For the past two months, each US state has been able to decide for itself how long women can terminate their pregnancies. After the ruling of the Supreme Court have already ten conservative-governed states Abortion is criminalized, and some women are even prosecuted after being raped. Other states will enact similarly strict laws. Millions of women in the United States no longer have the ability to legally terminate an unwanted pregnancy. Suddenly, digital data has become a danger: because location history, chat logs, cycle trackers and pregnancy apps can lead to charges.
You could say: That is frightening, but fortunately far away. In Germany, an abortion remains unpunished under certain conditions at least up to the twelfth week, fanatical abortion opponents are a vocal, but ultimately small minority. Nevertheless, there are many reasons why women in Germany should think very carefully about which apps they use to monitor their periods or plan pregnancies. This data is highly sensitive and not only of interest to law enforcement authorities in the USA, but also to advertisers in Germany. Sometimes Facebook, Google or other companies know about the pregnancy before family and close friends know.
A new study by Mozilla provides a good starting point for this decision. The non-profit foundation has been committed to data protection and data security on the Internet for more than two decades. Among other things, it developed the Firefox browser. For the Advisor”Privacy not included” researchers analyzed 25 applications and gadgets: ten apps to monitor the period, ten apps to control pregnancy and five health and fitness wearables, which can also be used to monitor fertility. The sobering result: 18 warnings and only one unconditional recommendation.
Mozilla calls the results ‘scary’
“Our research confirms that women should think twice before using most reproductive health apps,” said Ashley Boyd, Mozilla’s vice president of consumer protection. “Privacy policies are partially riddled with loopholes and they don’t adequately secure intimate data.” Her colleague Jen Caltrider calls the results “scary”. Finally, companies that collect sensitive health data need to be extra careful when it comes to security and privacy.
As a basis for the study, the researchers asked a series of questions: What permissions does the app require, what data does it collect? How much information do you have to provide to register? Can users control and delete the stored data? Does the company grant itself problematic rights in the terms of use, with whom does it share which types of data? Have there been reasons to be suspicious in the past? What about encryption and security?
Mozilla has not examined the apps and gadgets in a laboratory. The assessments are based on publicly available information such as data protection regulations, media reports and manufacturer information in the Android and iOS app stores. For each application there is an overview with the central points of criticism, answers to the most important questions and tips on which settings improve data protection.
The methodical approach seems serious, comprehensible and is documented in detail for each product in the database. Nevertheless, the study should be read like a test report by Stiftung Warentest: It is not necessarily the final score that is relevant, but the classification in the individual categories. What is a reason for a devaluation or a warning for the researchers does not have to be a problem for all users.
Only an unreserved recommendation
This is illustrated, for example, by the German app “Clue”, with which twelve million women track their cycle. Anyone who uses the app must assign a password. Clue does not require a specific length or complex combinations, even “1” is accepted. This is actually frivolous, it would make sense to protect users from their own laziness. But that doesn’t matter to women who choose a secure password. Clue says they will address the issue in one of the upcoming updates.
Still, the lack of password security is one of the reasons why Clue gets the “Privacy Not Included” warning. Mozilla also complains that information is shared with advertisers. However, this expressly excludes all health data, which is stored separately from personal data. In contrast, some apps also pass on the sensitive tracking data. “Sprout Pregnancy” doesn’t even have a privacy policy that explains how the operator handles intimate information. “Please do not use the app,” recommends Mozilla.
The pregnancy app “Babycenter” and the cycle trackers “Natural Cycles – Birth Control” and “Euki” get away with it without any warnings. The latter was developed by the NGO “Women help Women”, does not collect any personal information and only saves all data locally on the smartphone. Euki is the only app which Mozilla recommends without restrictions. Nevertheless, it has one possible disadvantage: the app is only available in English and Spanish. Mozilla’s entire investigation is also not yet available in German, but a translation should follow soon.