The Risks of Period-Tracking Apps: Should You Consider Deleting Yours?
Privacy experts have warned that period-tracking apps can be bad in terms of privacy. Law enforcement may use the data collected on these apps—along with search history and text messages—to penalize people who received an abortion.
The reasoning of why you shouldn't have a period-tracker app comes down to the protections Roe v. Wade conferred. The lack of these protections, in conjunction with a lack of meaningful data privacy protection laws in the U.S., may put people at risk.
Privacy experts have advised people to delete their period-tracking apps and opt for something safer, given all the uncertainty and risks. Most of these apps are considered lifestyle apps, which aren't protected by law.
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) provides privacy standards to protect medical records and other health information. This information is typically only shared with healthcare providers, hospitals, and insurance companies. HIPAA doesn't cover lifestyle apps like period-tracking apps.
Some period-tracking apps have stated they anonymize users' data before sharing it with third parties. It's still a good idea to turn off location tracking on your phone if you plan to visit a health clinic in a state that bans abortion.
It's incredibly easy to re-identify this information. 'The idea that your health information is being anonymized is so incredibly misleading,' Danielle Citron, JD, an expert in privacy law at the University of Virginia, told Health.
There's little to no protection for this personal and private data stored by period-tracking apps. It's an extremely real concern that companies can buy and use private information to penalize people who provide or receive an abortion in a state that prohibits it.
'Essentially, an app can collect whatever data it wants on you and store that data indefinitely and sell it to a third party if they so desire, like a data broker, in most states without any restrictions whatsoever,' Lia Holland, campaigns and communications director for the non-profit advocacy group Fight for the Future, told Health.
Data brokers have packaged cell phone location data so people can buy and see whose phones have been around a Planned Parenthood clinic. A report released by the Surveillance Technology Oversight Project found that anti-abortion groups have tracked people's search history, location, messaging, and online activity. This information can identify people suspected of seeking an abortion.
Law enforcement can also access your data—which could include everything from a missed period to your location—as a form of evidence. 'That certainly can be obtained through a subpoena or warrant,' said Citron.
Privacy isn't only a concern for those who live in states with abortion bans. Law enforcement in restrictive states can access data from more liberal states. Phone surveillance data also tracks whose phones we associate with or communicate with often. This is why the same ads may target you and your friends when you're interacting frequently.
Apps that track your periods can be extremely useful tools to track and understand our reproductive health. There's an urgent need for lawmakers to act and pass legislation protecting our digital privacy. Companies also need to step up and commit to protecting (and not selling) health data.
Privacy experts have sounded the alarm on this issue but have been minimal action. The My Body, My Data Act was introduced on May 17, 2023, to protect personal reproductive health data. The bill would prohibit companies from collecting, disclosing, or misusing reproductive health data collected on websites and apps.
The Health and Location Data Protection Act, introduced on June 15, 2022, would ban brokers from selling location and health data and allow people to sue. However, even if adopted, this legislation would not solve all privacy issues.
Some period apps are safer than others, such as Drip, Euki, or Periodical (not available on iOS). These apps store data locally on your phone rather than uploading it to the cloud (in which case the app owns, controls, and stores your data).
You can also use the Apple HealthKit if you have an iPhone. 'The reason is that Apple put a lot of thought into encrypting data when it is sent over the network and when it is stored so that even Apple can't access your data,' Jason Hong, PhD, a privacy and security expert at Carnegie Mellon University, told Health.
Law enforcement, data brokers, or private citizens wouldn't be able to buy your data since it lives on your phone. It's worth mentioning that law enforcement can potentially obtain your cell phone for evidence if you were involved in a legal case, said Citron.
You may have to do more than just remove the app from your phone. It's a good idea to also request the companies delete data about you. Only California has a requirement in place that requires companies to delete data if users request it in the United States.
Other ways to protect your data include:
Period-tracking apps can be bad in terms of privacy. The data stored on these apps, as well as search history and text messages, may be easy for people to access. Law enforcement may use this information to penalize people who receive an abortion and healthcare providers who perform the procedure.
You may take steps to protect your data: Delete period-tracking apps and use encrypted services. It's also important to talk about abortion care and reproductive health with a trusted professional if possible.