Get a further 10% OFF all 'in-person' training, exam and IAPP membership - use promocode Privacy10 at checkout:     CIPP/E   |   CIPM    |    CIPT

Menstruation-tracking apps found to collect extensive data

|

by Rhema Sijuwade

Growing concerns surrounding the extensive information collected by menstruation-tracking apps

 

 

In recent years there has been growing discourse surrounding menstruation-tracking apps and the personal data that these apps collect from users. Privacy campaigners have highlighted how data such as current medication, birth control use, and sexual history is stored on these apps unnecessarily, and have suggested that only information that directly relates to menstruation should be collected. Many popular menstrual apps like Flo, MIA Fem, and Maya were found to share data with 3rd party companies for reasons such as ‘improving overall app function and user experience’. They insist that personal data is never shared outside of the app, however, researchers have found that this is not the case.

Over 3 years ago, Privacy International reported that the popular tracking app, MIA Fem was sharing intimate personal data with Facebook, causing much alarm to their users. The data included period symptoms, use of contraception, and timing of monthly cycles. This data was shared through Facebook’s Software Development Kit which utilizes user data to show targeted ads. Privacy International also found that on Maya, data was sent to Facebook upon opening the app before users were given the option to agree to the privacy policy. The BBC reported that between 2016-2019, Flo provided big tech companies with user healthcare information. However, the app claimed that this was for analytical purposes.

An additional major issue that users experienced when using these apps was the lengthy, hard-to-read privacy policies. Many users could not give their fully informed consent as it was difficult to understand what data was being collected, how it would be used, and whom it would be shared with. Many of the apps lacked general transparency.

A recent study carried out by the University of New South Wales and consumer group Choice found that some menstruation-tracking apps sell personal data to 3rd party companies, and give user data to companies that advertised in the app. Other pregnancy apps were found to collect extensive data that had no correlation to menstruation such as; financial practices, housing, and education level. More concerningly, many of these apps did not specify why they needed this information or how long they intended to keep it.

In addition to worries that this highly sensitive data may be monetized, there is also public concern that this data may be accessed by law enforcement, when considering the overturning of Roe v Wade in June 2022. There are fears that menstruation data could be used against women in States with strict abortion laws. There are questions surrounding whether apps could be forced to give over user data. With these legal developments in mind, the digital rights group Electronic Frontier Foundation, has emphasized the importance of knowledge on how data Is stored in these apps.

These fears have been given validity by a decision made, last month in Virginia, to block a bill that bans police from inspecting menstrual histories. Law enforcement will be able to obtain search warrants for menstruation data stored in period apps. Guardian writer, Richard Luscombe reported that there is increasing anxiety that this private information could be used to prosecute individuals who do not follow the relevant abortion laws.

In response to these developments and unclear privacy policies, privacy advocates have urged menstrual tracking apps to minimize the data collected from users and to keep the data for a limited amount of time. The general desire is that people are informed precisely and clearly on; why their data is collected, how it can be used, who has access to it, where it is stored, and how long their data is kept for.

 

(Photo William Hook on Unsplash)