| |
| | | | New *Privacy Not Included Research Finds Fertility & Pregnancy Tracking Apps Are Bad News In Our Post Roe vs Wade World Hi there,
In June, the United States Supreme Court overturned Roe vs Wade, leaving states to establish their own abortion laws. While the privacy landscape in this new, post-Roe world is still evolving, people have raised serious concerns about how data gathered by reproductive health apps could be accessed and used. So we looked into the privacy and security of 20 popular fertility, ovulation, and pregnancy tracking apps and 5 wearable devices that also can track fertility. Our research uncovered a number of concerning practices with sensitive reproductive health data. A few of our findings - 18 of the 20 reproductive health apps we reviewed earned our *Privacy Not Included warning label.
- Weak passwords ranging from “1” to “111111” were allowed on 8 or the 20 apps.
- Only one app earned our Best Of distinction – Euki, a fertility tracking app with features that include local storage of all data and a special passcode users can use to hide their reproductive health data if someone else demands access to the app on their device.
- One app, Sprout Pregnancy, didn’t even have a privacy policy, leaving users absolutely no way to know what data the app collects, how it is used, and what rights they have to protect it.
Our main concerns with these apps are: - Most of these apps collect a whole lot of reproductive health and personal data. Things like period timing, fertility windows, sexual activity, pregnancy symptoms, due dates, user location, name, email, and more. Once this data is shared in the app, users have to trust the company collecting it to secure it, keep it private, and not share it with the government, law enforcement, advertising companies, or data brokers. Overall, the apps we reviewed do not have the practices and safeguards in place to earn this level of trust.
- The majority of the apps have vague boilerplate language in their privacy policies that give no clear guideline on when and how much user data could be shared with law enforcement. However, a sliver of hope can be seen in the Ovia Fertility policy guideline which clearly articulates how they share data requests from law enforcement.
- People looking to become pregnant, who are pregnant, and who are new parents are a HUGE marketing segment for advertisers. This sort of reproductive health data is very valuable in today’s rampant data economy. Apps from popular makers like What to Expect, Babycenter, and Ovia say they can collect a huge amount of data and use and share a good amount of this data for targeted, interest-based advertising. In this new post-Roe era, this marketing data could be acquired and used for other purposes.
When we do our research here at *Privacy Not Included, we often look at who are the winners and who are the losers when it comes to these apps. Unfortunately, we feel like we’re all losing in the battle for privacy rights. The fact that nearly everything can track us these days – not only fertility and pregnancy tracking apps. And in this post-Roe time, these violations of privacy could be used to harass, arrest, and even prosecute people looking to make their own decision about their reproductive health. Significant harms, as a result of a limited (or no) digital privacy, is the scenario we've feared since we started doing our work on *Privacy Not Included back in 2017. So, what can you do? Companies collecting personal and sensitive health information need to be extra diligent when it comes to the privacy and security of the personal information they collect, especially now. Unfortunately, too many are not. This is frightening. It’s time we all demand more. It’s past time, actually. We'll be in touch about opportunities for you to push back and express your concerns about data collection and storage on these apps. In the meantime, the first step to change is to please share this important information with your friends, family, and colleagues. Thank you,
Jen Caltrider & Misha Rykov Your *Privacy Not Included Team Mozilla | |
|
|
|