Consequences of Data Sharing Gone Wrong
#INVESTIGATION | It's easy to avoid policing our data when the consequences aren't immediately obvious, but when it does goes wrong the results can be devastating...especially for our kids...
My friend’s teen was exploring online options for working through what she thought might be a mental health issue. But instead of feeling empowered she was devastated to find endless commercials for the condition play on commercial breaks while watching a movie with her family via a streaming service. The teen had only told her mom about her struggles, but was still burning with embarrassment as she sat with her siblings.
This, of course, is what modern digital marketing looks like. But many of us aren’t sufficiently prepared for these potential pitfalls when we start to explore more sensitive issues online.
Weighing the Opportunities and Risks
Accessing medical and mental health resources in the digital realm has been transformative in so many ways. It should be celebrated. But that doesn’t mean it’s not potentially exploited for commercial gain (or worse). Many of us are somewhat familiar with HIPAA laws which protect our medical information; but it’s usually “around the edges” where we find the problems. A great example can be found here:
What are the Consequences?
Many parents have asked, quite fairly, “what is the worst case scenario?”
First, it’s important for all of us to familiarize ourselves with a company’s privacy policies. The policy will state what information is subject to which treatment. It may be opaque or confusing, and definitely very long, but look closely and you’ll see exactly what you need to start making decisions.
It’s also critical to know outside of marketing, that there are a number of ways certain information can be shared legally, including via insurance claims, in court proceedings, in law enforcement investigations, and even for research and AI training.
With respect to the education example I shared above, in many situations and variable by state, data secured at schools comes with additional protections. We should also be able to trust our local representatives to follow through on these protections.
So let’s dig in a bit more on marketing & criminal data breaches.
Data for “Marketing Purposes”
Back to the example in the opening of this article, yes, when you enter sensitive information in certain ways and on browsers such as Chrome (although you can tighten the security settings a bit), you may find related ads turning up everywhere — from Instagram and Snapchat to TikTok, Hulu, Peacock, Sling and more.
This information may make its way into insurance policy decisions and other verticals where they take mental health into consideration.
But here is the most important point: this does not mean you should not access healthcare online. It just means you need to understand what trackers are in the browser you use, how “free” services such as your email may infer and collect data, and other ways data is also collected during the signing up process. It’s also important to be clear regarding which aspects of a service would be considered “marketing” versus HIPAA protected information.
Also remember to actively seek to have your data deleted when you no long require a service. Companies may change hands, dissolve or fact a hack and it’s a good practice to go through and “close and delete” information when done.
What About Breaches?
Cyber crime should be the most unsettling consequence no matter the data collected. And criminal interest in gaining our data is the very reason we should be cautious, diligent and aware of data sharing. It’s also why we need to get more involved with policy and better understand the individual practices/laws/rules at places our children frequent such as schools. Examples include:
Blackmail and Extortion
Sensitive information could be used to blackmail individuals or organizations in increasingly sophisticated ways. Mental health information could play a more distressing part in the creation of deepfake content too. For example, the FTC has warned families of distressing phone calls where the person on the other end says they have your child or loved one (and you hear that person’s voice via AI technology replicating their voice). The more sensitive, and specific the information a criminal has, the more believable these scams could become.
Teens can, of course, also face distress and humiliation, bullying and other terrible consequences of unsecured and easily accessed information becoming more publicly available.
Identify Theft
Comprehensive health profile information could be used to commit sophisticated identity theft. Our children are facing a future where more and more of their data has been compromised and there is a very real risk that this will roll forward causing them to face identity theft in adulthood.
But we can start now but staying on top of every way our kids share data online and getting control on the details. Decide with your children what is “worth it” and what is not. Then start to tighten all of the security around what you choose to keep.
Discrimination
Finally, leaked mental health data could lead to discrimination in various aspects of life, from employment to personal relationships. It’s an additional weight that no one needs. But we can fight it.
What’s the Takeaway?
Pay attention. Don’t shrug your shoulders and decide that there is nothing you can do. Often it takes just one thing — a call to your school about an app that isn’t protecting kids well enough, or committing to stronger passwords, and even a weekend spent together writing companies asking for your information to be deleted and accounts closed.
We aren’t victims, we are powerful. And this one is just about keeping our eyes open and being proactive, not reactive when living our lives online.