PatientsLikeMe in Wall Street Journal: Transparency, Openness and Privacy (cont’d)

Posted October 11th, 2010 by

Journalist Julia Angwin of the Wall Street Journal just published an article describing how a major media monitoring company, Nielsen BuzzMetrics,  scraped our forum last Spring.  (See my previous blog post on the incident – “Transparency, Openness and Privacy”)

Julia’s piece includes details regarding how this incident happened, how we (and you) responded and more.  We are very excited about this article.  Having a rigorous debate about transparency, openness and privacy is critical to us achieving the trust we want to have with you, our patients.

What Nielsen did was clearly a violation of our User Agreement.  However, we believe this incident (and this article) have spurred an important ongoing discussion about what is right, just and appropriate regarding how companies operate in this new networked world.  As I said to Julia, this is a new frontier.  We also believe there’s a lot for everyone to learn from this experience, especially around how to put patients first.

Read Julia’s piece and tell us what you think.

PatientsLikeMe member bheywood


8 Comments

  1. Ben and Jamie,

    Thanks for helping make this story public. It is a necessary wake up call about how each one of us must understand our complete loss of privacy.

    As we state in the ACOR privacy policy:

    “Please be careful not to disclose on the mailing lists any personal or other information that you do not wish other people to have access to or that you would later want to remove. Except as set forth elsewhere in this Privacy Policy or in the Terms and Conditions , ACOR cannot and will not remove content from any mailing list or from the archives of the mailing lists. Accordingly, each subscriber should weigh the potential benefits and risks participating on the lists. The only sure way to protect one’s privacy is to never write to the lists. Moreover, although we strive to deter abuse of our resources, it is possible that unknown persons or entities could access and archive the lists without our permission.”

    The WSJ article is a MUST read for anyone doubting that privacy in this network age is dead. A lot of scary information about what is done to maximize profits based on the mosaic effect. We are all in for a wild ride.

  2. Although I am angry about people responsible for “scraping” ,Bilal Ahmed should take responsibility for his own carelessness,he himself made his own identity public by adding the link to his profile.If he didn’t want to be identified then he should never have added the link to his blog or he should have used a Pseudonym for his blog too.

    However considering the sensitivity of the “moods” community meaning the subject matter that it covers,I do think that there should be some “extra” security to prevent anyone other than members or those who have direct permission having access to that information.But again members should take precautions themselves if they are concerned about the information they are revealing.

    We are responsible for the information we give away on the internet.I personally have nothing to hide,but still don’t like the idea of someone using my information without my permission and think there should be laws to protect people from “scraping”.I am not naive enough to think that anyone would stop doing it but then at least “we” would have something to be able to go after those companies,individuals with, that abuse the laws.

    If you don’t want anyone to know who you are then it stands to reason not to reveal any personal information to people you don’t know or don’t trust.Names,age, home-town,jobs,school,business,doctor,car, etc.,

    I question the morals of a company or individuals who make a business out of STEALING peoples intimate details and shared feelings and thoughts to invade their privacy and manipulate their spending habits.

    I have always had great faith in the transparency and openness policies of PLM and am comfortable using the website.

  3. Although the onus is on the user not to reveal personal information they don’t want to be made public (something everyone in this internet age needs to unfortunately understand), the real issue here is that this site did take steps to ensure privacy by forcing registration. Did they go far enough, arguably not, but now they’ve learned and will likely correct this with stronger authentication.

    But, that’s not the issue.

    The company in question maliciously STOLE private content by impersonating a user and invading the site. This was a conscious act proven by the fact that they had three (fictitious) users activated and when first caught, called in representing themselves as this “user” to get reactivated. THIS IS NOT WEB SCRAPING! This was an intentional act targeted at this specific site. Please do not place blame on anyone but the perpetrator.

  4. I totally agree with Gilles Frydman. How anyone could use the words “private” and “internet” in the same sentence shows a severe lack of internet understanding… You should not have to be an IT specialist to understands the flaws in OPEN DISCUSSIONS… scraping or not…

  5. Thanks to everyone for your comments. Regarding the call for stronger authentication, we’ve always had email confirmation as part of our registration process. We have considered “CAPTCHAs” in the past, which may allow for better human authentication. However, CAPTCHAs can prove challenging for people who suffer from visual or cognitive impairment (as some of our members do). While there are alternatives that claim to be accessible, many are still a challenge for our patients.

    We have other techniques in place to detect automatically created accounts and most of the incidents, so far, have been with manually created accounts. So CAPTCHAs would be difficult for our real users without stopping abusive ones. We are constantly improving our tools to stay ahead in this game.

  6. plainly and bluntly, I am not happy tp find out that a site known as patients like me are selling information about its users to major corparations and drug companies.
    It is disgusting to have an outlet like PLM to make profits from us users. People like me that are using the site to learn and compare illnesses with others that suffer the same is what I was told the site was for and I find out that PLM is SELLING my privacy without my consent is awefull. The information that I share is meant for other patents that have the same illness as me, not for big companies to exploit. Patients Like me and other data site need to ask permission from its user before being sold. Remember, Patients Like me may be owned by a specific indavidual, but it is its users that contibute who make is successful, with out users, PLM would no longer exisit and therefore before selling us out, ask us if we want to be sold. I think i will delete my account at PLM because of them selling my personal life.

  7. Hi Krisztina,

    Thanks for your comments. We certainly want you to feel comfortable on our site. That’s why we try to be as upfront as possible about how we make money. It’s one of the links right on the front page of the site. It’s also part of our User Agreement, which you agreed to before joining. To clarify, we do not sell your personally identifiable information (name, email, address, etc.). We de-identify the data shared by all of our members before we sell it to companies that want to learn more about your experiences. Please let us know if you have any additional questions. We hope you’ll continue to share on PatientsLikeMe.

    Ben
    Co-Founder, PatientsLikeMe

  8. [...] online, with the practice of data scraping highlighted as a risk to patients.  We welcomed this article coverage and continue to engage with other leaders in this ongoing [...]

Leave a Comment