Challenging Corporate Data Exploitation

Over the past decade targeted advertisement has become exponentially more invasive. To enable targeted advertisement as it is common today, massive amounts of data about individuals are collected, shared and processed. In practice, this means that most of what you do online - such as the websites you visit, the apps that you use, what you do on them, what you watch, what you buy, what you read, your location and your interests etc. – is being tracked, shared and used to profile you.

To understand how data relating to mental health is currently protected, Privacy International analysed 136 popular mental health web pages related to depression in France, Germany and the UK. We also selected a small sub-set of online depression tests for further analysis.

Our findings are dismaying and raise serious concerns about the ways in which these websites treat people's data. What happens when you visit a website relating to mental health matters. Information that reveals when exactly someone is feeling low or anxious - especially if combined with other data about their interests and habits - can be misused to target people when they are at their most vulnerable.

From the 75% of web pages we analysed that embed marketing trackers (some of which engage in RTB), to depression tests that share your answers with third parties, our report shows that many mental health websites don’t take the privacy of their visitors as seriously as they should. Some websites treat the personal data of their visitors as a commodity, while failing to meet their obligations under European data protection and privacy laws.

Shame and silence around mental health problems can be as bad as the problem itself and Privacy International supports campaigns that aim to change the way we all think and act about mental health. Privacy International fights for a world in which people are in control of their data and the technology they use, and in which governments and companies are no longer able to use technology to monitor, track, analyse, profile, and ultimately manipulate and control us. 

Read the full report



Our data reveals a lot of information about us. From our data, intelligence is gleaned about us - our habits, our health and finances, our desires and hopes - some of which may be inaccurate. Yet our technologies are now designed to generate and disclose vast amounts of data, and beyond our control. Privacy International is fighting so that our technologies work for us and do not betray us.

Increasingly everything we do generates data, whether we are in possession of a device or not. Our devices, networks, and homes generate vast amounts of data. Our transport systems, cars, payment systems, and cities also generate data through us and about us. With all this data, we may be able to make the world a fairer, better, cleaner, more sustainable, and safe place. The opposite may also apply.

We want to see a world where we are in control of information about us. From our data, intelligence is gleaned about us - our habits, our health and finances, our desires and hopes - some of which may be inaccurate.

Privacy International is fighting so that our technologies work for us and do not betray us.

Our devices and infrastructure are being designed for data exploitation. Increasingly it is beyond the ability of individuals themselves to control the ways in which data about their lives is shared and processed.

As a result, industry and government are amassing our data with impunity. They aspire for a data-driven world that frees them to grab our data, to look for patterns and similarities, to generate intelligence, and make decisions about us and the shape of our futures.

We are not ready for the future that is already being built. Our laws are not yet able to address these risks. Our technologies are insecure and leak data. In turn, we are not secure.

Revelations and scandals about how intelligence agencies and industries use our personal data give us snapshots of the future. It starts with excessive data generation and collection. Then the data feeds into their systems, which they use to understand our behaviours and then to classify us. These classifications become impossible to escape – they can even become more trusted than actual reality. Do you think you are worthy of credit? The system disagrees. You claim you are not a terrorist? The computer says otherwise.

These systems are often shrouded in secrecy. That secrecy makes it impossible for us to know where we stand or to seek redress to free ourselves. Will your actions make the system think you are a terrorist? Can the system, like all systems, be gamed by the powerful or technologically savvy?

In a democratic society, it is essential we continue to be able to watch the watchers. We must also maintain control of the data controllers. Otherwise, a future of data exploitation will chill our autonomy and diminish our dignity.

Here’s what we do to end Data Exploitation

Privacy International is investigating how our data is generated and exploited, engaging the public through awareness-raising campaigns, and exploring the necessary legal and technological frameworks to protect against data exploitation.