"Delete your period tracking apps today". Since the revocation of Roe v. Wade in the United States, Internet users have launched a mutiny against these health applications. For good reason, companies such as Flo, Clue or Stardust have sensitive data in a country where the right to abortion - which existed since 1973 - now depends solely on the decision of the States.
To fully understand, we must return to what we find on these applications used by most women to track their menstrual cycles, some of which were created by anti-ABORTION groups such as Femm which offers women to prefer more natural contraceptive methods. In general, in addition to the start and end date of menstruation or the ovulation period, platforms can also indicate when a pregnancy begins, for example. This is more than dangerous information when several American states could decide to make abortion illegal, following in the footsteps of Missouri, the first to take the plunge.
To prevent data protection risks, several Internet users have taken up the subject on Twitter. This is the case of Tara Costello, author of Red Moon Gang: An inclusive guide to menstruation who has published a series of tips for women who use these apps. "This has been a growing concern for some time. I had already seen accounts raise awareness of this issue before, but I think the reversal of Roe v. Wade has allowed a greater questioning on the use of applications," she tells.
But can these applications really deliver this kind of data to the government? According to a survey published by the Techcrunch media, Stardust, one of the most used applications, would sell certain data such as the phone numbers of its users to an outside company named Mixpanel. If now it does not concern any health data, this third-party company could very well communicate the numbers to the prosecutors, explains Techcrunch.
United States period tracking apps boycott and Stardust company
The Stardust company, on the other hand, ensures the opposite. "If the government issues a subpoena to find out your menstrual tracking data, we will not be able to produce anything for them. We are also working on an option for users to completely opt out of providing personally identifiable information and use the application completely anonymously," the US company replied on Twitter.
Except that according to Stardust's privacy policy, the application is not as secure as it claims. "We may disclose your anonymized information to third parties in order to protect legal rights, safety and security [...] and to comply with or respond to law enforcement or legal proceedings or a request for cooperation from a government or other entity, when required by law," the regulation emphasizes. If the data are guaranteed to be anonymized, however, they could well be used for an investigation, for example after an illegally performed abortion.
According to Tar Costello, the encryption announced for the next few days could still have some flaws. According to the author, the application would still be able to link a piece of data to its user and, as its privacy policy indicates, could still deliver information to the authorities, if necessary.
So, like many other Internet users, Tara Costello is determined not to let the security breach pass. "For those who use Stardust, I recommend deleting the application as well as your data. It is necessary to switch to an application that is transparent about its position on data privacy," recommends the author.
But which application should we turn to when other companies are also affected by these flaws? The company Flo, downloaded by 43 million users worldwide, could also ignore the confidentiality of intimate data. "We may be required to process some of your personal data to comply with applicable laws and regulations," the app's website reads.
United States period tracking apps boycott fears
Faced with the fear expressed by the Americans, the Flo application announced a week ago the arrival of an "anonymous mode" to erase any indication to link the account to a user. "We will do everything in our power to protect the data and privacy of our users and understand the deep responsibility we have to provide a safe and secure platform for you to use," said the company, without however announcing the official arrival of this anonymous mode on its application.
Some, like Tara Costello, have more confidence in their European competitor, the Clue application, which would have the advantage over others of having to comply with the stricter rules of the GDPR. Clue explains, for example, that it holds certain data, but not that of the location of its users. Information that would identify the movements of a woman who would go to another state where abortion is still legal.
But according to lawyers interviewed by The Guardian, if Clue is less required to respond to American justice, it may still have to do so to comply with "different legal frameworks and cross-border agreements". Faced with this uncertainty, former users of these applications prefer to return to a more artisanal method: paper and pen.
Still others seek to muddy the waters, like these men who call for downloading menstrual tracking applications "in order to create chaos". "The main idea is to create unnecessary data so that any law enforcement agency that buys a database to try to locate women who may have had abortions is forced to waste resources," Santiago, who has followed this trend, tells us.
United States period tracking apps boycott choices
A choice not necessarily relevant according to some users. "Data analysts will be able to easily and quickly create an algorithm to spot your fake account. Then, you do not sabotage the period tracking company, you increase their value and give them more money by giving them a larger user base and more data to sell," Christie warns on his Twitter account.
Beyond the only problem of menstrual tracking applications, health data represent a gold mine for the authorities. On Google, users' searches can, for example, be scrutinized. In 2017, for example, a resident of Mississippi was accused of conducting research on medical abortion during an investigation into the death of her foetus. The charges against her had finally been withdrawn.
After the revocation of the right to ABORTION, the Electronic Frontier Foundation – an NGO ensuring the protection of freedoms on the Internet - warned: "Those who seek, offer or facilitate access to abortion must now assume that all the data they leave on the Internet or elsewhere can be searched by the authorities".