Marketing Hacked
The library
Telehealth·onboarding·Difficulty: easy

BetterHelp — Selling 'Confidential Therapy' While Selling the Data

BetterHelp marketed clinical-grade confidentiality, then shared mental health intake data with Facebook, Snapchat, Pinterest, and Criteo for ad targeting. FTC fined $7.8M and banned the practice.

Black hat
10/10
Source: BetterHelp (2017–2020)
🪄 The act

Watch the trick unfold, layer by layer.

  1. 1
    Step 1 — 'Confidential. Convenient. Affordable.'

    Homepage and onboarding repeatedly used the word 'confidential' alongside HIPAA-adjacent language ('Your information is safe with us'). Users believed they were entering a clinical relationship.

    The trick: The Easy Read
  2. 2
    Step 2 — The intake quiz

    Sign-up began with a sensitive intake: depression, anxiety, suicidal ideation, sexual orientation, past therapy, prescription history. Users disclosed believing it would route them to the right therapist.

    The trick: The Small Yes
  3. 3
    Step 3 — Pixels under the consent

    BetterHelp embedded the Meta Pixel, Snap Pixel, Pinterest Tag, and Criteo trackers on the intake pages. Email addresses, IP addresses, and intake answers were hashed and shipped to ad platforms — including the fact that someone had sought mental health care at all.

    The trick: The Consent Maze
  4. 4
    Step 4 — Buried disclosure

    The privacy policy mentioned 'analytics partners' in dense legal copy after users had already submitted intake. The disclosure technically existed; meaningful consent did not.

    The trick: The Hidden Door
  5. 5
    Step 5 — The FTC order

    March 2023: FTC's first-ever ban on a company sharing mental health data for ads. $7.8M consumer refund. BetterHelp must notify all affected users, delete the data, and require partners to do the same. The 'confidential' homepage line is now Exhibit A in the order.

    The trick: The Switcheroo
🎩 The recipe

Steal it. Use it tonight.

  1. 1Don't. The FTC's order against BetterHelp set the modern enforcement floor for health-adjacent data.
  2. 2If you handle health, financial, or sexuality data: no third-party pixels on intake pages, period. Server-side analytics with strict allowlists only.
  3. 3If you say 'confidential' in marketing copy, your data flows must literally be confidential — 'shared with marketing partners' is the opposite word.
☠️ Don't be that marketer

GoodRx ($1.5M, 2023), Premom ($100K, 2023), Cerebral ($7M+ enforcement risk, 2024) all hit for the same pattern. The shared-with-Facebook health-data trade is now considered settled bad practice — and HHS's 2024 HIPAA guidance closed the remaining gaps.

The tricks at work

Study the techniques behind this teardown

The Easy Read
Copy

It feels true because it was easy to understand.

The Small Yes
Persuasion

A tiny commitment now makes a big commitment later feel consistent.

The Consent Maze
Dark Pattern

You agree to share more than you meant to — because saying no is exhausting.

The Hidden Door
Dark Pattern

You can't find the option you want — so you take the one they want.

The Switcheroo
Dark Pattern

You came for one thing. You're being sold another.