From trying to get pregnant to then tracking a pregnancy, Amanda Munger used fertility and pregnancy apps to record the details of her family planning journey, and after her daughter arrived in late 2020, she planned to resume tracking her cycle with an app whenever her period returned.
But then, when her daughter was just 5 months old, Munger began to feel a familiar sickness. An ultrasound confirmed she was pregnant, but also revealed grim news: Her doctors couldn’t find a heartbeat and discovered a cluster of tumors in her uterus.
She was diagnosed with a molar pregnancy – a type of nonviable pregnancy that, left untreated, could cause serious health complications and even cancer. Her doctors advised her to quickly have an abortion.
“It was crushing,” said Munger, of Alexandria, Virginia. “This was still in COVID, and we were still without family and friends and an immediate support system. And that, to me, was the hardest part – trying to do it alone.”
We're making it easier for you to find stories that matter with our new newsletter — The 4Front. Sign up here and get news that is important for you to your inbox.
Doctors told her it was important to wait before trying to have another baby due to ongoing health concerns, so she opened up her period tracking app once again – this time to help ensure she didn’t get pregnant before she was ready.
As a consultant to a digital privacy watchdog group, Munger said she’s since become familiar with concerns over how much sensitive user data app developers can collect and share with third parties, especially when it comes to fem tech apps used by millions of people to track their fertility and pregnancy symptoms.
Those concerns took on new urgency following the Supreme Court’s June decision to overturn the constitutional right to abortion.
Consumer
“What it came down to is: Can law enforcement or states use the information that's in these apps to prosecute someone who's … had to have an abortion or is seeking to have an abortion?” Munger told News4.
“For me, here in Virginia, right now, it's not a huge immediate concern,” she said. “In other states, it became an immediate concern that day.”
Following the Court’s ruling, advocates took to social media to encourage women to delete their fem tech apps – warning their private information could be used against them by law enforcement or extremists if they’re suspected of having an illegal abortion in states where it’s now restricted.
While there’s little evidence that’s happened so far, UCLA School of Law’s Sapna Khatri said the fear isn’t unfounded.
“It's not just sensitive health data that could be subject to a government subpoena or end up in the hands of law enforcement or maybe an actor who is trying to criminalize abortion. It is also sensitive data like your location,” said Khatri, a clinical teaching fellow who studies the intersection of technology and reproductive justice.
Khatri explained that, while a patient’s medical information and conversations with her doctor are protected by the Health Insurance Portability and Accountability Act, there’s no similar federal law to protect data entered into a period or pregnancy tracking app. And since many apps – not just reproductive health apps – collect a user’s location data, that information could potentially be used to link a person to an abortion clinic.
“If I walk into a Planned Parenthood or an abortion clinic, technically that location data is not protected by HIPAA,” Khatri said.
“Many, many local governments in different states can access that type of location data,” she said.
A nonprofit watchdog group called the International Digital Accountability Council – for whom Munger is a consultant – investigated a variety of apps and their privacy practices last year. In a December 2021 report, it warned: “Most of the new apps that patients use to monitor their sexual and reproductive health, mental health, fitness, and weight loss are … governed by a woefully inadequate patchwork of rules enforced by a range of federal and state agencies.”
In a review of 49 fem tech apps, in particular, the IDAC found only 26 “disclosed and addressed the collection of health information directly;” 14 requested a user’s precise location data and nine revealed they share that data with advertisers, which IDAC called a “concerning practice due to the lack of obvious use cases for location data and the possible extent of location tracking.”
Khatri, the UCLA privacy advocate, said advertisers can use the data they receive from app developers to send targeted ads, which isn’t always welcome news for the app user.
“That person might be a minor. They might be living at home with their parents, and all of a sudden, they're getting ads for diapers and coupons for diapers, and now they've just been outed,” she said.
In July the U.S. House Committee on Oversight and Reform launched an investigation into the collection and sale of sensitive personal data, sending letters to 10 data brokers and app developers.
The lawmakers wrote the “collection of sensitive data could pose serious threats to those seeking reproductive care” and put “people at risk of harassment, intimidation, and even violence.”
News4 reached out to many of the companies that received those letters.
A spokesman for SafeGraph, a data brokerage firm, said in an email the company’s practices have been misrepresented in news reports, writing SafeGraph “does not sell the location data of individuals and has never sold the location data of individuals who may have visited a family planning center, despite recent shoddy reporting to the contrary.”
A representative for the app developer Glow, which also received a congressional inquiry, said it does not share or sell a user’s personal data but acknowledged there have been instances where – like many companies – it’s been legally required to respond to law enforcement.
The spokesperson wrote, “We have always examined those requests in extreme detail and take action ONLY [sic] when it is protecting our users. We will continue to uncompromisingly protect our users' privacy and personal health information.”
The Federal Trade Commission is taking notice of the privacy issue. Last year it reached a settlement with Flo Health after alleging that, despite promising to keep users’ health information private, the app developer shared data with companies like Facebook.
Flo has said the settlement is not an admission of wrongdoing and independent auditors found its practices are “consistent with its publicly stated privacy policy.” Following the Supreme Court’s decision, it unveiled a feature to allow people to use the app anonymously.
Both Khatri and Munger said it’s unrealistic to ask people to stop using these apps, especially for something as critical as tracking their reproductive health, but because of the lack of uniform federal policy governing what companies can do with data, both said it’s important for users to vet the apps as privacy policies can differ.
“There's definitely a benefit to using technology, but it's on us right now to find the privacy-protected alternative, because a lot of companies have not made that the norm,” Khatri said.
Munger – who has resumed using a fertility app as she hopes to grow her family again – called the lack of uniform privacy laws “frustrating.”
“Once again, women are being asked to shoulder the responsibility and burdens here of protecting themselves,” she said.
Tips for Vetting Fem Tech Apps
- Read the privacy policy and look for phrases like “data collection,” “subpoena” or “encryption” to understand how the app developer handles your personal information and responds to law enforcement demands.
- Look for apps that store your data on your phone instead of on servers in the cloud or allow consumers to use the app anonymously.
- Even if you delete an app, that doesn’t always delete your information. Submit a request through customer support, though outside of states such as California – which gives consumers the right to request data deletion – there are no guarantees they’ll do it.
- Avoid reproductive health apps requesting to track your location.
- When in doubt, use a search engine such as Google to vet an app’s reputation and privacy policies.
Reported by Susan Hogan, produced by Katie Leslie, and shot and edited by Steve Jones.
