Mozilla Finds Mental Health Apps Fail 'Spectacularly' at User Security, Data Policies
A new report reveals a surprising disregard for user security and privacy in mental health and prayer apps. The latest *Privacy Not Included guide from Mozilla said the apps "routinely share data, allow weak passwords, target vulnerable users with personalized ads, and feature vague and poorly written privacy policies." The apps often deal with topics such as depression, mental health awareness, anxiety, domestic violence, PTSD, as well as religion-focused issues. In all, 25 of the 32 mental health and religion apps studied did not meet Mozilla's Minimum Security Standards, which serve as a benchmark for the company's *Privacy Not Included reports. Factors that send up red flags for Mozilla include the mismanagement or unauthorized sharing and sale of user data, unclear data management policies, no encryption, weak password policies, and having no clear vulnerability management system. "The vast majority of mental health and prayer apps are exceptionally creepy," said Jen Caltrider, Mozilla's *Privacy Not Included lead. "They track, share, and capitalize on users' most intimate personal thoughts and feelings, like moods, mental state, and biometric data."
Read more on ZDNet.