Commercial tracking of web users is a massive problem. Even more so, when people browse seemingly trustworthy websites (as the government’s official sites, in this case) and those leak personal information – here potentially revealing something about that user’s health or health concerns – to third parties.
Even more troubling is the potential for companies like Doubleclick, Google, Twitter, Yahoo, and others to associate this data with a person’s actual identity. Google, thanks to real name policies, certainly has information uniquely identifying someone using Google services. If a real identity is linked to the information received from healthcare.gov it would be a massive violation of privacy for users of the site.
This is also valid for private website operators on sensitive topics – if you tell a commercial tracking entity what your users are reading on your site, you might contribute to building opaque, and potentially dangerous, profiles on them that nobody can control.