Reproductive health apps risk privacy, study shows

Mobile phone apps.

A woman displays her mobile phone.

Photo credit: Joseph Kanyi I Nation Media Group

The data that women and girls store on mobile applications regarding their menstrual cycles and pregnancy may not be private, a new study has revealed.

The study conducted by researchers who investigate internet-based issues, Mozilla, found that most of the applications do not have privacy and security features.

The researchers analysed 10 pregnancy apps, 10 period trackers, and five reproductive health wearables and found that 18 out of the 25 were not secure.

Breaking it down, only two out of the 10 period and ovulation trackers were found safe and none of the 10 pregnancy trackers had privacy features. All the five reproductive health wearables that were investigated also had privacy issues.

“The results are grim: Most of these products collect vast amounts of personal data, and then share it widely,” said Ashley Boyd, vice president, Advocacy and Engagement, Mozilla.

She explained that the applications, just like mobile phones, laptops or any gadget, have data collection from users as the foundation of their business model.

“They can track our vital signs, where we go, when we go there, and who we are. This means that now, our surveillance economy could be used to track, harass, arrest, and even prosecute a person seeking an abortion,” she added.

However, Ms Boyd said this revelation should not be a cause for alarm for users of the applications and wearables.

“We published it for the same reason we always do: To educate and equip consumers. People shouldn’t leave this latest edition feeling discouraged. Rather, they should feel empowered — empowered about which apps to use, which to avoid, and how to judge the technologies that we use every day. Because now more than ever, consumers need to be empowered when it comes to privacy,” she explained.

Health data

In the country, medical related privacy is also bound by the law. There are about three Acts that help in regulation of health related privacy. They include; the Public Health Act 2012, the Health Act 2017 and the HIV and Aids Prevention and Control Act 2006.

A different study published by the scientific journal BMJ shows that while health data shared on applications only share limited information compared to other mobile applications, 88 per cent of them are likely to share personal data.

“About two thirds could collect advert identifiers or cookies, one third could collect a user’s email address, and about a quarter could identify the mobile phone tower to which a user’s device is connected, potentially providing information on the user’s geolocation,” said the BMJ study.

The researchers indicate that privacy risks should be articulated to patients and could be made part of application usage consent.

“This analysis found serious problems with privacy and inconsistent privacy practices in mHealth (mobile health) apps. Clinicians should be aware of these and articulate them to patients when determining the benefits and risks of mHealth apps,” the study added.