Pride Counseling

Aviso: *Privacidade não incluída neste produto

Pride Counseling

BetterHelp
WiFi

Data da avaliação: 25 de Abril de 2023

|
A Mozilla investigou por 18 horas
|

Opinião da Mozilla

|
Votos das pessoas: Assustador demais

Pride Counseling, owned by BetterHelp (see our review of BetterHelp), provides therapy services targeted at members of the LGBTQ+ community. Costs for the Pride Counseling service run around $60 - $90 per week depending on your location (some locations might be higher) and Wirecutter noted in 2021 they "found some of the company’s practices to be predatory." Users will then be matched with a therapist Pride Counseling says are licensed and have some experience with the LGBTQ+ community, although there is no way to guarantee your therapist will be LGBTQ themselves. Conversations with therapists can happen in a number of ways -- text messages, live chats, phone conversations, or video calls.

So, how does Pride Counseling look from a privacy and security perspective? Unfortunately, not great. Which is not at all what you want to see from an online therapy service targeted at the vulnerable LGBTQ+ community. Indeed, Pride Counseling parent company BetterHelp was fined $7.8 million by the Federal Trade Commission for sharing their customers sensitive personal health data after promising not to.

O que pode acontecer se algo der errado?

First reviewed April 20, 2022. Review updated, April 25, 2023

Pride Counseling, owned by parent company BetterHelp, has gotten worse since we reviewed them in 2022, which is concerning because their privacy practices seemed pretty bad to us last year. The biggest flag we about Pride Counseling since our last review is that their parent company BetterHelp had a pretty serious enforcement action launched against them by the US regulator agency the Federal Trade Commission announced in March, 2023. The FTC stated, "At several points in the signup process, BetterHelp promised consumers that it would not use or disclose their personal health data except for limited purposes, such as to provide counseling services. Despite these promises, BetterHelp used and revealed consumers’ email addresses, IP addresses, and health questionnaire information to Facebook, Snapchat, Criteo, and Pinterest for advertising purposes, according to the FTC’s complaint." The results of this enforcement action are a $7.8 million settlement paid to consumers and a ban on Betterhelp "sharing consumers’ health data, including sensitive information about mental health challenges, for advertising."

This is all very bad. But the crackdown by the US regulator body is a very good trend we like to see. We hope this will lead other mental health app companies with questionable data sharing practice to feel pressure and change for the better.

Other than this FTC enforcement action, Pride Counseling earns all three of our privacy dings this year -- for sharing data for advertising purposes, for not being clear if all users have the same rights to delete their data regardless of the privacy laws the live under, and for having a bad track record of protecting and respecting their users' sensitive personal information. Last year we felt Pride Counseling was bad. This year we have further proof they are a mental health app that most certainly earns our *Privacy Not Included warning label.

Read our 2022 review:

Owned by BettherHelp, Pride Counseling brings all the privacy concerns we had with that app to this LGBTQI+ focused therapy app. They're privacy policies are identical, so everything we were worried about with BetterHelp applies here with Pride Counseling, except Pride Counseling is targeted at a vulnerable community, which makes our privacy concerns carry even more weight.

Where to start? First, we here at *Privacy Not Included read privacy policies for a living. We've seen many and have a sense for what makes a good privacy policy and what worries us in privacy policies. We found Pride Counseling's privacy policy short and missing information we wanted to see made clear. Pride Counseling doesn’t specifically state in their privacy policy that they don’t sell user data, which is something we like to see stated clearly. Also, their short privacy policy doesn't mention important information like if and how they collect location data, how long they retain users' data, and how users can access or delete this data. This is another big flag for us. Pride Counseling also uses the word "may" a whole lot in their short privacy policy, which as someone who reads privacy policies can tell you, usually means they want to give themselves a lot of wiggle room in how they use your personal information. So many red flags so far.

