Period App Data Breach: Details of Women’s Sexual Lives Leaked
“In India, leaking information on women’s sexual lives, can be devastating,” say experts.
Every woman and menstruating person knows this - tracking your period is hard. So period tracker apps, that do the work for you and advise you on your cycle, contraception use, dealing with PMS and more, seem like a godsend.
It goes without saying that confidentiality should be paramount in sensitive medical data, but a new, damning report by UK-based advocacy group Privacy International has revealed that Bangalore-based period tracker app Maya and Cyprus-based MIA Fem have been sharing your data with Facebook.
This is especially dubious as it means that the app shared users’ personal medical, sexual and lifestyle data, everything about your fertility, period cycles, your contraception use, your PMS symptoms and history and more.
Speaking to FIT, Tripti Jain, an independent researcher and ex-counselor at Software Freedom Law Center, said,
“In India’s cultural fabric, questions about a woman’s sexual life, especially an unmarried woman’s, can have devastating effects if leaked.”
According to the report,
“When Maya asks you to enter how you feel and offers suggestions of symptoms you might have - suggestions like blood pressure, swelling or acne - one would hope this data would be treated with extra care. But no, that information is shared with Facebook.”
What Does This Mean for Women?
“MIA asks it’s users to share details they can’t share with anyone else and claims to be a safe space for things you are afraid to say, but by sharing the data they are misleading people into believing what they say is private,” says Jain.
“That means they never took the consent in the first place, and immediately started monitoring you. Even just data like the fact that you are a woman of menstruating age interested in an app like this is private information.”
We share sacred, never-shared-before things and intimate details with the app like the heaviness of our flow and grisly details of the pain and more. So a breach of sensitive data is a huge problem. As the report says, the app often knows more about you before you - like when you are ovulating - and so, even before you, Facebook knows about YOUR ovulation cycle.
“We have met girls who are not allowed phones or to be on them for long as their parents are worried they will talk to boys. So a breach of this data, on this level, is huge.”Tripti Jain
Like other period tracker apps, Maya and Mia Fem are also used to track your fertility, your pregnancy, and your general health including lifestyle habits like your coffee use for example.
According to Privacy International, the MIA Fem shares the type of birth control medication users take and it’s reminders with Facebook.
This sort of data breach is particularly hurtful as apps like these, and femtech, in general, offers a digital space for women’s healthcare where our medical issues are discussed and taken seriously. Where we can voice issues contorted in shame and find solutions to our problems - no more hysteria, we are listened to and treated instead.
Sensitive personal data is any data that can be used to identify an individual. India's draft data protection bill (which is yet to be tabled in Parliament), identifies data about an individual's health, sex life as "sensitive personal data". Meaning, such data can only be shared with the explicit and informed consent of the users.
What’s the Apps’ Response?
The report underscores the consequences of this, adding, “understanding people’s mood is an entry point for manipulating them.”
However, according to a report by MoneyControl, Sheroes, the company that owns Maya, told Privacy International that it had removed the Facebook analytics software that was responsible for the breach and targeting ads at women. In a statement, John Paul, Maya founder and CEO said, “ Maya does not sell data to Facebook or any third party. We have in the past used tools from Facebook, strictly to improve our product experience. We have proactively removed these tools from all versions of the app due to concerns about privacy.”
While it is great that Maya is taking corrective measures, Jain worries that it may be too little too late,
“We come from a taboo society where we do not disclose such intimate details. So this step is not going to un-scar that woman.”
“Besides, they are still not disclosing who these third-party advertisers are and other such details.”
So, What Can We Do About This?
“Most women on this app will be educated,” and internet-forward and Jain suggests they should do a quick Google search on the app they are downloading and see if anything suspicious pops up.
But more than that, app developers need to shoulder the majority of the responsibility.
“Apps should ensure privacy by design.” beyond the jargon-filled and confusing terms and conditions, “there could be comics, videos or more interesting ways to educate users about the app and ensure informed consent.”
Plus, she suggests a multi-stakeholder approach. Apps and our hunger for them are increasing day by day, so we need policy interventions and laws to keep up with the boom.
By women for women?
A huge stumbling block is that most of these apps are primarily designed by males. “From a design perspective, there need to be more women making these apps. It would help if the same gender that the app is catering to also created it because only they can understand the exact circumstances.”
Besides, in the information age, we can’t run from technology, but we can hold it to higher standards.
(Subscribe to FIT on Telegram)
Subscribe To Our Daily Newsletter Now.