Period Tracker Apps Share Women’s Super-Sensitive Data With Facebook

Privacy International’s new findings expose various period tracker apps’ practices.

KUALA LUMPUR, Sept 13 – Period tracker apps are said to be sending users’ extremely personal data on their health and sexual practices to Facebook, according to Privacy International.

The UK-based advocacy group’s new research found that period-tracking apps like MIA Fem and Maya sent women’s use of contraception, the timings of their monthly periods, symptoms like swelling and cramps, and more, directly to Facebook, according to BuzzFeed News.

The app also shares data users enter about their use of contraception, their moods, their sexual history, such as when they’ve had sex and what kind of contraception they used, and also notes on a diarylike section with Facebook.

Facebook’s Software Development Kit (SDK) is allegedly used for the data sharing practice.

SDK allows app developers incorporate particular features and collect user data so Facebook can show them targeted ads, among other functions, so when a user puts personal information into an app, that information may be sent by the SDK to Facebook.

Facebook told BuzzFeed News it had gotten in touch with the apps Privacy International identified to discuss possible violations of its terms of service, including sending prohibited types of sensitive information.

“We have systems in place to detect and delete certain types of data such as Social Security Numbers, passwords, and other personal data, such as email or phone number. We have begun looking at ways to improve our system and products to detect and filter out more types of potentially sensitive data,” a spokesperson of Facebook said.

The practice is viewed as a serious breach of privacy and trust, as users can knowingly consent to such private information being shared with outside companies like Facebook.

“This is the kind of practice that highlights how consent isn’t a sufficient guardrail against privacy violations,” said Lindsey Barrett, a staff attorney at Georgetown Law’s Intellectual Property Rights tech clinic.

“No one reads privacy policies because they encounter too many of them for that to be reasonable, and even if they did, the policies are poorly written or won’t tell them what they need to know.”

You may also like