BetterHelp Should Pay $7.8 Million for Sharing Sensitive Data, FTC Says

Online counseling and mental health services company BetterHelp should stop sharing customer data with advertisers and reimburse $7.8 million to customers, the Federal Trade Commission said Thursday. The FTC says that BetterHelp shared customers’ sensitive health data, including mental health issues, with advertisers including Facebook and Snapchat.

“BetterHelp promised consumers that it would not use or disclose their personal health data except for limited purposes, such as to provide counseling services,” the FTC release says. “Despite these promises, BetterHelp used and revealed consumers’ email addresses, IP addresses, and health questionnaire information to Facebook, Snapchat, Criteo, and Pinterest for advertising purposes.”

The FTC’s proposed consent order would require BetterHelp to reimburse $7.8 million to people who used the service between Aug. 1, 2017, and Dec. 31, 2020. The consent order would also ban the company from sharing health information for advertising purposes and require it to establish “a comprehensive privacy program,” tell third parties to delete the data it has already shared and limit how long it can keep such data on hand.

BetterHelp didn’t respond to a request for comment. In a statement posted to its website, the company said it followed “industry-standard” advertising practices. “Nonetheless, we understand the FTC’s desire to set new precedents around consumer marketing, and we are happy to settle this matter with the agency,” reads the statement. 

BetterHelp said its settlement with the FTC isn’t an admission of wrongdoing. The company added that it does “not share and have never shared” members’ names or clinical data from therapy sessions with third parties. 

The proposed consent order will be open to public comment for 30 days before a final decision is reached.

Facebook, Snapchat and Pinterest didn’t immediately respond to requests for comment. In a statement sent to CNET, Criteo said it “maintains the highest levels of data privacy and security” and that it couldn’t comment on the FTC complaint, as it isn’t named as a defendant.


Leave a Reply

Your email address will not be published. Required fields are marked *