Online counseling provider BetterHelp has settled with the US Federal Trade Commission (FTC) after it was alleged that it breached users’ privacy by sharing identifying information with social media platforms, including Facebook.
The FTC has claimed that BetterHelp ignored customer privacy between January 2013 and December 2020. As part of the settlement, the online talk therapy company will pay a $7.8m civil penalty, which the FTC has stated it will share with affected customers who paid for its services between August 2017 and December 2020. BetterHelp will also undergo two decades of privacy monitoring by the FTC.
BetterHelp, which was acquired by telemedicine firm Teladoc in 2015, has seen its user base and revenue increase over the past five years, particularly since the COVID-19 pandemic began.
The FTC alleges that the company has over 374,000 active users in the US and earned over $720m in revenue in 2021. The regulatory authority has recently increased its enforcement actions and warnings regarding the safeguarding of health data privacy, including fining discount prescription drug provider GoodRx $1.5m for sharing data with Google and Facebook.
The proposed settlement has been approved unanimously by FTC commissioners, although it must undergo a 30-day comment period followed by another round of commissioner voting. BetterHelp has not admitted or denied the allegations laid out by the FTC.
However, the company has called the sharing of user information for advertising campaigns an “industry-standard practice” and “routinely used by some of the largest health providers.”
The FTC has claimed that BetterHelp shared data such as consumers’ email addresses, whether they had previously been in therapy, their IP addresses and if they answered “good” or “fair” to an intake question about financial status.
Legal experts have said that the FTC’s latest move is a warning to other entities about the handling of sensitive consumer information, particularly personal health information.
The FTC has alleged that BetterHelp shared customer data with Facebook, Snapchat, Pinterest and online advertising firm Criteo. As part of the settlement agreement, BetterHelp must instruct third parties that received customer information to delete it, implement a privacy program and agree to undergo a third-party privacy assessment every two years for the next two decades.
