Health websites like WebMD.com, Centers for Disease Control and the Mayo clinic are sending records of your personal health web searches to Facebook, Twitter, and Experian. Sometimes unwittingly. This is how it works according to Vice blog author Brian Merchant:
“Here’s what’s happening in a bit greater detail: Let’s say you make a search for “herpes.” Plugging that query into a search engine will return a list of results. Chances are, whatever site you choose to click on next will send information not just to the server of the intended site—say, the Centers for Disease Control, which maintains the top search result from Google—but to companies that own the elements installed on the page.
Here’s why.”When you click that CDC link, you’re making a so-called “first party request.” That request goes to the CDC’s servers, and it returns the HTML file with the page you’re looking for. In this case, it’s “Genital Herpes – CDC Factsheet,” which is perhaps the page on the internet you’d least want anyone to know you’re looking at. But because the CDC has installed Google Analytics to measure its traffic stats, and has, for some reason, included AddThis code which allows Facebook and Twitter sharing (beckoning the question of who socializes disease pages), the CDC also sends a third party request to each of those companies. That request looks something like this—http://www.cdc.gov/std/herpes/STDFact-Herpes.htm—and makes explicit to those third party corporations in its HTTP referrer string that your search was about herpes.