Mozilla finds 18 of 25 popular reproductive health apps leak data
It’s official: your period and/or pregnancy tracker will probably share your data with law enforcement. And they might even do it on purpose.
Eighteen of 25 reproductive health apps and wearable devices reviewed by Mozilla received a *Privacy Not Included warning label – meaning they have problems when it comes to protecting users’ privacy and security.
This is especially worrisome in the post-Roe United States, where this data could be used by cops (or private bounty hunters seeking $10,000 bounties) to arrest women seeking abortion information or services in states where the procedure is now outlawed, according Jen Caltrider, Mozilla’s lead researcher.
“I keep coming back to the law-enforcement sharing,” Caltrider said in an interview with The Register. She pointed to a recent case, in which private Facebook chats between a Nebraska mother and her daughter were used by law enforcement to build a criminal case against the teen for getting a now-illegal abortion in her home state.
“It’s not exactly the same, but it’s a harbinger of things to come,” Caltrider said. “And it’s really worrisome to think that this is the world we live in, and you’re having to trust the Facebooks and the What to Expects and the Flos of the world to protect your data.”
For its latest *Privacy Not Included guide – it has compiled several of these to help consumers shop for relatively safe and less creepy products and apps that connect to the internet – Mozilla’s researchers chose ten popular period tracking apps, ten pregnancy tracking apps, and five health and fitness wearable devices that track fertility.
Eight of the period trackers reviewed – Period Tracker, Clue, Flo, My Calendar Period Tracker, Glow and Eve by Glow, Maya, Ovia Fertility and Period Calendar Period Tracker – earned a *Privacy Not Included warning label. The two that didn’t are Natural Cycles and Euki, the latter of which was the only app that earned a place in Mozilla’s “Best Of” category.
“We did include Euki – which is a privacy-focused one that has the fewest downloads of any app on our list, unfortunately – because we did want to highlight one privacy-focused app so people could see what good looks like in the sea of not-so-good,” Caltrider explained.
Euki doesn’t collect any personal information about users, and all of the data it asks users to enter about their reproductive health and sexual history is stored locally on the device. Also, if someone that you don’t want to see your reproductive health data (say, a cop or an abusive partner) asks you to open Euki, entering “0000” when you open the app will show false information.
10 out of 10 pregnancy apps slapped with warning labels
Meanwhile, all ten of the pregnancy trackers’ policies garnered warning labels – Babycenter, What to Expect, The Bump Pregnancy Tracker and Baby app, Pregnancy+, Ovia Pregnancy, PregLife Pregnancy, WebMD Pregnancy, Glow Nurture and Glow Baby, Pregnancy and Due Date Tracker, and Sprout.
The wearable devices – Garmin, Fitbit, Apple Watch, Oura Ring and Whoop Strap – performed better, with none of them earning the privacy warning label.
Researchers selected the 25 apps and wearables based on numbers of downloads, and reviews from consumer product websites and magazines – essentially looking for the ones that are most likely to be used by North American and European consumers.
“The way we picked them was by looking at what was most popular and what was most likely going to help us reach a large audience to help them understand the concerns,” Caltrider said, noting Euki as the one exception to this rule.
After choosing the apps and products to review, the team assigned warning labels to the ones that received two or more warnings on criteria such as how the company uses the data it collects – for example, buying and selling to data brokers.
Mozilla also dings companies if they don’t have a clear way for users to delete their data and if they don’t say how long they retain users’ data. Additionally, these guides look at the company’s track record of protecting users’ data.
Finally, the product must meet Mozilla’s Minimum Security Standards.
Despite the highly sensitive nature of the data collected – such as dates of menstrual cycles, ovulation windows, sexual activity, pregnancies and miscarriages – at least eight apps failed to meet even these minimum standards.
For example, My Calendar Period Tracker and Maya accept a one-digit password like “1” while Preglife, which requires a minimum of six digits, allows sequential passwords like “111111”.
What will apps share with the cops?
Equally concerning is that the majority of the apps don’t have clear guidelines on when and how much user data they will share with US law enforcement. They collect massive amounts of personal data to target users with personalized ads, but this information can also be used to locate women seeking abortions.
Personal information collected includes phone numbers, emails, postal addresses, gender, device IDs, advertizing IDs, and IP addresses, menstrual cycle length, date of last menstrual period, sexual activity, pregnancy due dates, doctors’ appointments, and pregnancy symptoms.
“Most were pretty vague in terms of if we get a request from law enforcement, we may share data, and sometimes they would mention subpoenas,” Caltrider warned. “But it was rarely clear if companies would do voluntary disclosure with law enforcement, or they would only disclose data with a court order, and how they limited scope for law enforcement or government requests.”
Ovia is one such pregnancy app that Mozilla’s team said does a good job of explaining how the company handles law enforcement requests for users’ data. Specifically, it won’t voluntarily disclose users’ data, it requires subpoenas or some other valid and legally binding court orders, and won’t provide data beyond the scope of the request.
But ultimately, the government will be able to see your due date as long as the request for data comes with a judge’s blessing.
Another pregnancy tracking app, Clue – which is developed in Germany and subject to Europe’s stricker GDPR privacy laws – outlines how the company protects user data from potential subpoenas. But there’s a geographical catch.
“With regard specifically to the United States, the information we and our processors maintain is unlikely to be the subject of inquiry by a public authority in the US that would invoke such laws that may compel a processor to hand over personal information. The risk of such disclosure, however, cannot be eliminated,” the app states.
It’s also worth noting that Mozilla researchers slapped both of these pregnancy apps – Ovia and Clue – with the privacy warning.
Anonymize everything
Natural Cycles, a Swedish-based birth control app, did not receive the privacy warning label. Caltrider said when she reached out to the company, its reps indicated that the question of what they will share with law enforcement is something they’ve been struggling with. Their solution is to completely anonymize all user data so they can’t share any of it with the cops.
“So that’s interesting and exciting to see how they’ll pull that off technically,” Caltrider told us. “I hope it’s something that if they can do it, other other companies will replicate.”
Aside from concerns about being arrested for not carrying a fetus to term, there are also the more basic privacy issues related to third parties getting hold of, and then re-selling, massive volumes of personal information.
Some apps collect additional user data via social media platforms and sell it to data brokers. And according to Mozilla, a majority of the apps reviewed also shared data for research purposes and in some cases with employers.
While none of these are abortion-specific privacy concerns, perhaps the US Supreme Court’s decision to overturn Roe vs Wade puts a finer point on the ramifications of digital surveillance. The same is true in other countries that are restricting reproductive rights.
“Is this the tipping point? We started *Privacy Not Included back in 2017, and I’ve been a privacy nerd out here wanting people to care about privacy and getting eye rolls,” Caltrider lamented. “Or I’ll get, ‘what’s the worst that can happen? These ads follow me around, and I’m OK with that. What’s the big deal?'”
Up until now, there really hasn’t been a big deal, she admitted. But now that everything from reproductive health apps to smart phones, location trackers, Google searches and Ring doorbell cameras can be used to build a case about people seeking abortions, it is a big deal.
Caltrider knows a common response to this concern is: “I’m not seeking an abortion to it doesn’t affect me.”
“It’s not really hard to think how this could be used on other issues like buying guns or financial stuff,” she said. “It’s reached a point where law enforcement and government can access this data and can use it to harass, arrest, prosecute – and it’s frightening.” ®
READ MORE HERE