The Mighty

First reviewed April 20, 2022. Review updated, April 25, 2023

Last year we had some pretty significant privacy concerns about The Mighty and the "digital health community" they say they are building through the app. In 2023, we have even more concerns about this mental health app. A couple of things really grind our gears this time around. First, their Google Play Store Data Safety information section claims they don't share data with third parties where they state, "The developer says this app doesn't share user data with other companies or organizations." A read through their privacy policy shows this is simply not true (granted, part of the problem is Google's own rules for this self-declared information). The Mighty shares a lot of data with third parties. In fact, after your intrepid privacy researcher downloaded this app to try it out, he spotted nearly 550 trackers tracking his information immediately. This included trackers from Facebook, Google, Doubleclick, and many more. Ugh.

The Mighty does say they can share lots of your with advertising partners, including identifiers, device data, and online activity data, including any personal sensitive information you might share publicly. All in all, we think users should be very careful using or sharing any personal or sensitive health information with this app. Indeed,this line from The Mighty's own privacy policy is a good rule to follow, "We ask that you not provide us with any sensitive personal information through the Service or otherwise that is unnecessary. If you do not consent to our processing and use of such sensitive personal information, you must not provide it to us." Don't provide these apps with sensitive information!

Oh, one more gripe about The Mighty. They signed our privacy researcher up for their email list without his explicit consent to join that list. That is always a major privacy research pet peeve. Companies, please ask for explicit consent to add people to your email list! This is especially ironic to us, as they never replied to any of the emails we sent to the email listed in their privacy policy for privacy related questions. Bad form, The Mighty. Bad form.

Read our review from 2022:

The Mighty says they can collect a pretty large amount of personal information on you such as name, email. mailing address, gender, location, photographs, interests, and information about your or others’ medical condition that you choose to share and lots of app usage data.They go on to say they may combine the personal information they get from you with personal information they get from other sources such as data licensors, social media platforms like Facebook, and companies they partner with for research. That's a whole lot of information they gather on you from a pretty wide variety of sources. So far, not good.

The Mighty uses all that information for things including interest-based advertising, direct marketing, and research purposes. They may share your personal information with third party advertising partners for marketing and advertising purposes. Again, not good. They also say they can share your information with research partners, business partners, professional advisors, and their corporate affiliates and subsidiaries. Basically. they say they can share your personal information with a whole bunch of people. Not super uncommon, but also not great considering how much information they collect and combine about you, including what you chose to share publicly about your medical conditions. Remember, the more places your information is shared, the more chances there are for your information to leak or be compromised.

Couple this with the fact we couldn't confirm if The Mighty meets our Minimum Security Standards and we're concerned about both the privacy and security of anything you might share on this app. It's great to find a community to support you online through mental health challenges. It'd be nice if the company providing that community did a little more to protect their user's privacy.