More about data leakage from IT systems. I am a little surprised that they found 7 that did not leak
Mozilla finds 18 of 25 popular reproductive health apps leak data
It's official: your period and/or pregnancy tracker will probably share your data with law enforcement. And they might even do it on purpose.
Eighteen of 25 reproductive health apps and wearable devices reviewed by Mozilla received a
*Privacy Not Included warning label – meaning they have problems when it comes to protecting users' privacy and security.
This is especially worrisome in the
post-Roe United States, where this data could be used by cops (or private bounty hunters seeking
$10,000 bounties) to arrest women seeking abortion information or services in states where the procedure is now outlawed, according Jen Caltrider, Mozilla's lead researcher.
For its latest *Privacy Not Included guide – it has compiled several of these to help consumers shop for relatively safe and less creepy products and apps that connect to the internet – Mozilla's researchers chose ten popular period tracking apps, ten pregnancy tracking apps, and five health and fitness wearable devices that track fertility.
Eight of the period trackers reviewed – Period Tracker, Clue, Flo, My Calendar Period Tracker, Glow and Eve by Glow, Maya, Ovia Fertility and Period Calendar Period Tracker – earned a *Privacy Not Included warning label. The two that didn't are Natural Cycles and Euki, the latter of which was the only app that earned a place in Mozilla's "Best Of" category.
Euki doesn't collect any personal information about users, and all of the data it asks users to enter about their reproductive health and sexual history is stored locally on the device. Also, if someone that you don't want to see your reproductive health data (say, a cop or an abusive partner) asks you to open Euki, entering "0000" when you open the app will show false information.
Natural Cycles, a Swedish-based birth control app, did not receive the privacy warning label. Caltrider said when she reached out to the company, its reps indicated that the question of what they will share with law enforcement is something they've been struggling with. Their solution is to completely anonymize all user data so they can't share any of it with the cops.
Meanwhile, all ten of the pregnancy trackers' policies garnered warning labels – Babycenter, What to Expect, The Bump Pregnancy Tracker and Baby app, Pregnancy+, Ovia Pregnancy, PregLife Pregnancy, WebMD Pregnancy, Glow Nurture and Glow Baby, Pregnancy and Due Date Tracker, and Sprout.
Personal information collected includes phone numbers, emails, postal addresses, gender, device IDs, advertizing IDs, and IP addresses, menstrual cycle length, date of last menstrual period, sexual activity, pregnancy due dates, doctors' appointments, and pregnancy symptoms.