UPDATE: Class action lawsuits filed over BetterHelp’s sharing of protected health information through invisible ad trackers.
On March 2, 2023, the United States Federal Trade Commission announced it had entered into a proposed settlement with Mountain View, California-based BetterHelp, Inc., banning it from sharing website user data for advertising purposes and a $7.8 million fine that may provide partial consumer refunds to people who signed up for and paid for BetterHelp’s services between August 1, 2017, and December 31, 2020.
BetterHelp has offered mental health services under several business names, including MyTherapist; Teen Counseling; Faithful Counseling; Pride Counseling; iCounseling; Regain; and Terappeuta.
The FTC alleges in a complaint that BetterHelp (under its name and all of its other business names) used consumers’ email addresses and the fact they had been in therapy to instruct Facebook to identify similar consumers and target them with advertisements for BetterHelp’s counseling service. It further alleges that BetterHelp misled consumers about keeping their mental health information private and used various unauthorized methods to share sensitive data with companies such as Facebook, Snapchat, Criteo, and Pinterest to advertise services.
BetterHelp operates through the website betterhelp.com. It claims on its website to be “the world’s largest therapy platform” and is described as a “mental health platform that provides online mental health services directly to consumers. The online counseling and therapy services are provided through web-based interaction as well as phone and text communication.” Critically, on its website, BetterHealth represents:
We have built state-of-the-art technology, operations, and infrastructure with the goal of protecting your privacy and safeguarding the information you provide.
Despite those promises, the FTC says BetterHelp used a wide variety of tactics to share the health information of over 7 million consumers. For example, in 2017, BetterHelp allegedly uploaded the email addresses of all current and former clients to Facebook – nearly 2 million – to target them with ads to refer their Facebook friends to BetterHelp for mental health services. During another period, the FTC says BetterHelp disclosed to Facebook for advertising purposes the previous therapy of 1.5 million people who visited or used BetterHelp’s site. The source of that information: their responses to the intake question, “Have you been in counseling or therapy before?”
On BetterHelp’s website, patients are asked to answer a series of questions covering their mental health conditions. Although BetterHelp’s website claims that information is kept private and safeguarded, this information is reportedly sent to advertising platforms, along with the information needed to identify users. This data is extremely personal and can be used to target advertisements for services that, as the United States Senate has stated in an investigation of other similar healthcare provider companies, may be “potentially harmful physically, psychologically, or emotionally.”
BetterHelp is a membership-based service that ranges from $60-$90 per week. According to the FTC: “Since BetterHelp was founded, more than two million people have signed up, entrusting the company with their personal information, much of it related to the status of their health – and their mental health.” On January 9, 2023, it was announced that “Despite a somewhat rocky 2022, Teladoc Health Inc.’s (NYSE: TDOC) direct-to-consumer behavioral health subsidiary, BetterHelp, raked in over $1 billion in revenue. That’s a $300 million increase from 2021”, with over 1 million people using its platform in 2022.
According to the FTC: “In the hierarchy of confidential data, health information ranks right up there. And in the hierarchy of health information, details about a person’s mental health may be among the most confidential. But according to the FTC, that’s not how online counseling service BetterHelp viewed it. The FTC says the company repeatedly pushed people to take an Intake Questionnaire and hand over sensitive health information through unavoidable prompts.”
Class Action Lawsuit Filed Against BetterHelp
On March 11, 2023, a class action lawsuit was filed by Plaintiff Jane Doe, alleging that BetterHelp violated numerous provisions of California law, including the Comprehensive Computer Data Access and Fraud Act, the Confidentiality of Medical Information Act (“CMIA”) (Cal. Civ. Code § 56 et seq.), and the California Invasion of Privacy Act (“CIPA”) (Cal. Penal Code §§ 630, 631 et seq.). These statutes provide statutory damages ranging from $1,000 to $5,000 per violation.
The proposed class is defined as all persons in the United States whose user data were collected through Meta Pixel or other third-party trackers from any BetterHelp-controlled website since August 1, 2017.
The lawsuit was filed in the United States District Court for the Northern District of California under the caption Jane Doe v. BetterHelp Inc., N.D. Cal. Case No. Case No.: 5:23-cv-01096-CRB. The lawsuit is in the process of being consolidated with other lawsuits filed against BetterHelp, and a motion to appoint a plaintiffs’ leadership structure to coordinate the litigation has been filed before the Hon. Richard Seeborg and is pending. BetterHelp Inc. has recently filed an appearance in the first of the coordinated proceedings.
If you have used BetterHelp’s services over the last several years and signed up for and paid for BetterHelp’s services since August 1, 2017, your personal information may have been sold to third-party advertisers such as Facebook, Snapchat, Criteo, and Pinterest without your informed authorization or consent.
Special California Privacy Laws Protect You
California’s privacy laws specifically protect your personal information. Among these laws include:
- The California Invasion of Privacy Act (CIPA) makes it unlawful for businesses to engage in electronic “wiretapping” without consent or by helping other entities, like Facebook, intercept electronic communications without consumer consent. The CIPA may entitle consumers to $5,000 or three times their damages, whichever is greater.
- The Confidential Medical Information Act (CMIA) protects confidential health-related information. The CMIA prohibits a health care provider, health care service plan, or contractor from disclosing patient information without authorization. The CMIA may entitle consumers to $1,000 without proof of any monetary damages.
Despite the above California laws, you may not be awarded compensation without legal assistance. You may be entitled to up to $5,000, or more, depending on which California laws may have been violated by this conduct. Participants can recover damages, injunctive relief (to make sure the business has reasonable security practices to protect consumer data), and anything else necessary to compensate victims and prevent these harms from occurring again. Experienced unauthorized data access class action attorneys can help you exercise your rights, evaluate your options and decide whether you are entitled to compensation. You have no out-of-pocket costs; we only get paid if we prevail.
Legal Rights Under California’s CCPA
The CCPA also provides consumers with other important rights. These include:
- The right to see a copy of the personal data a business has collected about you for free.
- The right to discover why a business has collected your personal information, what it has shared (by category), who it was collected from (by source type), and who it has shared your data with (by category).
Identity theft is on the upswing, and as the FTC noted, this data has significant value, as shown by what BetterHelp has done to allow companies like Facebook, Snapchat, Criteo, and Pinterest to access your personal information.