Do Period Tracker Apps Put Your Privacy At Risk Post Roe v. Wade?
Before Roe v. Wade was overturned on June 24, some abortion rights supporters had urged their followers on social media to delete their period tracking apps immediately. Their reason? Those apps may be selling your data on your menstrual cycle, something that could be used against you if you ever seek an abortion.
Now that Roe has been struck down, many more are worried about digital privacy on apps that collect menstrual cycle data, along with other concerns over data privacy on apps and websites. While the current legal landscape is quickly changing, some are concerned data collected on your devices could be used against you if you’re suspected of seeking an abortion in a state where it’s illegal. While the future of abortion rights and digital security is unclear, some cybersecurity experts and activists are saying the concerns over data privacy are something to take seriously.
“[These privacy concerns are] very legit,” says Jennifer Minella, the CTO of Viszen Security and a 20-year tech veteran. “What you’re looking at is the opportunity for any data, any of your personal data that [is] accessible, to be used against you, if you’re somebody who’s made that choice and gone and sought that type of medical support.”
Data entered in period tracker apps — like the timing of your period, ovulation, and recent sex — could serve as a digital diary about your fertility. But according to Minella, other sources of information like text messages, and location data could potentially be used to build a case against someone suspected of having an abortion in a state where it’s illegal. It’s important to note that, currently, just seeking information an abortion is not illegal. And, most abortion bans currently target providers, not patients. But many are concerned that as states pass new laws restricting abortion, this kind of data might be used against people — especially since it has been before.
Bethany Corbin, an attorney who consults for femtech, medtech, virtual care, and other healthcare businesses, says there are a few ways that law enforcement could access such data in states that ban abortions. The first is subpoenaing data directly from the companies themselves in an effort to show that someone sought an abortion. Another way is via data brokers, who buy and sell data, in some cases even to law enforcement according to Motherboard. The third way is through cybercriminals who hack or steal healthcare data and sell it on the dark web, where it can go for a couple of hundred dollars.
“A lot of these period tracking apps started as start-up companies and they’re really focused on racing to get to the market, commercialization of the product,” she explains. “Not necessarily as focused on privacy and security. So, some of these apps out there have weak security protections that cybercriminals are going to be able to exploit.”
And it’s not just period tracking apps; payment apps like Venmo, or Cash App could potentially be used to prove someone had an abortion, Corbin says. Data collected by such apps, such as location information could be handed over to police, depending on the company’s policy. The same goes for web browsers, since someone’s browsing history could be used against them. According to the Electronic Frontier Foundation, using a browser with increased security and adjusting your settings so browsers don’t remember search history or cookies can help keep your data safe since it will be harder to trace back to you. Minella points out that there’s no shortage of cases over the years where data is subpoenaed, either from individuals or providers.