While telehealth seems convenient, it may come at an unknown price. Recently, it has been found that telehealth providers used cookies to harvest and share user data with large tech companies. Those tech companies then used that data to construct and execute targeted advertisement campaigns. Using cookies can have unintended negative effects on users’ data privacy. Cookies track user activity on websites, such as time spent on certain web pages, links used, IP addresses, etc.
In some cases, that tracking may be able to show more personal user data than it is intended to track. For example, if a university website has links to schedule appointments for on-site covid-19 testing, resources for psychological services, or Title IX reporting, students and staff who access those links might have their user data tracked and given to third parties. While simply accessing those resources is not a secure form of data, users may unwittingly be giving away information that reveals confidential personal data, such as physical or physiological health. This divulgence of confidential user data may not be done maliciously, but it can still tremendously affect users’ privacy. It is time to start a conversation about how cookies can lead to data collection that poses high privacy risks for users.