Naked and Infamous: Exposing Fertility Apps’ Use and Abuse of Health Data

However, these seemingly convenient tools too often come at the cost of compromised privacy. The sensitive personal data that fertility apps can collect goes straight to the heart of some of the most intimate moments in our lives – and as the research of today’s guest shows, that intimate data can be obtained unfairly and retained unsafely.

Dr Katharine Kemp’s research paper Your Body, Our Data: Unfair and Unsafe Privacy Practices of Popular Fertility Apps found serious privacy flaws in many fertility apps popular with Australian women.

• Fertility apps can collect extensive personal data – not just from user entries, but through tracking – and potentially misuse this information without the users’ knowledge or consent.

• Aside from the expected behavioral data input by the user (such as menstrual cycle tracking, fertility symptoms, mood changes, and digestive symptoms), the apps also analyze usage data.

• This involves monitoring user behavior within the app, such as the articles they read, the support groups they join, and the time they spend on certain information

• The presentation of user options and application interfaces in popular fertility apps might encourage users to unknowingly give away more data or permit extensive tracking of their online behavior.

• Certain apps do not clearly state what differentiates their subscription and membership tiers, presenting vague or misleading descriptions.

• In one app the only difference between a gold and silver membership was that the gold permitted invasive tracking, an option that was not clearly stated to the user.

• Katharine also found issues around consent for the use of personal data for targeted ad purposes.

• Sentences bolded in the app’s terms to imply consent contradicted other unbolded terms within the text in meaning and intent, leading to potential confusion.

• In terms of data retention, some apps are saying they’ll keep the data for three years and others for six or more. There is clearly no good reason for keeping data this long.

• Such long retention times are adding to the possibility of misuse internally within an organisation or by external bad actors.
• In Katharine’s view, what’s needed is not necessarily time limits, but strict enforcement of the rules to discourage data handling laziness.

• In relation to using fertility apps, Katharine advises potential users to spend time searching for and adjusting privacy settings to better protect personal data.

• Sometimes, but not always, EU-headquartered apps tend to have better privacy or privacy options.

• She advises users to avoid answering unnecessary questions, and to delete their account and data from the app when they are no longer using it, rather than just deleting the app itself.

• For those interested in a career in legal academia, Katharine stresses the importance of understanding the balance of power within privacy regulation and how it pertains to equality and social justice.

• She advises students to be flexible in their career, stating that often a specialty finds the individual, and to always adhere to their principles.