Most people have at least a vague sense that someone somewhere is doing mischief with the data footprints created by their online activities: Maybe their use of an app is allowing that company to build a profile of their habits, or maybe they keep getting followed by creepy ads.
It’s more than a feeling. Many companies in the health tech sector — which provides services that range from mental health counseling to shipping attention-deficit/hyperactivity disorder pills through the mail — have shockingly leaky privacy practices.
A guide released this month by the Mozilla Foundation found that 26 of 32 mental health apps had lax safeguards. Analysts from the foundation documented numerous weaknesses in their privacy practices.
Jen Caltrider, the leader of Mozilla’s project, said the privacy policies of apps she used to practice drumming were scarcely different from the policies of the mental health apps the foundation reviewed — despite the far greater sensitivity of what the latter records.
“I don’t care if someone knows I practice drums twice a week, but I do care if someone knows I visit the therapist twice a week,” she said. “This personal data is just another pot of gold to them, to their investors.”
The stakes have become increasingly urgent in the public mind. Apps used by women, such as period trackers and other types of fertility-management technology, are now a focus of concern with the potential overturning o …