In Europe, online data is protected by the General Data Protection Regulation, but data privacy laws in the United States are more limited and state dependent. Even still, in Europe many companies can use “legitimate interest,” a legal cover that allows companies to share consumer data based on a person’s potential interests in a product or service.
If you’ve ever tried out a dieting app, you might have filled out a questionnaire asking you about your body type, weight, exercise, and eating habits, and possibly even medical information, like whether you have diabetes. Ostensibly that data is used to inform what kind of diet the app suggests, but new research reveals diet companies may be using it in other ways. According to London-based non-profit Privacy International, diet apps are sometimes sharing this data with third-party marketers and not protecting it securely. The report also raises questions around whether U.S. laws adequately protect online health data that isn’t hosted by a medical entity.
Link: What exactly are dieting apps doing with all your data?