Analysis of Third-Party Data Leaks on Finnish Mental Health Websites



Rauti, Sampsa; Vuorinen, Esko; Puhtila, Panu; Carlsson, Robin

Skala, Karolj

ICT and Electronics Convention

2024

International Convention on Information and Communication Technology, Electronics and Microelectronics

2024 47th MIPRO ICT and Electronics Convention (MIPRO) : Proceedings

979-8-3503-8250-1

2623-8764

DOIhttps://doi.org/10.1109/MIPRO60963.2024.10569215(external)

https://ieeexplore.ieee.org/document/10569215(external)

https://research.utu.fi/converis/portal/detail/Publication/457104672(external)


Mental health websites process private and sensitive personal data, and it is essential to prevent this confidential data from being compromised. However, the increasing practice of using various third-party services on modern websites poses a threat to online privacy, including online services focusing on mental well-being. We present a study on the privacy of 10 Finnish mental health websites and conduct a network traffic analysis to see whether these online services inadvertently share sensitive data with third-party entities. Our findings indicate all of the studied websites leak sensitive contextual data (such as the visited URLs) to third parties. The current paper analyzes the characteristics of these data leaks, and gives suggestions to avoid such privacy concerns in future.


This research has been funded by Academy of Finland project 327397, IDA – Intimacy in Data-Driven Culture.


Last updated on 2025-14-02 at 15:46