
How my sexual health searches ended up in the hands of big tech companies - humanetech
https://www.abc.net.au/news/2018-11-23/health-data-shared-with-tech-companies/10521456
======
donjoe
Last week, I got hit by a car while riding my bicycle. You won't believe in
how many colors an upper arm can shine. Anyhow, I took a picture of the arm,
shared it to a friend on WhatsApp and promptly got a newsletter from Pinterest
promoting tattoo posts. I do not have the Pinterest app on my phone, barely
use it otherwise and would never search for tattoos since I'm just not
interested.

I've been trying to find out since then where and how Pinterest might have
gotten my blue/red/yellow/green arm picture from to analyze it, interpret it
and link it to my account. They might be able to search my friend's phone's
pictures (in case he's got the app which I'm not sure) and link the picture
back to my account. Spooky though.

~~~
vadym909
I haven't used Pinterest in years and may have accidentally clicked on a
Pinterest result in Google search results and suddenly started getting all
kinds of desktop popup notifications from them and don't know how or why.

~~~
CJefferson
This is probably chrome desktop notifications. The box to enable them on a
website looks quite a lot like one of those "do you want cookies?" Boxes, so
it's easy to click without thinking about it.

They are (to me) one of the most user-hostile features chrome has added,
because it's non-obvious what they are, and how to disable them. You can
configure them somewhere in settings (I am on my phone right now).

~~~
azza2110
I have the below address bookmarked - easier than digging through menus!

chrome://settings/content/notifications

------
13of40
I had a related thing happen a couple of months ago: I started getting some
lower back pain that I thought might be kidney stones based on a couple of
Google searches. Went to my doctor, who prescribed a muscle relaxant, which I
got at the pharmacy across the street. It went away.

Over the next few weeks I got several robocalls on my cell phone from a pain
clinic offering me relief for my "chronic pain", so it was either triggered by
my online searches or my doctor's office or pharmacy sold off my private
information.

~~~
dwaltrip
Does anyone know how effective incognito mode is at preventing data and
privacy abuses like this? I've been using it more and more, but I imagine
there may some clever ways of tracking even across incognito sessions (or
between incognito and regular).

~~~
chronid
If google is the issue maybe - but I _seriously_ doubt they are the issue:
they sell their ability to target you, and selling your data to third parties
would essentially be against their interest. This kind of FUD has been
repeated ad nauseam here and everywhere in tech sites (against Facebook too
usually), but that's not the way their business model works.

If it's your doctor or your pharmacist, or the shop you bought online (or
offline) something once, incognito will not help at all. They have your
personal information already, the only thing that can stop them is law. The
cause of the robocalls may also have been his medical insurance, if you want
to go full paranoia. :)

Note those shops, the sites you created an account on, the companies those
shops sold your personal data to, all of them can target you with ads on both
facebook and google by using your PI (essentially donating your data to
facebook and google in the process).

~~~
13of40
When I said triggered by my google searches, I mean the sites I clicked on
were able to correlate to my personal details that got collected somewhere
else, not that google sold my details. The thing that makes me suspect the
doctor or pharmacy, though, is that I've done that sort of search in the past,
but I didn't start getting the pill mill calls until I got that prescription.

~~~
darpa_escapee
Read the documents doctors have you sign very carefully.

They often include a waiver that allows them to share your PHI with whomever
they want.

You're under no obligation to allow them to do so.

------
cbanek
> Indeed, large sections of the site's privacy policy were updated overnight.

So basically you get caught, so you change the rules. Companies shouldn't be
able to violate their own privacy policy, or say they can change it at any
time without any warning, especially retroactively - which usually these
things are covered in the privacy policy. What use is that?! Why bother having
a policy at all?

~~~
nitwit005
> Why bother having a policy at all?

Because it's legally required.

------
013a
One of my "wake up" moments was when I searched for the phone number of a
local physical therapy office on Google. Within the day, I started getting
Youtube video recommendations for massage techniques to relieve shoulder pain.

Google and all of its employees who make products like this are on the
absolute wrong side of history. Society will only take so much before
breaking; they need to figure out their business model, and fast.

~~~
jhall1468
> Google and all of its employees who make products like this are on the
> absolute wrong side of history.

A few things:

1\. It takes a fairly high throne to look down on people for their employers
issues.

2\. You assume a great deal about what people are willing to put up with for
free services.

I think you're probably going to be wrong. Most people will whore themselves
out for convenience because they don't care if they get targeted ads in order
to get those free services.

~~~
denerio-a
WRT point 1 - Wait what? You can work for not-not-evil employers now and all
the ethical blame is on the CEO?

> Corporation: an ingenious device for obtaining profit without individual
> responsibility - Bierce

~~~
jhall1468
Bad or good companies are subjective. My family > your ideals. Sorry man, I'm
not going to take a pay cut because of _your_ list of companies that are
subjectively bad.

~~~
denerio-a
I’m struggling to read your comment as anything but a direct and unapologetic
“Fuck you I got mine”.

Are _my rights_ as beneath your family as my ideals? And how does the fact
that you’re not self employed absolve you of this, exactly?

~~~
jhall1468
You don't have "the right" to no targeted advertising. You have every right to
do whatever you legally can to prevent it from happening. Your rights aren't
being violated. If I'm knowingly participating in a violation of your rights,
I'm culpable. If I participate, knowingly or otherwise, in something that
bothers you, you are _exactly_ right fuck you I got mine. I'm not subject to
other peoples belief systems.

