What his privacy tools—DoNotTrackMe, Ghostry and Charles—helped Huesch discover was that 13 of the 20 sites he visited bore one or more “tracker” elements. Trackers are snippets of software code such as long-acting cookies, social media plug-ins, Web beacons and other scripts that enable a third party to report on a visitor's browsing history.
The tools also helped Huesch catch seven of those popular healthcare sites “leaking” his three search terms to third-parties.
“I could not determine whether leaked information was used or misused by third parties,” Huesch wrote in his letter. “However, the leakage of search terms to tracking entities is worrisome. Commercial websites may also disclose user activity to the government, as recent National Security Agency news stories have suggested.”
Last year, U.S. spending on Internet advertising reached $36.6 billion, up 15% over the 2011 level, according to the Internet Advertising Bureau.
Fueling the online ad boom are “companies operating in this gray market without government interference,” Huesch said in an interview. “This feels like we've let the genie out of the bottle and nobody knows what the genie is… I wanted to show doctors who are very tech unsavvy how much of a risk this presents to their patients.”
Huesch offered several possible nightmare scenarios for individuals of misuse of Web-gleaned healthcare information, including discrimination by insurers or employers based on an individual's health or social profile developed solely from website visits, searches and social media use.
These nightmare scenarios may already have happened, he said. “We should really think about our willingness to have it happen.”
Follow Joseph Conn on Twitter: @MHJConn