Monday, October 14, 2013

KEWL: Hidden Obamacare Website Warning Says You Have "No Reasonable Expectation of Privacy" For Your Data

I actually spotted this a few minutes ago (here's the actual address, midway through the signup process for reference purposes) and then saw that Jeryl Bier was one step ahead of me.

The launch of federal government's Obamacare insurance exchange, Healthcare.gov, has been plagued with delays, errors, and poor website design, even prompting USA Today to call it an "inexcusable mess" and a "nightmare".  Now comes another example of why the website's reputation is in tatters.  Buried in the source code of Healthcare.gov is this sentence that could prove embarrassing: "You have no reasonable expectation of privacy regarding any communication or data transiting or stored on this information system."  Though not visible to users and obviously not intended as part of the terms and conditions, the language is nevertheless a part of the underlying code for the "Terms & Conditions" page on the site.

After creating an account on Healthcare.gov, users are asked to click an "I accept" button under some routine Terms & Conditions prohibiting unauthorized attempts to upload information or change the website.  Once users click the button, they may proceed to shop for insurance and enter detailed personal information.  However, when the Terms & Conditions page is visible, the hidden sentence mentioned above along with several others can be seen by using a web browser's "View Source" feature...


I grabbed the actual HTML and pasted it below inside a colored block so you can see it for yourself.

Marketplace Account Registration - Log In - Terms & Conditions

Terms & Conditions

So that

remains accurate and available to you and all other visitors, we monitor network traffic to identify unauthorized attempts to upload or change information or otherwise cause damage to the web service. Use of this system constitutes consent to such monitoring and auditing. Unauthorized attempts to upload information and/or change information on this web site are strictly prohibited and are subject to prosecution under the Computer Fraud and Abuse Act of 1986 and Title 18 U.S.C. Sec.1001 and 1030.

To continue, you must accept the terms and conditions. If you decline, your login will automatically be cancelled.

  • You have no reasonable expectation of privacy regarding any communication or data transiting or stored on this information system.
  • At any time, and for any lawful Government purpose, the government may monitor, intercept, and search and seize any communication or data transiting or stored on this information system.

Any communication or data transiting or stored on this information system may be disclosed or used for any lawful Government purpose.

To continue, you must accept the terms and conditions. If you decline, your login will automatically be cancelled.


Find Your Representative, call them, and tell them to HOLD THEIR GROUND

As Bier observes, the critical terms and conditions do not appear on the page. They are only visible by viewing the source HTML underlying the page.

I guess this is no big deal, though, since the NSA is apparently allowed to monitor all of our personal communications and the IRS is permitted to politically target Obama's opponents while simultaneously enforcing Obamacare.


Hat tips: Jammie Wearing Fool and BadBlue News Service.

2 comments:

Brian said...

So what if I don't agree to their terms and conditions? Can I opt out then?

Anonymous said...

If Walmart or MasterCard were to have important terms and conditions hidden beneath their web form that they expected to be enforceable, consumers could call upon some of these very same government officials to protect them from such illegal and unethical corporate conduct. And maybe even the President himself would be eager to push himself in front of the cameras so the American public could see how eager he as to be seen carrying out the duties of his office.

This is sick, and now bordering on evil.