Tech. Science. Culture.
We may earn a commission from links on this page

Most Pregnancy Apps Are Terrible at Keeping Your Data Private: Report

Researchers reviewed 25 various maternity apps and found 18 of them were pretty vague about how they handle pregnancy or period data.

We may earn a commission from links on this page.
A toy baby fetus on top of a small mouse pillow sitting next to a phone showing a fetal growth info and a bunch of data points.
Photo: ROBYN BECK/AFP (Getty Images)

Log on to your Apple Store or Google Play account, and you’ll find dozens of apps that say they’ll keep track of your time of the month or that’ll help you know the status of your little bun in the oven. They’re also keeping track of you, and it’s become increasingly apparent since the U.S. Supreme Court ended the right to safe abortion by overturning Roe v. Wade, many companies don’t hesitate to sell your pregnancy info to the highest bidder.

Mozilla privacy researchers dove into 25 apps, including 10 period trackers, 10 pregnancy tracking apps, and another five health apps that also have pregnancy and period tracking capabilities, to see how willing they are to part with user data, whether it’s for commercial or law enforcement purposes. Of those 25, the company stamped 18 of them with a “privacy not included” stamp.

Most apps were knocked for how they stored user data—through internal servers—as well as privacy policies that mentioned users’ data could be up for grabs. Researchers took into account how much information apps keep track of and whether those applications make specific mention of policies for dealing with law enforcement data requests.

Advertisement

The reports on individual apps were released last week, and Mozilla announced Wednesday that—overall—they found most apps did not have clear guidelines for how they will handle inquiries from cops who might be trying to prosecute women for getting or even seeking an abortion. In a statement, one of the two Privacy Not Included researchers, Misha Rykov, said: “Best practices for privacy by design have existed for a while, but most of the leading reproductive health apps chose to ignore them.”

Of all the 10 pregnancy apps considered, none met researchers’ privacy standards.

Advertisement

Jen Caltrider, the head researcher of Privacy Not Included, told Gizmodo in a Zoom interview that some apps were especially egregious. The What to Expect app, which has been lauded by sites like Forbes, “like[s] to collect as much data as they can, and they like to use that data to sell you as much stuff as they can.” Another, the Maya Fertility app, was dinged for out and out admitting it shares its data for targeted advertising.

“A lot of these companies have very vague language about if they will share this data [with law enforcement],” Caltrider said. “They don’t mention if they’re requiring a court order. They don’t clarify if they’re going to do voluntary disclosure.”

Advertisement

These apps share user data with cops if they believe there’s potentially harm to their business or to other people. The researcher asked an open but pertinent question: “In states where abortion is now illegal, does that include the fetus?”

Researchers put a special knock against the pregnancy tracking app Sprout Pregnancy, noting that the app had a very bare privacy policy only found deep in Sprout’s terms of service. That’s compared to some of Sprout’s other baby care and period tracking apps that have much better defined policies.

Advertisement

A representative for Sprout told Gizmodo in an email that the app’s privacy policy is displayed when the app is loaded for the first time, and is available on the company’s main page (you may have to squint, it’s very small and short). The company further said that any data requests would need to be submitted to Apple or Google since “all personal data is only stored on the user’s iCloud or Google Drive account only.” Though even the page the company linked to says user data is stored on its own servers, and the company “does not represent or warranty that your personal information could not become available to third parties.”

On the flip side, researchers tried to include apps that others could aspire to. They proposed users look at the nonprofit Women Help Woman International Foundation’s Euki app because it claims it stores user data locally on devices. Researchers also noted Euki allows users to show fake data in case they’re coerced to open the app.

Advertisement

Apps Have Caught Flak For Open User Data Policies

Mozilla’s not the first organization to try and comprehend how much data pregnancy-related apps are keeping on their users, and whether they’d be willing to hand over that data to police to prosecute those seeking an abortion. Other popular apps downloaded millions of times have previously been called out in reports for their open-armed approach to any law enforcement data requests.

Advertisement

That data is also likely being shared with data brokers. Abortion seekers have had their data pawned off and then reconstructed to create a profile that advertisers can use to bombard them with direct marketing. Gizmodo has previously reported on dozens of companies selling information related to pregnancies on the open data market. A good amount of the data these brokers were selling came directly from users who agreed to hand it over when signing up for coupon sites or the like, while others were modeling these user bases through shopping data analysis. Legal experts we spoke to were incredibly concerned how police or overzealous prosecutors could potentially use this commercial data to prosecute abortion cases.

So is it likely these apps are contributing to online commercial data? Well, it’s hard to determine exactly how data brokers create their user profiles without seeing each company’s individual data gathering mechanisms. Still, Mozilla researchers noted apps like WebMD Pregnancy sell their users’ data for advertising purposes. And of course, law enforcement is interested in online information for the purpose of prosecuting pregnancies. Police recently used information gleaned from Meta to help bring charges against a Nebraska teen and her mother for allegedly committing an “illegal” abortion.

Advertisement

Meta and its premiere social app Facebook have been under the microscope for a while for their open willingness to share user data, and that includes data from pregnancy apps. Researchers noted that the company behind the Flo Ovulation & Period Tracker app caught flak for sharing period data with Facebook and Google. Well, even that bad press hasn’t stopped them from sharing user data for marketing purposes, though its privacy policy does mention it requires user consent.

Even though Flo and other apps have made some announced efforts in the post-Roe age to protect data, there’s just so many ways that user information stored on apps’ internal servers could get out, whether it’s through a leak, law enforcement data request, or a court subpoena.

Advertisement

And even with the constant bad press going around, companies are unlikely to drop the lucrative business of selling consumer data when the pregnancy products market is expected to reach close to $400 million in the next five years.

“Being pregnant and about ready to give birth is a huge marketing segment,” Caltrider said. “You might be comfortable with Facebook knowing when you start your period, if you’re pregnant, or when your due date is. If you’re not, then you should be very careful with what apps you decide to use.”