Healthline's Sharing of Suggestive Article Titles Failed 'Gossip Test,' Says IAPP Official

“If sharing a fact about someone would be gossip-worthy in a small town or daytime TV show, it is likely regulators will have concerns about wantonly sharing that information with third parties,” said Zweifel-Keegan.

Healthline agreed to pay California $1.55 million to settle a privacy probe earlier this month (see 2507010074). The state enforcer’s first use of a purpose-limitation requirement in the California Consumer Privacy Act received nearly as much attention as the record price (see 2507030026).

It didn’t matter that Healthline wasn’t collecting sensitive health data of web visitors, noted Zweifel-Keegan. “Perhaps Healthline was not analyzing the health data of its website visitors, but from the attorney general's perspective, the company was still sharing too much information with third parties.” Just as in recent FTC cases “against BetterHelp and Monument, Healthline here is accused of sharing user information in a context that allowed third parties to make potentially sensitive and medically relevant conclusions about the users of the service.”

“Disclosures should properly set consumer expectations,” Zweifel-Keegan concluded. “Surprises lead to regulator scrutiny, especially when they relate to sensitive aspects of consumers' lives. This is not a new idea, but it is new for it to serve an outcome-determining role in a consumer privacy enforcement action.”