Investigative reporters probing alleged misuse of the sensitive data of Europeans found that health websites were illegally sharing people’s information with ad-targeting companies including Google, Amazon, and Facebook.
The personal data shared without users’ explicit consent—a requirement under European data protection laws—includes medical symptoms, diagnostic information, as well as names of drugs.