— — Apps

Opioid addiction treatment apps found sharing sensitive data with third parties – TechCrunch

2 Mins read

As a result of the COVID-19 pandemic and efforts to reduce transmission in the U.S., telehealth services and apps offering opioid addiction treatment have surged in popularity. This rise of app-based services comes as addiction treatment facilities face budget cuts and closures, which has seen both investor and government interest turn to telehealth as a tool to combat the growing addiction crisis. A new investigation has found that several widely used opioid treatment recovery apps access and share sensitive user data with third parties. While people accessing these services may have a reasonable expectation of privacy for their healthcare data, a new report from ExpressVPN’s Digital Security Lab, compiled in conjunction with the Opioid Policy Institute and the Defensive Lab Agency, found that some of these apps collect and share sensitive information with third parties, raising questions about their privacy and security practices.

The report studied ten opioid treatment apps available on Android: Bicycle Health, Boulder Care, and Confidant Health. DynamiCare Health, Kaden Health, Loosid, Pear Reset-O, PursueCare, Sober Grid, and Workit Health. These apps have been installed at least 180,000 times and have received more than $300 million in funding from investment groups and the federal government. Despite these services’ vast reach and sensitive nature, the research found that most apps accessed unique identifiers about the user’s device and, in some cases, shared that data with third parties.

treatment apps

Seven of the ten apps studied access the Android Advertising ID (AAID), a user-generated identifier linked to other information to provide insights into identifiable individuals. Five of the apps also access the devices’ phone number; three access the device’s unique IMEI and IMSI numbers, which can also be used to identify a person’s device uniquely; and two access a users’ list of installed apps, which the researchers say can be used to build a “fingerprint” of a user to track their activities.

Many of the apps examined also obtain location information in some form, which strengthens the capability to surveil a person and their daily habits, behaviors, and interactions when correlated with these unique identifiers. One of the apps’ methods is through Bluetooth; seven apps request permission to make Bluetooth connections. The researchers say this is particularly worrying because this can be used to track users in real-world locations.

“Bluetooth can do what I call proximity tracking, so if you’re in the grocery store, it knows how long you’re in a certain aisle or how close you are to someone else,” Sean O’Brien, principal researcher at ExpressVPN’s Digital Security Lab who led the investigation, told TechCrunch. “Bluetooth is an area that I’m pretty concerned about.”

SDKs, or software development kits, are bundles of code with apps to make them work properly, such as collecting location data. Often, SDKs are provided for free in exchange for sending back the app’s cache data. Another central area of concern is the use of tracker SDKs in these apps, which O’Brien previously warned about in a recent investigation that revealed that hundreds of Android apps were sending granular user location data to X-Mode, a data broker known to sell location data to U.S. military contractors, and now banned from both Apple and Google’s app stores.

348 posts

About author
As a blogger, I’ve had the opportunity to share my experiences and insights with other people. The most important thing I’ve learned about blogging is that it’s not about me. It’s about connecting with others. I love the idea of using writing to build relationships. I’m always thinking about what I can do to make my blog more useful, interesting, and accessible to others. I enjoy talking about technology, health, finance, food, and travel.
Articles
Related posts
— — Apps

Uber calls TikTok user’s theory that phone battery affects prices ‘completely false’

2 Mins read
TikTok user Tony Aubé created a stir online by speculating that Uber was jacking up prices for some of its customers. The…
— — Apps

Playbyte’s new app aims to become the ‘TikTok for games’ – TechCrunch

3 Mins read
A startup called Playbyte wants to become the TikTok for games. The company’s newly launched iOS app offers tools that allow users…
— — Apps

SiriusXM launches ‘TikTok Radio,’ a music channel featuring viral hits hosted by TikTok stars – TechCrunch

2 Mins read
If viral TikTok songs like Dr. Dog’s “Where’d All the Time Go?” or Bo Burnham’s “Bezos I” weren’t already stuck in your…
Get All Latest Blog Direct In Your Website

Leave a Reply

Your email address will not be published. Required fields are marked *