~~~
denerio-a
>I’m not subject to other people’s belief systems

You live in a society. Your actions have consequences, and if you can ignore
that to get your fat paycheck then I can certainly judge the shit out of you,
without a very high chair.

The fact that you claim rational discourse has ended when people invoke the
lessons of Nuremberg - “because Godwin’s law” - is a stain on, and reflection
of your own character.

Godwin compares people to Nazis sometime himself you know, when there’s a call
for it. When this many people are calling you on it, maybe you should be
listening a little better..

~~~
jhall1468
> You live in a society. Your actions have consequences, and if you can ignore
> that to get your fat paycheck then I can certainly judge the shit out of
> you, without a very high chair.

My actions don't involve the harm of others, outside of their fragile egos and
obsession with what they think should be their rights. I couldn't possibly
care less about your judgement.

> The fact that you claim rational discourse has ended when people invoke the
> lessons of Nuremberg - “because Godwin’s law” - is a stain on, and
> reflection of your own character.

The fact that you think an argument about a subject with a variety of opinions
deserves comparison to one of the most horrible events in human history is a
reflection on your character.

> Godwin compares people to Nazis sometime himself you know, when there’s a
> call for it. When this many people are calling you on it, maybe you should
> be listening a little better..

It's valid when their behavior is something akin to Nazism. Not very many
people are calling me on it... on the contrary, my post is getting upvoted.
Because the reality of the situation is, targeted advertising is a topic that
needs discussion but it has no place in a comparison with the death of
millions of people because of their heritage/religion.

It's pathetic hyperbole people use when they can't win an argument on its
merits.

~~~
hyperman1
Unfortunately, you are very very wrong, and World war 2 is a great example
why:

Some countries had census data containing the religion of every family. People
proudly declared themselves Jewish. When the Nazis invaded the countries, they
grabbed the available data and instantly knew who to send to the camps. One
reason why so many Jews died was the speed with which the situation evolved.
Sometimes there were 2 weeks between 'nothing to wory' and the deportation.

The same principle holds for every big list of intrusive data. Yes, you are
grabbing all the data you can only to target ads. Today. But that same data in
other hands can block people's access to loan, deny them healthcare or make
them look like terrorists.

The US democracy is eroding, fast. It is not that far fetched to see the data
ending up with the government: 1) How many data has ended up in a FOIA
request? You don't know, as you don't see them. 2) Snowden proved that Google
already leaked data to the government without even realizing it 3) An
executive order from the US president will give him any access to the data.

And that's just the US government. Businesses sell data to each other whenever
they want. Today Google seems not to do it, but one CxO change or bad
financial quarter can change a lot here, fast.

Basically, Google is playing with fire, in a political situation equivalent to
a big gas leak. Be very carefull.

------
jlangenauer
Further proof, as if any was needed, why other countries require something
like the GDPR, backed up be significant penalties, and well-resourced
enforcement.

It won't happen in Australia though, as we are governed by fools who barely
understand technology, and if they need to, rely on the representations of
business to make any decisions.

~~~
chongli
From the perspective of a casual, non-European observer, the only effect of
the GDPR that I've witnessed is the explosion of websites being extremely
aggressive about forcing me to consent to their tracking cookies.

Where is the real benefit to Europeans' privacy?

~~~
MaxGabriel
Are you potentially confusing GODR with the EU cookie law?

~~~
coldtea
No, GDPR created a new storm of more fine-grained requests for permissions to
store information -- on top of the old cookie-law related cookie popups.

------
seba_dos1
I use DuckDuckGo, XMPP, ownCloud, Firefox with bunch of privacy enhancing
extensions... My main phone is Maemo based, and I keep one with LineageOS and
microG (so no Google Play Services) around as well. I access Facebook and
Twitter only via webapps, with isolated wrappers like FaceSlim on mobile. Not
only I feel somewhat safer about my data - battery usage, speed and user
experience is so much better! Win-win :D

~~~
jamaicahest
Did you read the article? Author says he searched using DuckDuckgo.

~~~
seba_dos1
What this article tries to tell is that using DuckDuckGo is just a one small
piece of bigger puzzle, not that DuckDuckGo tracks you.

------
wagutina
If you block 3rd party cookies, can the (exact) scenario described in the
article still happen ?

~~~
rm999
Pretty sure yes; after Safari started blocking third party cookies by default
a few years ago, Google, Facebook, and Microsoft have all started supporting
the option to use first party cookies to get around this. As I understand it,
they deploy code that stores tracking information on-site using first party
cookies, then access that data directly.

[https://digiday.com/marketing/wtf-what-are-facebooks-
first-p...](https://digiday.com/marketing/wtf-what-are-facebooks-first-party-
cookies-pixel/)

[https://searchengineland.com/google-analytics-adwords-
respon...](https://searchengineland.com/google-analytics-adwords-response-
apple-intelligent-tracking-prevention-282233)

[https://searchengineland.com/bing-ads-apple-intelligent-
trac...](https://searchengineland.com/bing-ads-apple-intelligent-tracking-
prevention-response-conversion-tracking-290763)

Someone please correct me if my understanding of this is incorrect, I've been
out the ad world for awhile (thankfully!)

~~~
wagutina
This is terrifying, thx for the answer

