- Key issues
- Privacy
- Protect
What do women’s health apps do with your data?
Millions of women use health apps every day. Apps to track menstrual cycles, for weight monitoring, and even apps to help navigate life with breast cancer. The apps collect a large amount of intimate personal data, but it’s very private and women need to make sure they have control of it. In the light of the recent Supreme Court decision to overturn Roe v Wade, women need to fight to keep control of their own health.By Rightly
5 min read
Many health apps focused on women are genuinely useful. But, in order for them to function they collect a large amount of intimate personal data, some of which wouldn't even be shared with close friends or family. So, if it’s your data, it’s important you have control over who has it, who has access to it and the ability to delete it from anywhere you don’t want it to be any more.
Of course it depends on the app, but the information that women's health apps typically collect may include:
- Name & address
- Gender and date of birth
- Place of residence
- Cookies and IP address
- Menstrual activity and cycle dates
- Sexual activity and sexual health
- Fertility and pregnancy plans
- Sexual orientation
- Cervical mucus quality
- Contraceptive history
- Sleep activity
- Health diagnoses and medications
- Details of partners and children
- Dietary restrictions
- Fitness level and heart rate
- Whether you want to prevent or plan a pregnancy
- Contraceptives history
- Body temperature, menstruation and intercourse data
- Ovulation, pregnancy test results and personal notes
- ‘Usage data’ such as traffic data and the features you access
- Whether or not you have an active prescription
- Abortion history
While this information might be necessary for the app to function properly, what most apps don't always say is that they share a lot of this information with third parties. Just as these details are personal, they can be equally as valuable to advertisers.
It’s not only advertisers. Since the US Supreme Court overturned Roe v Wade, security of women’s reproductive data has become even more sensitive. There are fears that authorities in certain states will attempt to track women’s cycles, medication including contraception and search history looking for medical support, with the intention of prosecuting women as a means to control their bodies. This sounds sinister, but it’s a real fear and not limited to the United States. Hard right religious groups in the UK have been making similar suggestions. So take care of your data and think about where it’s held.
Why is women's health data so valuable?
One of the reasons it's so valuable to advertisers is because it allows them to target you more effectively. It allows advertisers to understand exactly what you feel, why you're feeling it and when you do.
What do the most popular health apps, like Flo and Clue, collect about you?
Period tracking apps can help demystify the reproductive cycle and explain why you may feel a certain way some days and when in the month you are most and least fertile.
Everyday, women’s health apps ask millions of users to enter intimate data about their bodies such as their libido, weight, length of periods, vaginal discharge, and mood.
Some offer the option to join a community of like-minded women to have open and honest conversations about fertility, contraception and more. Others have tools to assess a user’s risk of PCOS, a hormonal disorder that can affect a woman's fertility.
Do the apps share your data with third parties for advertising purposes?
Yes. It varies, but typically they share:
- Your IP address (which may also provide general location information), User agent, IDFA (Identifier for advertisers), Android ID (in Android devices), Google Advertiser ID, Customer-issued user ID and other similar unique technical identifiers
- Your age group
- Your subscription status
- ‘Health and sex data’; whether you want to prevent or plan a pregnancy, contraceptives history, body temperature, menstruation and intercourse data, ovulation, pregnancy test results and personal notes
- ‘Usage data’ such as traffic data and the features you access
- Name, address, date of birth, email, phone number and IP address
- Whether or not you have an active prescription
Who do they share it with?
They share your data with the some or several of the following companies:
- AppsFlyer
- Snapchat
- Amazon
- Apple
- Snapchat
- Google Adsense
- Adjust
Some also say that they share your data with ‘carefully-selected health researchers at a trusted research institution’, and one says that they ‘don’t make any money from this’.
In 2020, The Guardian reported how menstruation apps such as Flo store excessive data on its users, especially since Flo even stores a users’ notes section, where they can include intimate details about their personal life.
By their nature, fertility apps collect some of the most intimate personal data. Other very private apps are designed to help deal with breast cancer diagnosis and treatment.
What is metadata, and why is it a problem that these apps share it?
Metadata is any information that can reveal answers to questions like who, what, when and why? Health apps share your 'metadata' with advertisers. Sharing your metadata can include your IP location address and the times you opened and closed the app.
For instance, if you've visited a sexual health clinic, the app will inform advertisers on how often and why you visited, based on other information linked to you. Or, you might have a favourite song that you listen to on repeat. The app in question would provide advertisers with the name and genre of your favourite song as well as how often you listen to it. The only thing it wouldn't share would be the song tune itself!
Minor as it may seem, the accumulation of such data can provide advertisers with a detailed and revealing user profile. In the past, metadata shares have enabled advertisers to gain information on users' political inclinations, health status, family relationship and financial status.
How secure is your data?
Your data is not just at risk from unwanted sharing by the apps. Health apps and websites have suffered their share of data losses too. Sometimes these are full blown data breaches where hackers have got inside systems and stolen data to then sell it on the dark web. Putting together profiles on individuals from data stolen from a variety of sources is a scammer's dream, because it enables them to create successful scams or even full blown identity theft. Companies behind health apps and websites have been known to have data leaks by mistake as well as being victims of hackers.
What can you do?
Quite simply, if the health apps and websites don’t have your data, they can’t share it and they can’t lose it. The easiest way to get it completely erased from companies that no longer need it is to use our Rightly Protect service that can identify who has your data and send a deletion request, to multiple companies in one go and for free. The companies must respond within 30 days and execute your legal right to have your data completely erased.
Related Articles
- Privacy
6 min read
Men's health apps... are they good for you?
It’s International Men’s Health Week, 13-19 June. There’s growing interest in apps that help men monitor their health and fitness and these apps gather enormous amounts of personal data. But what happens if that data is lost, or accessed by third parties or shared without your knowledge or consent? How safe are men's health apps and are they putting your privacy and online safety at risk?.
- News
5 min read
Your rights and GDPR 4 years on
As we near the fourth anniversary of GDPR, we ask what it is, and has it done what it was supposed to do? Are we better protected now or has the introduction of the GDPR been a damp squib? Despite GDPR, should we take precautions to prevent data loss?