Apps that store sensitive health data aren’t rare any more. Besides the apps from my actual health providers, I’ve used apps that track my weight, my fitness habits, my mental health and my periods. In many cases, the apps are sharing or selling your data, and it’s linked to you — even if you sign up with a dummy email.
How is that possible? Well, first of all, if you use the same fake email everywhere, it still identifies you even if you think of it as fake. When companies swap data, they often want to figure out who’s who, and they match whatever data they have. Even if you manage to use a different throwaway email address for every app, there are other identifiers they can use.
If you log in to anything with a Facebook or Google account, that identifies you. If you provide a phone number — and it isn’t a different burner every time — that identifies you, too.
But even a steady supply of fake emails and phone numbers won’t keep you private. One recent study of depression and smoking cessation apps on both Android and iOS found that some of the apps use device identifiers, which are tied to your actual phone. Another study of Android health apps found that 45 per cent connect device identifiers to your data, and many of these transmit that data without encryption.
Internet ads are so invasive that we can’t blame you for thinking that Facebook is listening to you talk. It’s probably not, but it is helping ad networks track you across the internet and across your apps. Tech public policy expert Chris Yiu recently tweeted 14 different ways that ads follow you around the internet, even when you’re logged out, in incognito, using a different browser, or on a new device.
There isn’t a good solution to this problem yet. Fake emails might help a little, or at least they probably don’t hurt. You can reset your phone’s advertising identifier from time to time, but there are several types of identifier and not all of them are resettable. You can try changing your email or phone number in your health app, but they may still hang on to the data you’ve already entered rather than deleting it.
For now, the best solution may just be to be judicious in your use of health related apps, and aware of the risk.