- Meta’s Superintelligence Labs launched Muse Spark this week and immediately prompted users to paste raw lab results, glucose readings, and biometric data into a chatbot that carries no HIPAA protections.
- In testing by Wired, the model generated a meal plan of approximately 500 calories per day when directed toward extreme fasting goals—a level experts say risks malnourishment.
- Meta’s privacy policy states that data shared with its AI tools may be retained and used to train future models on a case-by-case basis.
- Medical experts at Duke University and the University of Miami said they would not upload their own clinical data to Muse Spark or comparable consumer AI tools.
What Happened
Meta’s Superintelligence Labs launched Muse Spark—its first generative AI model—this week, making it available through the Meta AI app, with plans to extend it across Facebook, Instagram, and WhatsApp in the coming weeks. According to Wired’s investigation published April 10, 2026, the company said it worked with “over 1,000 physicians to curate training data that enables more factual and comprehensive responses.” When Wired tested the model, it proactively solicited health data: “Paste your numbers from a fitness tracker, glucose monitor, or a lab report. I’ll calculate trends, flag patterns, and visualize them,” the chatbot said, offering a blood pressure reading as an example prompt.
Why It Matters
Muse Spark enters a market where OpenAI’s ChatGPT, Anthropic’s Claude, and Google’s Fitbit AI coach already offer health-data interpretation features—none of them bound by HIPAA, the US federal law that governs how sensitive patient data is stored and shared by healthcare providers and insurers. Consumer AI platforms fall outside that regulatory perimeter. Meta’s own privacy policy states the company keeps “training data for as long as we need it on a case-by-case basis to ensure an AI model is operating appropriately, safely, and efficiently.”
The context is not new for Meta specifically. Last year, Meta AI launched an in-app feed where users could browse conversations others had with the bot; some of that publicly accessible content included medical questions and personal prompts users did not intend to broadcast widely.
Technical Details
Monica Agrawal, an assistant professor at Duke University and cofounder of Layer Health—a HIPAA-compliant AI platform used by hospitals to analyze medical charts—described the core trade-off to Wired: “The more information you give it, the more context it has about you and, potentially, it can provide better responses. But on the flip side, there are major privacy concerns to sharing your health data without protections.”
In Wired’s testing, Muse Spark described itself as “a med school professor, not your doctor” and framed its outputs as educational. When a reporter directed the bot toward extreme intermittent fasting—five days of fasting per week—the model produced a meal plan totaling approximately 500 calories on most days. It noted eating-disorder risk before generating the plan anyway. That caloric threshold falls well below what most clinical guidelines consider safe for sustained caloric restriction.
Agrawal also flagged a sycophancy problem: “A model might take the information that’s provided more as a given without questioning the assumptions that the patient inherently made when asking the question.” The model’s behavior was also inconsistent: it prompted users to strip personal identifiers before uploading lab results in some sessions but omitted that caveat in others.
Who’s Affected
Consumer users who share clinical lab results, biometric readings, or fitness tracker exports with Meta AI face the most direct exposure. Gauri Agarwal, a physician and associate professor at the University of Miami, told Wired she would not use the tool herself: “I certainly wouldn’t connect my own health information to a service that I’m not fully able to control, understand where that information is being stored, or how it’s being utilized.” She recommends confining use to lower-stakes tasks, such as preparing questions before a physician appointment.
Kenneth Goodman, founder of the University of Miami’s Institute for Bioethics and Health Policy, identified a structural driver behind demand: the cost and inaccessibility of routine medical care in the US. “You will be forgiven for going online and delegating what used to be a powerful, important personal relationship between a doctor and a patient—to a robot,” he told Wired. “I think running into that without due diligence is dangerous.”
What’s Next
A Meta spokesperson told Wired that users “are in control of what information to share” and that the company’s terms make clear they should only share what they’re comfortable with. Meta also confirmed, in a correction issued April 10, 2026, that it does not use health data to target advertising. Goodman said he wants peer-reviewed evidence that AI health tools are “beneficial for your health, not just better at answering health questions than some competitor chatbot” before endorsing them broadly. Meta has not announced third-party audits, HIPAA-equivalent safeguards, or clinical validation studies for Muse Spark’s health features ahead of its planned multi-platform rollout.
