A new report from UK-based advocacy organization Privacy International finds that menstruation apps are passing along women’s data to Facebook and others, including their contraception use, period symptoms and when they last had sex.
According to a report from Buzzfeed, data sharing with Facebook occurs through a Software Development Kit. The SDK helps apps collect data the social networking site can use in different ways, including targeted ads. In a previous report looking at some of the most popular apps in the world, Privacy International found that the majority of apps they tested immediately sent off data when users open the app, whether or not they were logged in to Facebook or even have an account. Some of these big-name apps changed their policies after PI released its report.
The Wall Street Journal earlier this year also detailed how the period tracking app known as Flo shared data with Facebook, then said it would stop. But some other apps that track users’ periods, symptoms and more are continuing to pass off sensitive information. The findings come after a wave of revelations that apps are indeed collecting and sharing data that users may not know about. It’s expanded the conversation around privacy rights and policies within the realm of technology. Are policies clear enough? Should users be solely responsible for reading and understanding said policies? Should more data be protected, particularly medical data? These are some of the questions that have surfaced. We discuss the issue on AirTalk.
We reached out to Facebook. They declined our request for an interview, but sent us this statement, attributed to Facebook spokesperson Joe Osborne:
“Contrary to BuzzFeed’s reporting, our terms of service prohibit developers from sending us sensitive health information and we enforce against them when we learn they are. In addition, ad targeting based on people’s interests does not leverage information gleaned from people’s activity across other apps or websites.”
We also reached out to the app Maya. They were not able to join us for the interview, but sent us this statement:
“Maya does not sell data to Facebook or ANY third party. We have in the past used tools from Facebook, strictly to improve our product experience. We have proactively removed these tools from all versions of the app due to concerns about privacy.
Maya is on a mission to build products that make a positive impact in the lives of women. We take pride in the trust that our users put in us and follow best practices on data privacy.”
Eva Blum-Dumontet, research officer with UK-based advocacy group Privacy International, she’s the lead researcher involved in a report that looks at data sharing from menstruation taking apps
Fred Cate, professor of law at Indiana University and senior fellow at the Center for Applied Cybersecurity Research