Health apps ramp up privacy in wake of US Supreme Court’s abortion decision

A flurry of period tracking apps have released statements regarding their privacy policies in the wake of the Supreme Court’s decision to overturn citizens’ constitutional right to an abortion in the US.

After the Supreme Court’s decision to overturn the 50-year-old judicial decision Roe Vs Wade last week, there have been concerns about data protection, particularly in the 13 states which have already moved to make ending a pregnancy before term illegal.

London-based period tracking app Flo said in a tweet posted on Friday that it would soon launch a mode that allows users to access the app without providing their name or email. The statement from @flotracker also assured its users:

“We will not see your personal data….Flo will always stand up for the health of women. And to us, this means taking a pro-health stance as it relates to reproductive health which aligns with the World Health Organisation. Being able to obtain a safe abortion is a crucial part of healthcare.”

The move follows concerns that apps could be used to punish those seeking a termination, if law enforcement got hold of the data.

Another app from Silicon Valley-based Stardust has also said that it will offer end-to-end encryption, which is set to go live today.

In a statement posted on its TikTok account Stardust founder and CEO Rachel Moranis said the company had spent the past month “racing” to develop the end-to-end encryption.

“We are going to be the first period tracker to implement end to end encryption.

“We spent the last month racing to build this and what this means is that if we get subpoenaed by the government, we will not be able to hand over any of your period tracking data. It is completely anonymised from your login data. We can’t view it you are the only person who can see it.”

Meanwhile Clue, a menstrual health app developed by Berlin-based the company BioWink, has issued a statement on its site assuring American users that European law protects its communities sensitive health data.

“As a European company, Clue is obligated under the world’s strictest data privacy law, the European GDPR, to apply special protections to such health data,” it said.

“It doesn’t matter where in the world you are. If we hold your data, our obligation under European law to protect your privately tracked data is the same.

“No US Court or other authority can override that, since we are not based in the US. Our user data cannot simply be subpoenaed from the US. We are subject to the jurisdiction of the German and European courts, who apply European privacy law.”

While the company confirms that it does use “de-identified data” when used for research purposes, it added that it shares “as little information as possible” when it works with outside service providers.

Concerns

However, critics’ privacy concerns are well-founded and it is likely to take continual iterations of these apps to make them water tight when it comes to matters of privacy.

Last year Flo settled with the Federal Trade Commission over a complaint alleging the tracking app shared user data with marketing and analytics services at Facebook and Google.

Meanwhile research published by the Journal of Medical Internet Research as recent as this May found that many popular women’s health apps failed to meet basic data privacy and security standards.

The study analysed 23 of the most downloaded and highest-rated femtech apps on Apple’s App Store and Google Play by two independent reviewers on data privacy, data sharing and security assessment criteria.

Researchers found all the apps included behavioural tracking and 14 allowed location tracking. Only 16 displayed a privacy policy, and 12 requested consent from users. Three of the apps began collecting data before obtaining consent. 13 provided users with information about data security.

The review also noted that 20 of the 23 apps shared data with third parties, while researchers couldn’t determine data sharing policies from the final three.

Worryingly, the report also concluded that while European laws such as GDPR do exist to protect users, many of the most popular women’s Health apps “do not follow current practices”.

While the Roe Vs Wade decision will kick start some of these apps into addressing privacy and data sharing concerns, it’s likely to take a while before policies and technologies are in place that fully protect users and reflect current legislative changes.