In a landmark decision, the United States Supreme Court overturned Roe v. Wade, rewriting history in its worst sense by placing a woman’s right to abortion in the hands of the state.
After the decision, many women in the US immediately jumped into action, deleting menstrual-tracking apps and urging other women to do the same regarding privacy concerns.
Period tracking apps are very convenient, offering features that help women record their menstrual cycles, recognize irregular patterns, track ovulation dates, log birth control pills, and much more. You can get useful insights and predictions about your menstrual wellness, and all your period data can be shared with your doctor in a few seconds since it is stored in the cloud.
Unfortunately, this also means that all of your menstrual cycle data can easily be collected by third parties. In a post-Ro world, this can cause legal repercussions for many women. To prevent menstrual data from falling into the wrong hands, menstruating individuals have resorted to deleting these tracking apps from their phones.
Giving up such a useful medical tool is a huge sacrifice, leaving menstruating women with no other option except for traditional means such as maintaining physical paper journals.
Now, and I mean this moment, delete every digital trace of any menstrual tracker. Excuse me.June 24, 2022
But is deleting a period tracking app really the answer? Why do we deprive women of rest at the expense of others? The whole situation is unfair, chaotic and inevitable, and it begs us to ask the question: What can a woman do to preserve her privacy and rights? Is deleting a period tracking app really the right answer – or just?
To understand the depth of the matter, we have to look at the process a government agency has to go through in order to get started with getting your period data in the first place. There are many variables here, including which individual menstrual tracking app you use, how it relates to your legal identity, and above all, what would lead a trusted person to look at your profile in the first place.
How easy is it for a government to find a potential violator of the law?
First, we have to understand the steps a government entity has to take in order to obtain a set of your menstrual cycle data from the company. A procedure must be followed, but before it all begins, the government must have good reason to suspect that you have committed a crime or broken the law.
Legally speaking, they cannot monitor everyone to determine the effects of potential violations, as this is against your Fourth Amendment rights. In addition, it also takes a lot of resources to do so. To set hounds on your trail, something should trigger them to want to look at their menstrual records.
The only reasonable explanation is that someone should report the authorities to the authorities to begin to suspect you. It could be your doctor, your local pharmacy, or even someone close to you.
As Kendra Albert, Clinical Instructor at Cyberlaw Clinic aptly says, the first and most significant threat an individual may face when reporting an illegal miscarriage is probably a third party, not a period-tracking app.
“The biggest threat to criminalization is that a third party (such as hospital staff or a relative) reports pregnancy results to the police – not that the police find menstrual data in a database,” she wrote.
How the government collects your data legally
It is not easy for the government to go to an app development company and ask them to hand over your data. They must have reasonable grounds to suspect that you have violated state law.
Then they must prove it in court using sufficient evidence and obtain a warrant that enables them to legally obtain a set of menstrual cycle data. If the judge is satisfied that the evidence is satisfactory, based on probable cause, he can issue an order or a subpoena based on the case in question.
Having been equipped with a court order, the government can then provide this authorization to the company. After a company receives a search warrant or court order, it is legally obligated to comply with the requests of the government entity.
However, this is within reason, and some companies such as Google already have the ability to deny a request to a certain extent, or selectively release sets of data related to the request without revealing any other personal data to preserve your privacy as much as possible.
It’s not just menstrual tracking apps that paint a picture of who you are or your online presence. Lots of other information can be used and collected from many different places to then be used as evidence against you, should you break the law. This includes your IP address, your email ID, GPS location data, your Google search history, and even your purchase history.
All of these things are like little dots that connect who you are on the Internet and keep track of what you do and don’t do, and work in tandem to create your personally identifiable information (PII).
This information is not only obtained from menstrual cycle apps. It can be collected from many different places, apart from your smartphone and computer, including the web, medical records, credit card history, CCTV footage, and even wearable devices like fitness trackers and smartwatches.
Are foreign menstrual apps a safer alternative?
When Roe vs.Wade was canceled, a lot of women started looking for foreign alternatives like the German period tracking app called Clue. The assumption here is that a non-US app developer does not fall under the jurisdiction of the United States, thus protecting user data from the authorities.
While there is some truth in that, you have to look at the laws governing the app in question to understand the extent of this protection.
For everyone who uses time period tracking apps: As far as I know, clue is the only popular European app so if you don’t use the guide, go with it and delete any data you have from other apps. Keep your data safe and anonymous. Clue said they will keep your data safe <3June 24, 2022
The European Union regulates Clue, and the appropriate law governing data privacy and security in the European Union is the General Data Protection Regulation (GDPR). Yes, it would be very difficult for the US government to get your period data if it had to go through the European Union, but it is not impossible.
So if the US wants to get someone’s data on Clue, they will have to follow the General Data Protection Regulation (GDPR). It would be an incredibly lengthy and lengthy process, which would make it difficult for the US government to obtain PMS data. Of course, this will require the help of a member of the European Union to support the United States, which is unlikely, but the possibility exists.
What can app developers do to protect menstrual data?
Now that you understand how the government will actually proceed to obtain your data, and what might actually drive them down this path of investigation with you, what can be done about it? Should we all delete all period tracking apps and go back to the actual journals?
Keeping menstrual cycle records is related to women’s health, which makes it a necessary task for many individuals. It is incredibly useful and sometimes mandatory for people with various conditions.
Security and privacy expert Chris Stahele, director of US engineering at a Norwegian app security company called Promon, commented on the issue. Stahlei explained that using any particular app to track health information is a personal decision that the user must make. The user should think seriously about the implications of what they do, and look closely at each individual application and its privacy statement.
“As consumers, we have to make personal decisions about the privacy of our data on a regular basis. Period tracking apps are no different. It’s important to understand the terms and conditions of any online transaction, and weigh the risks against the benefits,” he says. “Ultimately, using any particular app to track health information is a personal decision that the user has to make, knowing that this data can (and may) be used against them.”
According to Stahlei, enhancing application security is very feasible. The burden of duty falls on the companies that manufacture period tracking apps. There are some simple steps a menstrual tracking app developer can take to implement real security and privacy controls for user data. As an expert in his field, he recommends the following changes to bring better security to users of time period apps:
- Application providers can use aggregate data encryption (where data can only be decrypted by the user)
- Option to store local data only (as the data is stored on the local machine only)
- Anonymous data collection (where a user’s personally identifiable information is separated from health data)
Application developers have the power and ability to make these changes. Some companies have already started releasing useful features that resonate with Stahlei’s recommendation.
Flo, a menstrual cycle tracker with a focus on fertility, announced the “unknown status” days after flipping Roe v. Wade. Other companies have stepped up, too, simplifying their terms and conditions to assure users, how their data is used for commercial purposes.
At the end of the day, period app development companies have a responsibility to handle their users’ data with care. They need to make sure they are taking the necessary steps to protect your rights. App creators can roll out privacy-focused features like data encryption, anonymous modes, and offline storage options for their platforms.
Menstrual app companies should also be very transparent about what they do with your data. This can be achieved by simplifying boring privacy statements and lengthy terms and conditions designed to make the user skip ahead, without fully understanding what they agreed to. It’s not really that difficult, because these are real solutions that can be implemented in the real world.
Until the day these straightforward changes are widely adopted, users will have to put in the hard work. Do your homework, and read those long terms and agreements, because your data can be used against you in unimaginable ways. Don’t limit these security measures to period trackers, but apply them to every piece of technology you delve into, because none of them can be tracked.