US data brokers selling data on pregnant residents

Data privacy is in the spotlight once more as a number of data brokers across the US have been found promoting the sale of digital data relating to millions of pregnant and potentially pregnant people in the country. 

An investigation by Gizmodo revealed that 32 brokers offer unique mobile IDs for some 2.9 billion people’s profiles marked as “actively pregnant” or “shopping for maternity products.” Those interested can also access the data of customers who are “interested in pregnancy” or “intending to become pregnant,” as well as those who use certain types of birth control.

The brokers are offering information on 3.4 billion people in total. However, there is evidently some overlap with unique users, as 3.4 billion is far more than the US population and half the world’s population. Many brokers are likely offering the same information. 

This information is being packaged to advertisers as datasets on a “cost per mille” (CPM) basis, also known as cost per thousand impressions. This means that anyone who buys access to the datasets only pays for the number of end-users their targeted ads reach. According to Gizmodo, the cost of datasets ranges from 49 cents to $2.25 per user reached.

The data on offer has been gleaned in a multitude of ways. Some companies found out people’s pregnancy status directly when they agreed to share their data to download a specific app or coupon. Meanwhile, other companies developed algorithms to predict potentially pregnant users by analyzing their internal data. However, Gizmodo found it impossible to figure out the precise source of many of the brokers’ data. Gizmodo hypothesizes that one such company, AlikeAudience, may have been able to access the data of 61 million iOS users at a “Pregnancy & Maternity Life Stage” due to their relationship with MasterCard.

There is understandable concern about how this information could be used. It could potentially prevent pregnant people from accessing health care or cause them to delay appointments with doctors. As we advised in a previous news piece regarding the privacy risks of health apps, if you are concerned about how your data could be used, it might be best to record such data offline and avoid shopping on sites and apps known to track such data. 

In other news

• Staff arrested for hacking nuclear radiation monitors. According to Gizmodo, Spanish police have arrested two former government contractors on charges of carrying out a large-scale cyber attack on the country’s gamma radiation detection sensors. The two employees, who have not been named, had worked on repairs and maintenance for Spain’s radioactivity alert system (RAR), which is a network of 800 detection sensors across the country. This network is used for monitoring unusually high levels of radiation and preparing against nuclear meltdown. The attacks took place between March and June last year and affected over 300 of the sensors. The hackers had control of the central computer system and deleted a management application that caused the connection of the sensors to fail. It’s not yet known how the attack could go unnoticed for so long, and the two individuals were only arrested after a year-long investigation. The motivation for the attacks is also not known.   

• Report shows customers pay for cyberattacks. The Cost of Data Break report, released last week, reveals that 60% of businesses surveyed said they pass on the costs of data losses to their customers, according to The Register. The report also shows that data breach costs increased by 13% in the last two years to an all-time high of $4.35 million, and almost half of the costs were incurred more than a year after the incident. Out of the 550 companies surveyed, 83% had suffered at least one data breach. 

• New wearable ultrasound patches a breakthrough in medical imaging. The Guardian reports that a research team at Massachusetts Insitute of Technology (MIT) has created a stick-on patch that is able to take ultrasound scans of the wearer’s body for a period of up to 48 hours. Team leader Prof Xuanhe Zhao described the technology as revolutionary because, until now, ultrasound scans could only be performed in hospitals. The patch is only the size of a postage stamp, and it can be used for various types of medical imaging, such as monitoring the heart or tracking muscle health during workouts. It can be used in conjunction with a mobile app to deliver data directly to the user. In addition to faster and continual results for the patient, these patches could take the pressure off medical services that currently administer millions of ultrasound scans every year.

• Facebook doubles its AI-recommended content for users. On a recent earning call, Mark Zuckerberg said that the amount of content that users receive in their feed from sources they don’t already follow will double by the end of next year. According to Vice, the Meta CEO acknowledged that the majority of content on both Facebook and Instagram currently comes from people, groups, or accounts that the user follows. But his plan is to give users more of something they “might” like, instead of something they “do” like. This comes shortly after the company reported its first revenue decline ever. This could be attributed to various factors, such as the rising popularity of TikTok, or the new privacy settings on iPhones that restrict Facebook ads. 

• Could a discarded hard drive be worth millions? In 2013, IT engineer James Howells of Newport, Wales, threw away a hard drive that contained 8000 Bitcoins. Back then, Bitcoins weren’t worth much, but now that hard drive is a potential gold mine, as the contents could be worth as much as £150m ($184m). He has petitioned the Newport City Council for a permit to excavate the landfill, but the Council has repeatedly denied his request due to logistical and environmental concerns. According to the BBC, the retrieval effort, if approved, could cost millions, with no guarantees that the drive would be found or that it would be operational. To sweeten the deal, Howells has pledged 10% of the proceeds to make Newport a crypto center and give all the residents £50 each in Bitcoin. No word yet as to whether his latest offer will convince the Council to let him go digging for his lost treasure.

Tip of the Week

In light of the increasing costs of cyberattacks for businesses of all sizes, it makes sense to safeguard your digital assets — as well as your computer and hard drives — from hackers. 

A little protection can go a long way. Of course, you already know to use strong passwords (and good password managers!) and two-factor authentication on all of your online accounts. You don’t click on suspicious links in email or text messages, and you don’t give out your password or other sensitive data to people on the phone.

But have you done enough to protect your business? Check out these articles about why small businesses shouldn’t ignore cybersecurity and how to protect your small business against cybersecurity risks. 

Taking a little time now to secure your systems can save you major headaches and expense down the road.