How to stop tracking on health sites

How to stop tracking on health sites
(Image credit: Pixabay)

As consumers turn to VPNs and privacy software to better protect their privacy and data, internet browsers remain a weakspot, especially with ad tracking. Here Mozilla explain what they are doing to stop this.

There’s probably no greater expectation of privacy than when it comes to a person’s health. But the pervasive third party tracking that we’ve recently learned many health websites engage in has made the internet untrustworthy for people who turn to it during this vulnerable time in their lives. 

Instead of offering up private access to valuable information, support, medical records, research and health care providers, many health websites are preying on people, scooping up their data in exchange for access to these potentially life-saving online services and information when they’re needed the most. No one’s health information should be for sale, or collected to potentially be used against you. We refuse to accept that people should have to choose between the technology they use every day, and the privacy they deserve.

About the author

Peter Dolanjski is the Director, Security and Privacy Products, at Mozilla.

So how is health data being used by third party trackers to target you when you’re potentially at your most vulnerable? Let’s look at the facts. According to a recent investigation by the Financial Times, third party tracking practices on health websites is widespread: 

Some of the UK’s most popular health websites are sharing people’s sensitive data — including medical symptoms, diagnoses, drug names and menstrual and fertility information — with dozens of companies around the world, ranging from ad-targeting giants such as Google, Amazon, Facebook and Oracle, to lesser-known data-brokers and adtech firms like Scorecard and OpenX.

Sharing sensitive, personal health information — like menstruation, fertility and medical conditions — with third parties without a user’s consent is sticky territory in the UK thanks to the ePrivacy Directive (known as the Cookie law) and specific restrictions in the GDPR regulations.  

Sharing data

According to the investigation, personal data like drug names, symptoms, diagnoses and ovulation cycle information has been shared with companies including Google, Facebook and Amazon. And in some cases, unique identifiers were shared with third parties and tracker cookies were dropped without user consent.

This practice isn’t always unlawful, but it is invasive and concerning. And it has become common practice online. It’s not just a pair of shoes following you around the internet. Data trackers are used to learn a great deal more about you than your footwear obsession, including your age, ethnicity, location and even your financial situation, which advertisers can target you against, making it possible for advertisers to know very personal things about what you might be going through based on your internet consumption. This is incredibly personal information that advertisers want for their marketing but just don’t need to know about you. And now we know these same practices are also occurring on health-related websites.

Keep health issues private

Confronting health issues is a vulnerable time, and something most people would prefer to keep private. Third party trackers make this virtually impossible, however. When third party trackers are deployed behind the scenes of a website, there is no real way for you to know any of the following:

  • what information they collect about you
  • what they do with it
  • how securely it is stored
  • how long it will be circulated
  • who they are sharing it with, and
  • who they are selling it to.

It’s equally impossible for us to know how and when this information will be used for price discrimination, employment discrimination, service denials, election influencing, and other insidious practices. So with one simple click, one of the most private parts of your life, your health information, has been transmitted to companies that never obtained your consent to collect it. It’s unsettling to think about how this data is being used.

How to block trackers before they can track you

If you’re fed up with the level of third party tracking happening on the web or want to see which companies are lurking behind the scenes when you visit a website, fortunately there are ways you can get this information and take control of your personal data. It starts with making the most of the privacy functions on your browser. 

For example, at Firefox, we recently introduced privacy protections that block this type of tracking by default and a dashboard that reveals the multitude of third parties attempting to record what you’re doing, behind the scenes and without your consent, on the web pages you visit. 

New tracking protection tools can block known social media trackers, cross-site tracking cookies, cryptominers and tracking content in private windows on all sites, which provides a good balance of tracking protection while not breaking your favourite websites. Some browsers also now have setting options that allow you to boost or fine tune your privacy protections depending on your preferences, such as whether you want to block fingerprinting and tracking content in all windows or just private ones.

The numbers speak for themselves - over the course of a day, we estimated that everyone using Firefox will block over 12 billion trackers combined. That’s an incredible amount of personal, private information that you are keeping out of the black box of third party data collection by just using simple and convenient privacy-protecting tools in your browser.

The reality is that people value their privacy and are no longer acquiescent when it comes to being tracked. It’s high time we stop these trackers at the door.


Peter Dolanjski is the Director, Security and Privacy Products, at Mozilla.

Peter Dolanjski is the Director, Security and Privacy Products, at Mozilla.