Log on to your Apple Store or Google Play account, and you’ll find dozens of apps that say they’ll keep track of your time of the month or that’ll help you know the status of your little bun in the oven. They’re also keeping track of you, and it’s become increasingly apparent since the U.S. Supreme Court ended the right to safe abortion by overturning Roe v. Wade, many companies don’t hesitate to sell your pregnancy info to the highest bidder.
Mozilla privacy researchers dove into 25 apps, including 10 period trackers, 10 pregnancy tracking apps, and another five health apps that also have pregnancy and period tracking capabilities, to see how willing they are to part with user data, whether it’s for commercial or law enforcement purposes. Of those 25, the company stamped 18 of them with a “privacy not included” stamp.
Most apps were knocked for how they stored user data—through internal servers—as well as privacy policies that mentioned users’ data could be up for grabs. Researchers took into account how much information apps keep track of and whether those applications make specific mention of policies for dealing with law enforcement data requests.
The reports on individual apps were released last week, and Mozilla announced Wednesday that—overall—they found most apps did not have clear guidelines for how they will handle inquiries from cops who might be trying to prosecute women for getting or even seeking an abortion. In a statement, one of the two Privacy Not Included researchers, Misha Rykov, said: “Best practices for privacy by design have existed for a while, but most of the leading reproductive health apps chose to ignore them.”
Of all the 10 pregnancy apps considered, none met researchers’ privacy standards.
Jen Caltrider, the head researcher of Privacy Not Included, told Gizmodo in a Zoom interview that some apps were especially egregious. The What to Expect app, which has been lauded by sites like Forbes, “like[s] to collect as much data as they can, and they like to use that data to sell you as much stuff as they can.” Another, the Maya Fertility app, was dinged for out and out admitting it shares its data for targeted advertising.
“A lot of these companies have very vague language about if they will share this data [with law enforcement],” Caltrider said. “They don’t mention if they’re requiring a court order. They don’t clarify if they’re going to do voluntary disclosure.”
These apps share user data with cops if they believe there’s potentially harm to their business or to other people. The researcher asked an open but pertinent question: “In states where abortion is now illegal, does that include the fetus?”
On the flip side, researchers tried to include apps that others could aspire to. They proposed users look at the nonprofit Women Help Woman International Foundation’s Euki app because it claims it stores user data locally on devices. Researchers also noted Euki allows users to show fake data in case they’re coerced to open the app.
Mozilla’s not the first organization to try and comprehend how much data pregnancy-related apps are keeping on their users, and whether they’d be willing to hand over that data to police to prosecute those seeking an abortion. Other popular apps downloaded millions of times have previously been called out in reports for their open-armed approach to any law enforcement data requests.
That data is also likely being shared with data brokers. Abortion seekers have had their data pawned off and then reconstructed to create a profile that advertisers can use to bombard them with direct marketing. Gizmodo has previously reported on dozens of companies selling information related to pregnancies on the open data market. A good amount of the data these brokers were selling came directly from users who agreed to hand it over when signing up for coupon sites or the like, while others were modeling these user bases through shopping data analysis. Legal experts we spoke to were incredibly concerned how police or overzealous prosecutors could potentially use this commercial data to prosecute abortion cases.
So is it likely these apps are contributing to online commercial data? Well, it’s hard to determine exactly how data brokers create their user profiles without seeing each company’s individual data gathering mechanisms. Still, Mozilla researchers noted apps like WebMD Pregnancy sell their users’ data for advertising purposes. And of course, law enforcement is interested in online information for the purpose of prosecuting pregnancies. Police recently used information gleaned from Meta to help bring charges against a Nebraska teen and her mother for allegedly committing an “illegal” abortion.
Even though Flo and other apps have made some announced efforts in the post-Roe age to protect data, there’s just so many ways that user information stored on apps’ internal servers could get out, whether it’s through a leak, law enforcement data request, or a court subpoena.
And even with the constant bad press going around, companies are unlikely to drop the lucrative business of selling consumer data when the pregnancy products market is expected to reach close to $400 million in the next five years.
“Being pregnant and about ready to give birth is a huge marketing segment,” Caltrider said. “You might be comfortable with Facebook knowing when you start your period, if you’re pregnant, or when your due date is. If you’re not, then you should be very careful with what apps you decide to use.”