Find us @

Feature

Data from apps wildly popular for tracking week-by-week fertility and pregnancy could be used to prosecute pregnant people

An ethical fashion report determined that many of the apps tested were vague about what data they shared with law enforcement officers.

Published

on

A new report highlights the potential legal risk to people seeking an abortion, pointing out that many popular reproductive health apps fail to protect users’ data privacy.

Researchers from the non-profit Mozilla Foundation looked at 20 of the most popular period-tracking and pregnancy-tracking apps and found that 18 of them engaged in data collection practices that raised privacy or security concerns. Five fertility-tracking wearables were also considered, but the report found no cause for alarm about the devices’ potential data collection.

According to Jen Caltrider, lead researcher for Mozilla’s “Privacy Not Included” buyers’ guide for connected consumer products, many of the apps had ambiguous privacy policies that did not spell out what data could be shared with government agencies or law enforcement.

Companies should publicly commit to handling data requests from law enforcement, she said, by requiring a court order or subpoena before handing over any data, narrowing requests as much as possible, and alerting users about any requests.

The Health Insurance Portability and Accountability Act (HIPAA) governs how health providers and other entities must treat patients’ data, but experts have said that the data entered into most period-tracking apps is not subject to HIPAA. When users are required to put their faith in a company’s protection of their data without knowing exactly what data are being shared, with whom, and under what conditions, it is clear that the company has not taken the necessary steps to ensure users’ privacy.

Very rapidly, the sky turns a dark gray and the ground becomes icy “Says Caltrider. “To know for sure what is being shared and with whom is incredibly difficult.

As a result of the Supreme Court’s decision to overturn Roe v. Wade, some states have taken steps to criminalize abortion.

In California, where abortion is still legal, citizens have some privacy protections. Personal information collected from California residents is subject to their access, deletion, and choice, as guaranteed by the state’s “Shine the Light” law.

“Small health apps that are collecting health information or even the Fitbit that your doctor tells you to wear may not be covered under HIPAA, but they are most likely covered under California law,” explained Ashkan Soltani, executive director of the California Privacy Protection Agency, which implements and enforces the state’s consumer privacy laws.

Moreover, in 2019, Californians will be afforded even greater safeguards, such as limitations on a company’s ability to collect data for purposes other than its primary function.

Visitors from other states who come to California for an abortion are not covered by these laws. However, Soltani speculated that it could provide additional privacy safeguards for California consumers who cross state lines.

The Mozilla report found that some apps permitted weak passwords and were not transparent about the algorithms used to predict ovulation and fertility cycles.

Caltrider argues that many consumers don’t take adequate precautions to safeguard their personal information because they either don’t know how or don’t see a pressing need to do so. But this is a “tipping point,” she warned, because the commercialization of user data will only increase from here on out.

“When abortion was outlawed the last time, the internet didn’t exist. Not even the presence of digital surveillance cameras “In the words of Caltrider. “The time is at this point. It’s high time we give serious thought to the fact that privacy invasions can cause real harm.”

This article was originally published in the Los Angeles Times.