But wait, there's more! Pride Counseling does collect a whole lot of personal information, from the responses to their intake questionnaire (like are you feeling depressed or anxious or are you struggling to maintain relationships), to things like name, age, email address, and phone number. They also say they can use data they collect on you for personalization, product offerings relevant to your individual interests, and targeted ads. And they say they can share some data with a number of third parties including advertisers (boo!), and with any subsidiaries or parent companies within their corporate group (which includes Better Help, Teen Counseling, and Faith Counseling). Remember, every time your data is shared, the potential for data leaks or breaches grows.

And according to this 2020 article by Jezebel, BetterHelp/Pride Counseling shares metadata from every message, though not its contents, with Facebook. This means that Facebook could know what time of day a user was going to therapy, their approximate location, and how long they were chatting on the app. Yup, red flag.

Is there more that worries us? Why, yes, there is. Pride Counseling says they collect, use, and store communications between users and counselors on their platform. They do say they encrypt messages between you and your therapist on the platform, which is good. We were unable to confirm if Pride Counseling has a system in place to manage security vulnerabilities on their app, which raises a flag for us about their overall security practices. We emailed their listed privacy contact to ask some questions about BetterHelp's privacy practices and received no response to our questions, so we're not sure if users can expect a timely response from that listed contact.

Pride Counseling's parent company BetterHelp operates a number of popular mental health platform right now in 2022.They are pouring millions of dollars into advertising to grow their user base. They have a number of concerning privacy and security practices that we and others have reported like sending data to Facebook and sharing data widely with third parties. What's the worst that could happen? Unfortunately, we're afraid a lot could go wrong based on what we learned in our research. Which is incredibly worrisome for a service targeted a the vulnerable LGBTQ+ community. That's why we've currently labeled this product *Privacy Not Included.

Dicas para se proteger

  • Do NOT connect the app to your Facebook, Google, or other social media accounts or third-party tools, and do not share medical data when connected to those account.
  • Click the "Shared" button next to each message you've sent if you want it to no longer show in your account.
  • Do not sign up with third-party accounts. Better just log in with email and strong password.
  • Choose a strong password! You may use a password control tool like 1Password, KeePass etc
  • Use your device privacy controls to limit access to your personal information via app (do not give access to your camera, microphone, images, location unless neccessary)
  • Keep your app regularly updated
  • Limit ad tracking via your device (e.g. on iPhone go to Privacy -> Advertising -> Limit ad tracking) and biggest ad networks (for Google, go to Google account and turn off ad personalization)
  • Request your data be deleted once you stop using the app. Simply deleting an app from your device usually does not erase your personal data.
  • When starting a sign-up, do not agree to tracking of your data if possible.
  • mobile

Pode me bisbilhotar? informações

Câmera

Dispositivo: Não aplicável

Aplicativo: Sim

Microfone

Dispositivo: Não aplicável

Aplicativo: Sim

Rastreia localização

Dispositivo: Não aplicável

Aplicativo: Não

O que pode ser usado para se inscrever?

Que dados a empresa coleta?

Como a empresa usa esses dados?

We ding this product for using personal information for marketing and advertisement, and for potentially selling personal data.

Some practices of Pride Counseling may be considered a 'sale' under CCPA. "We aren’t paid by anyone for any data. However, in California, the laws define “sale” broadly to include the sharing of personal information in exchange for anything of value. If you opt in to our use of targeting cookies and web beacons, this use may be considered a “sale” of personal information under that specific California law. For specific information on your data rights as a resident of California, see the additional notice for California residents."

"Provided you opt-in and agree, we may Process and share some data with Third Parties for advertising purposes." - the opt-in ask for consent is not clear nor direct.

"To be clear, we don’t share any data or information you share with your therapist with any Third-Party advertisers. Even if you opt-in to targeting cookies and web beacons, we still don’t share information with Third-Party advertisers like member names, email addresses, phone numbers, clinician diagnosis, questionnaires answers, sessions data, journal entries, messages, worksheets, or any other type of private communication you have with your therapist on the Platform."

"When an account is created with the Platform, the user fills out a questionnaire. We Process the information used to complete this questionnaire. Some of this information may include identifiers like email address, phone number, chosen name (first name or nickname), and physical address."

