As the nation awaits the fate of Roe v. Wade, some privacy experts are concerned about how your personal health data is stored online and even shared without your knowledge.
This threat isn’t new, but there are new discussions about health app privacy as abortion laws may change nationwide.
For women’s health, Flo is a popular tool used to track periods and pregnancy, but this information isn’t just personal, it’s intimate.
“This really is some of the most private and sensitive information and some of these apps can share it in unexpected ways,” said Alexandra Givens, president and CEO of the Center for Democracy & Technology.
With the potential cancellation of Roe v. Wade, Givens said there are growing concerns that your personal health data in states where abortion services may be criminalized. She said the information could be obtained by law enforcement or purchased from data brokers.
“All of this puts a lot more emphasis on the privacy and security of your data and the need for people to be able to protect themselves,” Givens said.
This isn’t the first time health apps have come under fire for sharing personal information. Last year, Flo settled with the Federal Trade Commission allegations of disclosing the personal health data of millions of users for marketing purposes.
According to the complaint, the FTC reports that “Flo disclosed sensitive health information, such as the fact of a user’s pregnancy, to third parties in the form of ‘application events,’ which are personal data. ‘application transferred to third parties for various reasons’. Flo admitted no wrongdoing.
“I think this case was a real wake-up call about how information can be shared and sold without the user’s knowledge,” Givens said.
In a statement to the Washington News Bureau, Flo said he completed an external, independent privacy audit in March. In that same comment, the company said, “Flo will never require a user to register an abortion or provide details that they believe should be kept confidential. If a user raises concerns about submitted data, Flo’s Customer Support team will delete all historical data, which will completely delete all data from Flo’s servers.
Some experts say this concern goes beyond health apps and includes all the information you share, from using Google Maps to shopping online.
On Capitol Hill, the Electronic Frontier Foundation is pushing for comprehensive federal consumer privacy law with strong enforcement to regulate businesses and protect your sensitive information.
“There must be a private right of action in the bill. You can write the strongest privacy legislation possible, but if you limit the application to the FTC or state attorneys general, that bill won’t be enforced in the same way – if consumers Individuals could sue, sue, sue individually against these big companies,” said India McKinney, director of federal affairs at the Electronic Frontier Foundation.
McKinney said this legislation should also allow states to add protections.
“We want federal privacy law to be a bedrock of protection, and then states can do things on top of that,” she said.
McKinney said they also believe you shouldn’t have to pay for privacy.
“You’re not allowing your data to be sold, we’re not going to offer you that service, or we’re going to give you $20, if you let us aggregate and sell your data somewhere else. Whatever you want to call those two things, that doesn’t have to exist either,” McKinney said.
Privacy experts say apps created by healthcare providers are covered by healthcare privacy laws.
The Electronic Frontier Foundation also offers information on how to protect your data. You can find this information here: https://www.eff.org/pages/tools
Below is Flo’s full statement:
Beyond that, the independent audit clarified: “From both a governance and operations perspective, Flo has been able to demonstrate its commitment to the privacy and security of its users’ data and has dedicated the resources and appropriate personnel to ensure that it meets these commitments”.
Flo will never require a user to register an abortion or provide details that they believe should be kept confidential. If a user raises concerns about submitted data, Flo’s Customer Support team will delete all historical data, which will completely remove all data from Flo’s servers.
©2022 Cox Media Group