Facebook Health? Thumbs Down

Facebook: 10 New Changes That Matter

Facebook, already an expert at building communities, collecting a wealth of members' information, and developing a powerful search tool, reportedly is ogling the healthcare market -- although it may use a pseudonym.

The company is considering creating online support networks to connect people who have various conditions, and a small group of internal staff is reviewing "preventative care" apps, Reuters reported. Facebook might use a spinoff or separate company to operate these healthcare initiatives, according to the news service.

While I'll post the occasional complaint about a headache or flu on my Facebook feed, I am uncomfortable about entrusting Facebook (under any name) with deeper insight into any medical information beyond the odd ache or pain. Last week the company published a public mea culpa and promised to "do better" after previously demanding that drag queens, transgenders, stalking victims, and others use their real names on their Facebook accounts.

[Facebook has apologized for toying with users' emotions. See Facebook Mood Experiment Prompts New Guidelines.]

Part of Facebook's hunger for healthcare came after it determined diabetics searched the site for advice on their condition, an ex-Facebook insider told Reuters. Of course businesses perform analytics and diagnostics on how customers use their products or services. But when you have users' real names, the names of their closest friends and family members, and add in their health information, the small hairs on the back of my neck rise a little -- unless there are some very firm, very clear privacy agreements written in plain English.

Online communities for patients with chronic conditions like diabetes, cancer, fibromyalgia, or chronic fatigue syndrome are not new. Typically, they offer patients, families, and caregivers information on the condition and treatment, support, chat areas, and sometimes shopping. But privacy and revenue are sensitive areas. While some patients freely share information about their conditions, others prefer to keep that information private from colleagues, employers, marketers, or the world at large. With complex, frequently changing terms of service and a poor track record of safeguarding users' privacy, Facebook will have a tough time convincing some users it will treat health-related information differently from cat videos or complaints about poor service at a restaurant.

Whereas new sites start from Ground Zero and must prove they are worthy of members' trust, a Facebook healthcare community begins at a deficit for some. Only last week it apologized for toying with users' emotions in its mood-manipulation experiment.

Privacy questions arose again last week after Facebook rolled out a rebuilt version of Atlas, an advertising service it acquired in 2013 from Microsoft. The software was designed to allow advertisers to use Facebook members' information to send them targeted ads on outside sites, especially on smartphones and tablets, which raised questions about intrusion.

"This expands the surveillance economy into ever more important and intimate aspects of a person's life," particularly when it comes to cross-device targeting on mobile, Neil Richards, a professor of law at Washington University in St. Louis who studies digital privacy, told PCWorld.

Considering how prevalent third-party attacks are, we need to ask hard questions about how partners and suppliers are safeguarding systems and data. In the Partners' Role In Perimeter Security report, we'll discuss concrete strategies such as setting standards that third-party providers must meet to keep your business, conducting in-depth risk assessments -- and ensuring that your network has controls in place to protect data in case these defenses fail. (Free registration required.)