Due to the use of cookies and web beacons, information regarding your activity on their websites, excluding activity when you are logged in and have started therapy, may be disclosed to advertising partners to optimize marketing.

Como você pode controlar seus dados?

We ding this product as it is unclear if all users regardless of location can get their data be deleted.

The retention details are unclear. "Please note that if you’ve started therapy, we may retain some of your data for an extended period based on applicable data retention laws."

"To receive a summary copy of your data, please log in to your account and go to Menu > My Account (or Account settings) > My Personal information, where you will see an option to request a copy of your data. The data you will receive as part of this request includes the contact information that you input on the site, questionnaire answers, worksheet entries, emergency contact information, messages you sent to your therapist, journal entries that you created, and other personal data.

Additional data which we maintain includes email interactions with our help desk, which is stored on your email system. You may also request this information by writing to [email protected].

Please visit our opt-out instructions page to request to delete the above data or opt out of BetterHelp services. Some data will be maintained as allowed by law or required by our retention policy.

You may reach out to us at [email protected] if you need additional help. We will only comply with a request for deletion of your data if we can verify your identity. There is usually no charge. In exceptional circumstances, we may charge a reasonable fee after discussing the fee with you."

Qual é o histórico conhecido da empresa na proteção de dados dos usuários?

Ruim

In March 2023, BetterHelp, the parent company of Pride Counseling, got in trouble with FTC for sharing health data it had promised to keep private — including information about mental health challenges — with companies including Facebook and Snapchat. BetterHelp said the settlement (which included a payment of $7.8M) was not an admission of wrongdoing and that the behavior for which it was sanctioned is standard for the industry.

In 2021, the Economist shared the report of one user that "When I first joined BetterHelp, I started to see targeted ads with words that I had used on the app to describe my personal experiences.”

In October 2018, BetterHelp gained attention from media personalities after concerns were raised about alleged use of unfair pricing, bad experiences with the app, paid reviews from actors, and terms of service that allegedly did not correspond with ads promoted by professional YouTubers.

Informações de privacidade infantil

"We don’t knowingly collect or solicit any data or information from anyone under the age of 13 or knowingly allow such persons to become our users. The Platform is not directed at and not intended to be used by children under the age of 13. If you’re aware that we have collected personal information from a child under age 13 please let us know by contacting us, and we’ll delete that information."

Este produto pode ser usado offline?

Não

Informações de privacidade fáceis de entender?

Não

Links para informações de privacidade

Este produto atende aos nossos padrões mínimos de segurança? informações

Sim

Criptografia

Sim

"All the messages between you and your therapist are encrypted by 256-bit encryption."

Senha forte

Sim

Atualizações de segurança

Sim

Gerencia vulnerabilidades

Sim

The company representative shared with us that "in addition to daily automated vulnerability scans and an invite only bug bounty program managed by Bugcrowd, the Member Success team has been instructed to refer Security Researchers to email us directly at [email protected]. If their disclosure has merit, we’ll have them added to the Bugcrowd team so it can be processed through channels and they can be rewarded for that and any subsequent bugs they may find."

Política de privacidade

Sim

O produto usa inteligência artificial? informações

Sim

"BetterHelp uses Machine Learning to process users’ responses to the intake questionnaire and limited additional data, such as therapist schedules and member time zone, to match a user with a therapist. We do not use generative AI or large langauge models like Chat-GPT."

Esta inteligência artificial não é confiável?

Não foi possível determinar

Que tipo de decisões a inteligência artificial faz sobre você ou por você?

A empresa é transparente sobre como funciona a inteligência artificial?

Sim

O usuário tem controle sobre os recursos da inteligência artificial?

Sim

"The user controls whether they complete the intake questionnaire. They also control their individual answers. Several of the intake questions do not require a response, and others allow the user to answer “other” or “prefer not to say.” "Before users start the intake questionnaire, we explain that we use their answers to help match them with a potentially suitable therapist. We also provide information about therapist-member matching in our privacy policy."
*Privacidade não incluída

Mergulhe mais fundo

Comentários

Tem um comentário a fazer? Nos diga.