Fertility and cycle tracking apps are widely used and can be useful tools for people to monitor their health. But reports show regularly that, like other health apps, they fall short when it comes to protecting user privacy. That shortage is particularly worrisome for users in the US after a leaked Supreme Court opinion indicated the court plans to quash it. Roe v. Wade — abolish the right to abortion in the United States and allow states to criminalize the safe and life-saving medical procedure.
Information stored in bike-tracking apps isn’t covered by the HIPAA medical privacy law, so companies have a lot of freedom in how they use it — and who they share it with. They often share information with data brokers, advertisers and other third parties that are difficult to trace. One app, Flo, was quoted by the Federal Trade Commission for sharing data with Facebook, even after promising users to keep the data private.
To date, data from, say, cycle-tracking apps doesn’t appear to have been used to track pregnant people in the US, but data soaked up by other internet and app usage has already been used for that exact purpose.
“The fact that it’s possible is an issue we can’t ignore,” said Cynthia Conti-Cook, a technology associate with the Ford Foundation’s gender, racial and ethnic justice team, who paper 2020 on digital surveillance and abortion.
The edge contacted several popular fertility-tracking apps and products to ask if they had plans to adjust or strengthen protections around user data in response to news that abortion was likely to be illegal in many states this summer. Many companies did not specify planned changes in response to the news, but instead relied on their existing policies, which they believe protect user data.
The smart ring Oura, which has a menstrual cycle tracking feature, had no plans to share, spokesman John Kuch said in an email. Apple did not respond to a request for comment about the time period tracking feature in the Health app. Flo, the company cited by the FTC for data sharing, said in a statement from spokesperson Denae Thibault that the company underwent an audit in March 2022 that found “no weaknesses in privacy practices” and that it does not share data with third parties.
Brigid Lowney, a spokesperson for the popular period tracker Clue, said in an email to: The edge that data in the app is ‘private and secure’. “We have received messages from users who are concerned about how their data could be used by US courts if Roe vs Wade is destroyed. We fully understand this fear,” the statement said. It did not say whether the company would change or strengthen privacy protections.
Nurx, a telemedicine company that offers birth control and emergency contraception, said in a statement from spokesperson Ann Noder that it keeps patient data confidential. “We will evaluate our response to any decision in light of our mission and principles regarding access to contraception and affordability,” the statement said.
Glow said in an email from its press team that it will “continue to protect the privacy and personal health information of our users without compromise,” but did not say whether it would change its policies.
Conti-Cook says she would be skeptical of companies that claim to rigorously protect user data without seeing their business model. The data of pregnant or possibly pregnant people is valuable to advertisers and other third parties because it is a group that goes out and buys new things for a possible future child. Selling that data, or making it available to partners, is the business model for these kinds of apps, she says. “That’s the business model of all surveillance capitalism.”
And all four of those companies, along with… Oura ringsay in their privacy policies that they would share personal user data in response to subpoenas or legal obligations.
The biggest concern for legal experts right now is that a person’s data from these apps could be used against them if they are already suspected of aborting a pregnancy. But it may not end there, says Jerome Greco, a public defender in the digital forensics unit at the New York City Legal Aid Association. “I think in the future it could get broader and they could collect and analyze data to identify suspects,” he says. “I think law enforcement is more tech-savvy than ever in history and has more resources than ever.”
Most of the digital information that has been used to prosecute people for terminating a pregnancy has been Internet searches and analysis of a person’s physical phone – such as a Mississippi woman who was hospitalized after giving birth to a stillborn fetus and whose internet search history of causing a miscarriage was used to charge her with murder.
“We’ve seen cases where Google searches from women, unencrypted communications, emails and other types of messages — like Facebook Messenger — have been used against them, and social media posts,” said Conti-Cook.
It’s hard to predict what new ways states that criminalize abortion will find to use personal health records and other digital tools to prosecute people they suspect are aborting a pregnancy. But being vigilant about the hypothetical situations that may arise in the future helps people protect themselves, Conti-Cook says.
People concerned about their data being used against them in connection with abortion can take steps to protect themselves, Conti-Cook says: Don’t share your phone with police, social workers or anyone in a hospital. Use internet browsers that prevent tracking. Use encrypted texting apps to discuss sensitive topics.
“Our digital autonomy is an extension of our physical autonomy, and that’s how we need to start thinking about it,” she says.