Friday, 26 November 2010

NHS Choices Sharing User's Data with facebook and other Third Parties; Is this Actually so Bad?

sharing-informationA new article by blogger Mischa Tuffield has raised concerns over privacy on the NHS Choices website.  After conducting in depth research, Mischa identified four third-party companies, including facebook, who can track a user's movements through the NHS site. He suggests that this would be fine for a website that rates pubs, for example, but not when people are seeking advice for potentially sensitive and private matters, as they may do on the Choices website. The article even goes so far as to suggest that this may contravene the NHS's Data Protection Policy, as the data would be sent outside of Europe, which the policy forbids.

This has the potential to cause a major headache for the NHS's flagship website, which has established itself as the foremost destination for health advice in the UK. As with visiting a local GP, confidentiality is a priority for people when it comes to their health and if this isn't guaranteed on NHS Choices, that could effect their willingness to use the service.

Though the story has been reported via several online news outlets, the mainstream media has yet to pick up on it. If they do, these few spots of rain may develop into a full blown storm.

After reading the blog himself,  Tom Watson, Labour MP for West Bromwich East, certainly believes it warrants more attention. He wrote directly to Secretary of State for Health, Andrew Lansley, strongly urging that the tracking code be removed.

The Department of Health has responded to concerns, stating;

""Facebook capturing data from sites like NHS Choices is a result of Facebook’s own system. When users sign up to Facebook they agree Facebook can gather information on their web use. NHS Choices privacy policy, which is on the homepage of the site, makes this clear.

"We advise that people log out of Facebook properly, not just close the window, to ensure no inadvertent data transfer."

I tend to agree with this. Facebook has long been criticised for it's management of privacy, but a user does have the option to log out if they don't want their web movements tracked. The way facebook does this has been massively well reported during it's history, so it's highly unlikely that many of it's users are ignorant to how it works. If they stay connected, then surely that's their responsibility?

The real question for me is, what happens to the data once it's collected? For a start, it's not going to be made Public. I would imagine that this would be the main worry for those hearing about this story; that their embarassing illnesses could appear in their friends news feeds. This isn't going to happen, unless of course it's actively shared by a user, in which case, again, it's their responsibility.

Mischa states in his article that the DH's Privacy Policy doesn't make it explicit that data is not shared for third party advertising. Although facebook's interconnectivity with other sites aims to improve the user experience, it's difficult to argue that the main aim is anything but to improve the targeting of it's own advertising. This is likely to be the outcome of the shared data; it influencing the adverts an individual user, and only that user, sees on facebook.

There are still arguments against this, especially from an ethical standpoint, but I'd argue that there would be no actual negative effects for a user from having their data shared. Compare this to the positives of having facebook integrated into NHS Choices, where a single user can easily raise awareness of a health issue or story amongst their peer group of several hundred people, as well as the services which the website and NHS provides, with the potential for that information to spread virally to many, many more. There's many other benefits as well, but that alone should make facebook an indispensable part of NHS Choices.

No comments:

Post a Comment