Therapy apps are proving increasingly popular, as people seek help with their mental health without the inconvenience and high cost of in-person counseling. But for the second year running, researchers have found that the majority of them are failing to meet expected privacy standards.
Of 32 mental health apps studied, some 19 of them were labeled as “privacy not included,” with the researchers stating they were shocked at how bad they were …
Testing therapy apps for privacy
Mozilla, the nonprofit behind the Firefox browser, has a team that specifically focuses on investigating app privacy. The team reads privacy policies, to see whether appropriate safeguards are offered, then checks the company’s track record on data breaches and the like.
The apps are selected according to their popularity in the US and Europe, and are given a “privacy not included” label if they fail on two or more criteria.
We assign our *Privacy Not Included warning label to products we have determined to have the most problems when it comes to protecting a users privacy and security. A product will earn the *Privacy Not Included warning label if it receives two or more warnings from us on the following criteria:
How the company uses the data it collects on users. We ding companies for selling users data or collecting more data than is necessary for general business purposes, for example, buying data from data brokers.
How users can control their data. We ding a company if they don’t have a clear and manageable way for users to delete their data from the company or explain how long they retain users’ data.
What is the company’s known track record of protecting users’ data? We ding a company if they have a bad track record of not protecting users’ data based on known and reported security breaches, leaks, or vulnerabilities.
Finally, we ding a company if we can not confirm if the product meets our Minimum Security Standards. In rare exceptions we might ding a company if they only receive one warning from us if we determine that warning is particularly concerning for consumers.
Additionally, the team looks at the permissions requested by an app. It says that there may be perfectly valid reasons for an app to request access to things like location, camera, and microphone, but it will flag requests that don’t appear necessary for the app features.
The latest privacy results
Only two therapy apps got the all-clear:
- PTSD Coach, from the US Department of Veterans Affairs
- Wysa AI chatbot, from Touchkin
Eleven more had one privacy concern (which varied by app):
- Finch
- Woebot
- Moodfit
- Bearable
- Youper
- Ginger
- Recovery
- Record
- Calm
- Superbetter
- Modern
- Health
- NOCD
The remaining 19 therapy apps were considered fails, with dings against them in two or more categories:
- Mindshift CBT
- Breathe,
- Think, Do
- with Sesame
- 7 Cups
- MindDoc
- Happify
- Better Stop
- Suicide
- RAINN
- Shine
- Headspace
- Liberate
- Sanity & Self
- Insight Timer
- The Mighty
- Sanvello
- Talkspace
- Cerebral
- Betterhelp
- Pride
- Counseling
- Replika
Worst therapy app
The worst was Replika, which failed in every single category: data use, data control, track record, security, and privacy policy review.
You can check out the full ratings here.
Get help with mental health issues
The National Institute of Mental Health has a list of resources for those with mental health concerns, either about yourself or a friend or family member:
Call 911 if you or someone you know is in immediate danger ,or go to the nearest emergency room.
988 Suicide & Crisis Lifeline
Call or text 988; Llame al 988 (para ayuda en español)
Use Lifeline Chat on the web (English only)
The Lifeline provides 24-hour, confidential support to anyone in suicidal crisis or emotional distress. Call or text 988 to connect with a trained crisis counselor.Veterans Crisis Line
Use Veterans Crisis Chat on the web
The Veterans Crisis Line is a free, confidential resource that connects veterans 24 hours a day, 7 days a week with a trained responder. The service is available to all veterans and those who support them, even if they are not registered with the VA or enrolled in VA healthcare.Disaster Distress Helpline
Call or text 1-800-985-5990
The disaster distress helpline provides immediate crisis counseling for people who are experiencing emotional distress related to any natural or human-caused disaster. The helpline is free, multilingual, confidential, and available 24 hours a day, 7 days a week.If you are worried about a friend’s social media updates, you can contact safety teams at the social media company. They will reach out to connect the person with the help they need.
View the 5 action steps for helping someone in emotional paininfographic to see how you can help those in distress.
Photo: Sydney Sims/Unsplash
FTC: We use income earning auto affiliate links. More.
Comments