What are the privacy considerations for patients using Closed Groups on Facebook?

What follows is a “missing informed consent.”  If you are a patient connecting via Closed Groups, this outlines what Facebook needed to explain but didn’t when you started to use their platform to share your health data with other patients.

Social media has facilitated an unprecedented level of communicating, consuming, and creating health care information outside of hospitals, clinics, doctor’s offices and in-person support groups. Healthcare providers, patients, and their families are using online support groups to foster patient engagement and facilitate patient education by sharing personal experiences, asking questions, and responding to requests for information, thus generating significant troves of patient data in the course of developing forums for knowledge discovery and discussion. Facebook support groups aid individuals and organizations in connecting, collaborating and accessing information in support of disease prevention, detection, treatment, and care. Due to its mass adoption and ease of use, Facebook has become the dominant social media platform of choice for many online support groups to share private information about their health.

Facebook misled patient communities. They have encouraged patients to use their platform to connect with other patients via Closed Groups, but they have refused to acknowledge and fix significant problems with the way the product works for patient privacy.

There are four main ways that Facebook Groups are different from other Social Media platforms.  In order for patients to make an informed decision about whether to use Facebook Groups, we have explained privacy considerations below for Group Admins, Moderators, and members.  

1. Facebook requires you to use your real name, and that makes patients in Closed Groups vulnerable.

Patients have used many different kinds of social media platforms to connect with each other and find help for their hardest healthcare problems. Generally, information that patients share on Social Media is open and available to the world. But on most social media platforms, there are mechanisms to share your private healthcare concerns without also sharing your identity.

Twitter and Reddit, for instance, both allow patients to engage using pseudonyms instead of real names.

It is critical to understand that Facebook does not work this way. Legitimate users of Facebook are required to use their real names, so there is no easy way to use Facebook without revealing information that will be tied back to your in-real-life identity.

What is the impact of using your real name as a patient in a closed group?  One example is that insurance companies (both health and life) and employers can use this information to deny jobs and/or healthcare to you as a direct result of your participation in the Facebook groups. [This practice is, strictly speaking, a violation of US federal law and laws in most states.]

This is especially problematic if you are in a Closed Group that is “only” for people who have a particular clinical condition. For instance, if you are in a group that is “only for diabetics” or “only for HIV positive” people, then the fact that you are in that group is public information. Many people will assume you are diabetic or HIV positive even if you are not, and if you have the condition, that may become public simply because you are in the group.

2.  Facebook treats your participation in Closed Groups as public information, even if your Facebook “friends” cannot see your posts.

Patient communities on Facebook use the Closed Groups product to connect with each other and offer support. Many of these groups are a lifeline to patient communities. However, it is not possible to participate in these groups without Facebook treating this fact about your health as public information.

That means that even if you are silent in a group, your membership in the Closed Group can essentially be listed as public information. There are some small barriers, but basically it is possible to download a full list of your participation in healthcare groups, and match this list to your employer, home address, phone number, and other information you have shared on Facebook.

This is especially problematic if you are in a group that is “only” for people who have a particular clinical condition. For instance, if you are in a group that is “only for Diabetics” then the fact that you are Diabetic is public information. If you are in an HIV support group, then the fact that you are HIV positive is public information.

What does this mean if you are in a Facebook Group for patients? Your friends and family might not see your posts in a closed peer support group, because it is challenging for your ‘friends’ on Facebook to access the information through Facebook’s user interface. Yet, that does not mean the information is not considered “Public” by Facebook and other people who might want to use this information against you.

Can other people see that I am a member of these groups? Yes.  Even if your friends cannot see your posts through the user interface, others can see public lists of the Closed Group members. This can mainly be done by Facebook users with technical knowledge on how to extract user information from a closed group.

3.  You may have been listed as part of a closed health group without your knowledge.

Until late January 2019, it was possible to add any Facebook user into Facebook groups without the user’s consent. That means that if your ‘friend’ on Facebook knows you are HIV positive, they were able to add you to a closed group for people who are HIV positive without you knowing that. If you are a Facebook user with a serious medical condition, you may have already been irrevocably outed by someone else (who probably did this unintentionally, without understanding how these force-add features work).

What does this mean for patient groups on Facebook? It means that even if you have decided not to use Facebook to share your healthcare information, this might still be a problem for you. For example, if you have been added to a group without your consent or knowledge, your information can be exposed.

4.  Facebook allows Patient Support groups to promise privacy.

Closed Facebook Groups are not private, contrary to the perceptions of many admins, moderators, and patient participants. Admins and moderators of Closed Patient groups have been misled, just like their members.  Many Closed Groups are allowed to label themselves as “private” or even “anonymous” in their group descriptions and rules.

Facebook’s documentation on privacy settings for closed groups is sparse and inadequate.  Many Closed Groups admins and moderators, based on their understanding of this documentation, make assurances about the privacy and security of their groups that are wholly inaccurate. Unfortunately, no matter what a Closed Group’s introduction page says about privacy, it is Facebook’s technical decisions and policies that take legal precedence.

What does this mean for patient using Closed Groups on Facebook? It is possible that you joined a Facebook patient group under the premise that your information was private. Facebook group administrators probably did not intend to deceive you, they were just relaying their own understanding of privacy settings, based on limited information from Facebook.  In fact, many group Admins have worked for years to cultivate Closed Groups as supportive spaces, and have created groups without any resources from Facebook on ways to protect groups’ privacy.

What can members of groups on Facebook do about this?

  • If  you are an Admin:  Don’t sign NDA’s. Facebook has asked many patient group moderators to sign non-disclosure agreements in order to discuss the security of their patient-facing products.  These Non-Disclosure Agreements look like informed consent documents “for research” but they are not.  Patients should not sign these documents, which gives Facebook the right to sue you if you discuss the failings of Facebook’s product, and gives you absolutely nothing.
  • Members can choose to leave Facebook entirely. Given Facebook’s track record with user privacy, this is the only fully safe option. However, choosing to leave does not ensure that data about you has not already been leaked.  Facebook does not currently give admins and moderators, many of whom have worked for years to cultivate these supportive groups, a way to move the community elsewhere.
  • If you go, download Your Facebook History.  It is important to have a record of what data Facebook gathered about you.  Here is a 5 minute how-to on how to download your data from Facebook. If you choose to leave, please drop us a note as you leave. We are working to connect groups who are in the same boat to decide where to go.
  • You can choose to leave all healthcare-related groups on Facebook. But again, this will not change the fact that information about your health may have been shared with employers, insurance companies, and others.
  • Talk to your doctor about what your privacy rights are.  If you are a patient engaging in a closed support group on Facebook, talk to clinicians and researchers about this issue so that patients in need of support can find a path forward to safely engage together.
  • Contact your congresspeople and let them know about this page and that the FTC has already received a detailed complaint about these problems.