Identifying the Privacy Risks of Semi-Anonymous Online Medical Forums: Content Analysis (Preprint)

Abstract

Online medical forums, such as Breastcancer.org, allow individuals to come together in a safe space to share personal details about themselves, diagnoses, and treatment plans. Such a space is meant to be anonymous in order to protect the identities of all patients involved. However, the information shared is anonymized only by the chosen username, and usernames on these forums can be used again by patients on other public social media websites. In addition, content posted by patients often contains sensitive information that can be used to uncover their identities. This threatens the privacy of patients by offering the opportunity to link their public-facing social media profiles with their private-facing profiles on online medical support groups.

The aim of this study was to design a methodology that could analyze the dual privacy threat derived from username linkage and from disclosure of personal identifiable information (PII) or protected health information (PHI) for semi-anonymous medical forums.

12,000 usernames on Breastcancer.org were randomly selected and then cross-referenced with Facebook, Twitter, Instagram, and Reddit using an online tool called socialscan. The entropy of each username was then calculated as a proxy for username uniqueness using Dropbox’s zxcvbn tool. Using the username uniqueness probabilities, the expected number of profiles that could be linked to a public-facing social media profile was subsequently determined. Analysis was further conducted on the nature of PII and PHI being shared on these forums on a randomly chosen message board using Microsoft Presidio, a tool designed for scrubbing sensitive text.

Substantial reuse of usernames was detected between Breastcancer.org and any of the four social media sites. Out of these 12,000 sampled users, 169 patients on Breastcancer.org were expected to be linked to at least one other social media website. 66 patients were expected to be linked to Facebook, 96 to Twitter, 102 to Instagram, and 66 to Reddit. This analysis suggests that of Breastcancer.org’s 227,862 users, approximately 3,190 users in total can be linked to at least one of the four social media websites examined in this study solely based on username. In addition, when content from a randomly chosen thread was analyzed, each of the 2,781 posts from 64 patients contained an average of 9.5 pieces of PII.

These results demonstrate a substantial risk to patients on semi-anonymous medical forums with regards to medical privacy and the need to add warnings for patients when they are creating usernames. This tool, or a similar one, could be used by online medical support groups to warn patients when signing up for the platform to use different usernames for their public-facing and private-facing profiles. Such a warning would strengthen patient privacy.