If Americans needed another reason to oppose Obamacare, a new Associated Press investigation may have given it to them. Despite assurances from the Obama administration that Healthcare.gov was as private as a website could possible be, the investigation turned up a number of disturbing breaches. According to the report, the website “is quietly sending consumers’ personal data to private companies that specialize in advertising and analyzing Internet data for performance and marketing.”
If that makes your spine shudder, the administration’s spokespeople say there’s nothing to worry about. According to them, the vendors are strictly prohibited from using any information they gather for marketing purposes. Any data streams that might escape the cozy confines of the government’s website are only used to provide “a simpler, more streamlined and intuitive experience.”
Of course, skeptics who still have the admissions of Jonathan Gruber fresh in their memories might be permitted a disbelieving sneer. The AP admits that they uncovered no evidence of wrongdoing on the part of the outside companies, but the fact that this data is up for grabs is disturbing enough on its own. According to technology experts hired by the news organization, the website is sending “highly specific information” to some of the companies working with the site.
“This new information is extremely concerning, not only because it violates the privacy of millions of Americans, but because it may potentially compromise their security,” wrote Senators Orrin Hatch and Charles Grassley in a joint statement.
It is this concern over security that makes what Healthcare.gov is doing so distressing. Third-party connections open a significant opportunity for hackers to gain access to website users. Even if administration firms have the best security locks possible on the site, these third-party resources represent a weak link in the chain. By exposing consumers to potential hacks, the administration is begging for a data leak of unprecedented scope.
That this investigation comes when Obama is pushing for stronger cybersecurity legislation is just the icing on the irony cake. The Sony hack and the Twitter attack that proved embarrassing for U.S. Central Command are nothing compared to what criminals could do with millions of healthcare files. The administration’s weak privacy standards could pave the way for devastating blackmail attempts. As the man whose legacy hinges so decidedly on the Affordable Healthcare Act, President Obama should be ashamed of the site’s security gaps.
But he probably isn’t.