> The "scandal" here is that a third-party app gathered personal information that wasn't supposed to be used for targeting and the data ended up being used for targeted political ads.
The scandal is that an organization impersonated a health care research entity and knowingly collected PII for use in political actions. Not only is this awful in itself, but it undermines public health by making people distrust legitimate data collection projects for beneficial health purposes. It's similar to when the CIA used a vaccination effort to locate Bin Laden, and now those aid personnel are routinely attacked and not trusted by locals which makes it more difficult to eradicate disease. If you are representing yourself as a health care entity and collecting PII for stated purposes of public health, you are likely bound by HIPAA, and I would like to see people go after this company for HIPAA violations as well as fraud.
The scandal is that an organization impersonated a health care research entity and knowingly collected PII for use in political actions. Not only is this awful in itself, but it undermines public health by making people distrust legitimate data collection projects for beneficial health purposes. It's similar to when the CIA used a vaccination effort to locate Bin Laden, and now those aid personnel are routinely attacked and not trusted by locals which makes it more difficult to eradicate disease. If you are representing yourself as a health care entity and collecting PII for stated purposes of public health, you are likely bound by HIPAA, and I would like to see people go after this company for HIPAA violations as well as fraud.