Many American women in recent days have deleted cycle tracking apps from their cell phones amid fears that data collected from the apps could be used against them in future criminal cases in states where abortions have become illegal.
The trend began last month when a draft Supreme Court ruling that suggested the court should overturn Roe v. Wade expired and intensified after a court overturned federal abortion law on Friday.
These fears are not unfounded. As with various other applications, bicycle trackers collect, store and sometimes share some of their users’ data. In a country where abortion is a crime, prosecutors may request information gathered from these applications when instituting proceedings against someone. “If they try to prosecute a woman for illegal abortion, they can call any application to their device, including tracking periods,” said Sarah Spector, a Texas-based criminal defense attorney and former prosecutor.
“But each company has its own individual storage and privacy policy on how it uses and how long it stores data,” added Spector.
Bicycle trackers are popular for a reason. Nearly a third of American women use them, according to a 2019 study published by the Kaiser Family Foundation. They have helped make life easier for women in many ways, from family planning and finding early signs of health problems to choosing the perfect time to rest.
A 2019 study published in the British Medical Journal (BMJ) found that 79% of health apps available through the Google Play store that are related to medicine, including apps that help manage medications, adhere to medications or prescribing information, regularly shared user data and were “far from transparent”. But many of the big players have made progress in recent years.
The Berlin-based period tracking application Clue says it does not store sensitive personal data without the explicit permission of the user. Photo: Piotr Swat / Alamy
Two of the most popular tracking periods in the United States, Flo and Clue, have a total of more than 55 million users. The Berlin-based Clue application said it was “committed” to protecting users’ personal health data and operating under strict European GDPR laws. The company’s website says the app collects device data, events and usage data, in addition to the user’s IP address, health and sensitive data, which it can use to improve the app, services and prevent abuse of its service. But Clue does not track the exact location of users and says it does not store sensitive personal data without the user’s explicit permission. The company also tweeted that it would have a “basic legal obligation under European law” not to disclose any personal health data and “will not respond to any request for disclosure or attempt to summon the health data of their users from the US authorities.”
But just because the data is being processed by a European company does not mean it is fully immune from prosecution in the United States, said Lucy Audibert, a lawyer with Privacy International, a global NGO that investigates, prosecutes and advocates for technology abuse and data from governments and corporations.
“The fact that the GDPR applies is not so relevant in this case. When it comes to a legitimate request from the US authorities, European companies usually comply. In addition, a European company can host data outside the EU, making it subject to different legal frameworks and cross-border agreements, ”added Audibert. She also stressed that the use of a European-based application will not protect women from the courts, which ask for data directly from them. But it may be a slightly better option than using a US-based one, because US companies are more easily forced to comply with the demands of US authorities and courts. It is more difficult to implement than the European ones.
Flo has been criticized for sharing data with its users before. The company says on its website that it uses data “for research activities only” and that it only uses “unidentified or aggregated data that cannot be linked” to specific users. But an investigation by the Wall Street Journal found that the app informs Facebook when a user is menstruating or intending to become pregnant. In 2021, the Federal Trade Commission (FTC) reached an agreement with Flo. Under the agreement, Flo must undergo an independent review of its privacy policy and obtain user permissions before sharing personal health information. Flo did not admit any violation.
On Friday, Flo announced that it will soon launch “Anonymous Mode”, which can help preserve user data in all circumstances.
The company did not respond to a request for comment.
Any application where there is a company [that could receive a subpoena] has access to its users’ data, may make it vulnerable to a legal claim by Evan Greer
A relatively new, astrology-focused periodic tracker, Stardust, has become the most downloaded free iOS app in the days following the Supreme Court ruling. Stardust’s biography on Twitter says it’s a “privacy tracking app.” But according to Vice News, the company states in its privacy policy that if the authorities request user data, it will comply, whether required by law or not. It says the data is “anonymous” and “encrypted”.
“We may disclose your anonymized, encrypted information to third parties to protect the legal rights, safety and security of the company and users of our services; to apply our terms of service; fraud prevention; and comply with or respond to law enforcement or a lawsuit or request for cooperation from a government or other entity, whether required by law or not, ”their privacy policy said Monday.
Following Vice’s request for comment, Stardust changed its privacy policy to omit the phrase “law enforcement cooperation, whether required by law” or “when required by law.”
Stardust did not respond immediately to a request for comment.
Planned Parenthood encourages people to use their Spot On app. “People who want to track their periods and birth control always have the opportunity to remain anonymous using the Spot On app without creating an account,” the organization said in a statement. “In this way, menstruation or birth control data is only stored locally on a person’s phone and can be deleted at any time by deleting the application.”
Third-party applications are not the only option when it comes to tracking periods. Apple has built-in cycle tracking in the Health app, which offers more privacy than most external apps. With just a few steps, a person can turn off the storage of their health data in iCloud and also has the option to store the encrypted data on their computer or phone.
Evan Greer, deputy director of the nonprofit advocacy group Fight for the Future, said the best way to protect sensitive health data is to use only applications that store data locally, not in the cloud. “Because any application where there is a company [that could receive a subpoena] has access to its users’ data, may make it vulnerable to a legal claim. “
Apple’s Health app has built-in bike tracking that offers users privacy. Photo: Richard Shepard / Alami
Eva Bloom-Dumontet, a technology policy consultant, said: “It is normal in times of anxiety for people to look differently at the technologies and applications we trust.
“I think when there is a discourse about whether women should delete these applications, we need to think about why they use them in the first place,” Bloom-Dumont said. “These trackers help them manage their menstrual cycle when they are in pain.”
Blum-Dumontet emphasized that instead of asking consumers to change their behavior, “it is the follow-up periods that need to change their practices”.
“They never had to have so much data in the first place. If we adopted practices such as local data storage and minimizing data to what is strictly necessary, we would not be leading this debate now. It’s not too late to do the right thing, “she said.
“Companies that profit from women’s bodies need to think very carefully about how to protect their consumers,” she continued. Not all of them have been the best in the past when it comes to data sharing. “The only way they can survive in this market, the only way they can become reliable, is by improving their privacy policy and giving consumers more control over their data,” she said. “If any of these applications are to be used in court against their users, it will not be a good PR for them.”
Melissa, a 27-year-old mother from Texas who uses only her own name to avoid jeopardizing her job, said she deleted the app because she feared that when she traveled, her state could use the data for the missed period against her.
“I will miss using the application so much. I have used it for so many things, such as tracking ovulation or predicting changes in my mood. “Sometimes I wake up with a feeling of irritation and I don’t know why until my app tells me that this may be normal at this point in my cycle,” she added. Melissa also says she would like to use it for future conceptions, but can’t now.
Although most of Friday’s warnings were aimed only at tracking periods, these are not the only applications that can be used against consumers when it comes to prosecution, experts warned.
“Google Maps or any game on your phone can be just as easily armed against someone as a menstrual tracking app,” Greer said. “Although we need to educate each other and take precautions, it is not right to transfer responsibility solely to individuals. Companies and legislators must act immediately to protect people. “
Concerns about period tracking data are part of a broader conversation about the amount of personal information smartphones collect. Women’s rights organizations around the world warn consumers to be more careful about their digital presence, not just when it comes to …
Add Comment