Americans urged to remove period-tracking apps. Should Canadians do the same?

0

If you’re the kind of person who tracks your period, fitness, sleep, or other health metrics with an app, the privacy experts have a warning for you: your data could be a goldmine for hackers. advertisers, hackers or law enforcement.

There have been calls on social media for American women to remove period-tracking apps from their phones since the proposed U.S. Supreme Court ruling on Roe v. Wade was disclosed in early May.

With abortion now banned in at least eight statesthere are concerns that app users’ menstrual cycle data, along with other information, could be used to prosecute them for having an abortion in a state where it is no longer legal.

“I unfortunately have to tell people to get rid of [the apps]“, says Danielle Citron, professor of law at the University of Virginia School of Law.

Her concern is that data from a period tracker, along with other sources of information, could help build a case that a woman had an illegal abortion.

“You had your period on date X, you missed your period, then say, say, 20 weeks later you had your period again, and during that time your location shows that you went to a clinic either in-state or out-of-state — that’s in many ways the circumstantial evidence a prosecutor needs,” Citron said.

WATCH | Why some women may consider removing period tracking apps:

Legal expert urges American women to scrap period tracking apps

Danielle Citron, a law professor at the University of Virginia School of Law, says health data collected by smartphone apps could be used to prosecute American women for illegal abortions.

Digital privacy experts say concerns over period-tracking apps should also be a wake-up call for Canadians about how they log their own sensitive health data online.

“Simply don’t trust what companies do with your data,” says Ann Cavoukian, former Privacy Commissioner of Ontario and founder of the International Council on Privacy and Data Protection. security by design.

“They may claim to protect your privacy, not store any of your digital data, not share it with anyone, but again and again we have seen that they have it wrong. They often share it with unauthorized third parties from a manner which you have not consented to.”

Follow and share

There are thousands of period tracking apps in the Apple App Store and Google Play, each with its own privacy policy detailing how user information is stored and shared.

Abortion rights supporters demonstrate at the Mississippi Capitol in Jackson, Mississippi on June 28 after the U.S. Supreme Court overturned Roe v. Wade, ending constitutional abortion protections. Mississippi has a trigger law to ban abortion that could go into effect this week, pending a legal challenge. (Rogelio V. Solis/Associated Press)

The most sophisticated applications collect and store huge amount of databeyond the details of the menstrual cycle, to create a profile of users: everything from their name, location and if they are trying to get pregnant, to details of their sex life, exercise, medications they they take, and much more; a treasure trove for advertisers.

“When you downloaded this app, how much did you pay for it? What is your monthly subscription? If the answer is zero, if you’re not paying for the product, then you are the product,” says Ritesh Kotak, cybersecurity. and technology analyst in Toronto.

Some vintage apps explicitly tell users that their data may be shared with third-party advertisers, affiliates, business partners and even other app users – although these details are often buried in their privacy policies.

Since the Supreme Court ruling, several of the biggest vintage app companies have sought to reassure their users about their data protection measures.

Flo launched an anonymous modeso that users no longer need to share their name or email address, while Clue is committed to never transmit private health data “to any authority that could use it against you”.

However, if a company received a warrant or subpoena in the United States, it would be required to turn that data over to law enforcement, Citron says — and the same goes for Canada.

This image of the Flo period tracker app shows the app’s “pregnancy mode”. The company says it will create an anonymous option for users to protect their privacy. (Provided by Flo)

“[Police] could demand it if they have a warrant. You, the organization, are obligated to provide the data to the police,” Cavoukian said. (Clue did not respond to a request for comment.)

Experts say that even if an app promises not to share or sell user data, it’s likely monetizing that information through targeted ads that reach specific users.

“There are puns about what can and cannot be sold,” said Andrea Ford, a medical anthropologist and researcher at the University of Edinburgh who has studied period-tracking apps extensively.

“[The company] always has a profile of you as an internet user, and where you go, what you do, what other things you’re interested in – like, if you’re pregnant and want baby supplies, your data may be redirected to these channels without your personal information being sold.”

Anyone willing to ditch their period tracker should know that simply deleting the app won’t necessarily remove all of your data from their servers: some apps require you to request deletion in writingand processing your request can take weeks.

Big data tracks

Tech experts also warn against focusing too much on period trackers when many other apps also monetize private health data in various ways.

There are many other digital fingerprints that can tell more about a person’s activities, including web search results, text messages, and emailed receipts. All have been used to criminalize people who have sought abortions in the United States, Cynthia Conti-Cook, civil rights lawyer and digital evidence researcher, told the New York Times.

Google says it will automatically delete location history data showing visits to abortion clinics, among other locations, around the world. In this photo, anti-abortion protesters, left, and clinic escorts gather outside an abortion clinic in Louisville, Ky., on April 16. (Jonathan Cherry/Reuters)

Concerns about the potential for location data from women’s smartphones to be used against them prompted Google to announce that it automatically remove visits to abortion clinicsas well as a number of other destinations, from user location history.

The change will apply globally, including in Canada, a Google spokesperson told CBC News.

Personal data can also be a “very valuable commodity” for hackers, Kotak warned. He suggests using an email address that doesn’t contain your full name when signing up for an app, and providing as little personal information as possible.

Canadians concerned about how apps use their personal data can contact a privacy organization for help or file a complaint with the Office of the Federal Privacy Commissioner.

A spokesperson for Privacy Commissioner Philippe Dufresne said his office has not received any complaints about rule-tracking apps and has not investigated any of those apps.


Source link

Share.

About Author

Comments are closed.