 2019</a></p>
</blockquote><p><script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script></p><h2><strong>Results Suggest High Privacy Risks</strong></h2><p>According to the study&rsquo;s results, 79% (n=19) of the sampled apps shared user data. Moreover, 55 unique entities, owned by 46 parent companies, received or processed app user data, including parent companies (first party) and service providers (third party), while 33% (n=18) supplied infrastructure-related resources such as cloud services. Additionally, 67% (n=37) entities provided services related to the aggregation of user data, including analytics or advertising, suggesting elevated privacy risks.</p><p>Furthermore, network analysis revealed that first and third parties received an average of three unique transmissions of user data. Third parties advertised having the capability of sharing user data with 216 &ldquo;fourth parties,&rdquo; and within this network, 237 entities had access to a median of three unique transmissions of user data. Several companies occupied central positions within the network and possessed the ability to collect and re-identify user data.</p><blockquote class="twitter-tweet" data-width="500" data-dnt="true">
<p lang="en" dir="ltr">Unregulated, non-transparent data sharing by popular health apps is &ldquo;routine&rdquo;, research finds <a href="https://t.co/0d5IJVTNI8">https://t.co/0d5IJVTNI8</a> <a href="https://twitter.com/hashtag/privacy?src=hash&amp;ref_src=twsrc%5Etfw">#privacy</a> <a href="https://twitter.com/hashtag/security?src=hash&amp;ref_src=twsrc%5Etfw">#security</a> <a href="https://twitter.com/hashtag/hipaa?src=hash&amp;ref_src=twsrc%5Etfw">#hipaa</a> <a href="https://twitter.com/hashtag/GDPR?src=hash&amp;ref_src=twsrc%5Etfw">#GDPR</a> <a href="https://twitter.com/hashtag/Health?src=hash&amp;ref_src=twsrc%5Etfw">#Health</a> <a href="https://t.co/k47wX05iRe">pic.twitter.com/k47wX05iRe</a></p>
<p>&mdash; Joel Selanikio (@jselanikio) <a href="https://twitter.com/jselanikio/status/1108725907202682881?ref_src=twsrc%5Etfw">March 21, 2019</a></p>
</blockquote><p><script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script></p><h2><strong>Increased Vigilance Is Needed</strong></h2><p>&ldquo;Privacy regulators should consider that loss of privacy is not a fair cost for the use of digital health services,&rdquo; said assistant professor Quinn Grundy of the University of Toronto and University of Sydney School of Pharmacy, Charles Perkins Centre, and lead author of the study. &ldquo;Most health apps fail to provide privacy assurances or transparency around data sharing practices.&rdquo;</p><p>While it&rsquo;s inconclusive if iOS apps share user data, and if medicines-related apps share data at a rate more or less than other health apps, these findings remain troubling, according to Grundy, who added, &ldquo;user data collected from apps providing medicines information or support may also be particularly attractive to cybercriminals or commercial data brokers.&rdquo;</p><p>Grundy implores health care professionals to be vigilant when using these apps and said that they &ldquo;need to be aware of privacy risks in their own use of apps and, when recommending apps, explain the potential for loss of privacy as part of informed consent.&rdquo;</p><blockquote class="twitter-tweet" data-width="500" data-dnt="true">
<p lang="en" dir="ltr">Data sharing by popular health apps is 'routine,' research finds <a href="https://twitter.com/hashtag/DigitalHealth?src=hash&amp;ref_src=twsrc%5Etfw">#DigitalHealth</a> <a href="https://twitter.com/hashtag/Healthcare?src=hash&amp;ref_src=twsrc%5Etfw">#Healthcare</a> <a href="https://twitter.com/hashtag/PrecisionMedicine?src=hash&amp;ref_src=twsrc%5Etfw">#PrecisionMedicine</a> <a href="https://twitter.com/hashtag/BigDATA?src=hash&amp;ref_src=twsrc%5Etfw">#BigDATA</a> <a href="https://twitter.com/hashtag/Privacy?src=hash&amp;ref_src=twsrc%5Etfw">#Privacy</a> <a href="https://twitter.com/hashtag/cybersecurity?src=hash&amp;ref_src=twsrc%5Etfw">#cybersecurity</a> <a href="https://t.co/sIJ0VXyw6X">https://t.co/sIJ0VXyw6X</a> <a href="https://t.co/hqEBSO0QAt">pic.twitter.com/hqEBSO0QAt</a></p>
<p>&mdash; Dr. Thomas Wilckens (@Thomas_Wilckens) <a href="https://twitter.com/Thomas_Wilckens/status/1109019398227005441?ref_src=twsrc%5Etfw">March 22, 2019</a></p>
</blockquote><p><script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script></p></p>


Bradley Marder, MD

Joel M. Topf, MD, FACP

Gout Studies: Transplant Waitlisting and Bone Erosion

NKF Spring Clinical Meetings 2025

Jayme Locke, MD, MPH

The Promise of Xenotransplantation

Leah Lawrence

Real-World Data Backs Invasive DFS as Surrogate Endpoint for OS in EBC

HR Breast Cancer

Latest News

Sharing of User Data Is ‘Routine’ Among Prominent Mobile Health Applications

Telemedicine

Mobile health applications (apps) commonly share user data without consent, according to researchers from the University of Sydney, the University of Toronto, and the ...

About Us

Editorial Policy

Advertising

Contact Us

eNewsletters

Contribute

Career Center

MashupMD

Blood Cancers Today

Cancer Nursing Today

GU Oncology Now

Urban Health Today

Bile Duct Cancer

Colorectal Cancer

Gastroesophageal Cancer

Gastric Cancer

GEP-NETs

GIST

Liver Cancer

Pancreatic Cancer

GI Oncology Now

Anemia

Deep Vein Thrombosis

Essential Thrombocythemia

Hemophilia

Immune Thrombocytopenic Purpura

Myelodysplastic Syndromes

Myelofibrosis

Myeloproliferative Neoplasms

Polycythemia Vera

Pulmonary Embolism

Sickle Cell Disease

Thrombocytopenia

Thrombophilia

Thrombosis

Thrombotic Thrombocytopenic Purpura

Venous Thromboembolism

von Willebrand Disease

Heme Today

Acute Kidney Injury

ADPKD

Anemia and Kidney Disease

Chronic Kidney Disease

COVID-19 and Kidney Disease

Diabetes and Hypertension

End-Stage Renal Disease

Gout

Hyperkalemia

IgAN

Kidney Transplantation

Metabolic Acidosis

Nephrology Times

HER2 Breast Cancer

Triple-Negative Breast Cancer

Genetics & Breast Cancer

Breast Cancers Today

Atherosclerotic Disease

Atrial Fibrillation

Heart Failure

Hypertension

Interventional Cardiology

Lipid Management

Practice Tips With Dr. Lichaa

Preventive Cardiology

Stroke

Cardiology

Breast Cancer

Gynecologic Cancer

Head and Neck Cancer

Skin Cancer

Oncology

Sleep

Urology

Diabetes

Ophthalmology

— Demodex Blepharitis

Neurology

Rheumatology

Gastroenterology

Pulmonology

Infectious Diseases

— HIV

Health and Wellness

Lupus

Future of Medicine

Orthopedics

Pharmacology

Career News

More

Conferences

CardioNerds

The Sleep Source With Dr. Morse

Rheumatology Rounds With Dr. Maheswaranathan

Partners

Expert Interviews

Subscribe