A majority of the most popular fertility apps collect and share sensitive data – without users’ knowledge or approval. It shows a study from Umeå University and Newcastle University.
In the fertility apps, users can enter information related to both privacy and health, such as information about abortions, infertility and pregnancy. Although they contain sensitive data, most of the apps are sorted under the category “Health and exercise” in the Android phones’ app store Google Play.
Researchers Teresa Almeida, Department of Informatics at Umeå University, and Maryam Mehrnezhad, Newcastle University’s School of Computing, have analyzed confidentiality notices and data tracking methods in 30 free fertility apps.
The apps allowed users to regularly report private information such as mental state, body temperature, sexual activity, orgasms and other health information, and the researchers were able to see that the majority of them did not comply with the requirements of the EU Data Protection Regulation (GDPR).
Sharing data further
The apps also enabled tracking software immediately after they were installed, even if the user had not approved the privacy notices.
“The information that users enter is stored in a very insecure way and the default settings mean that the app can share data without the user’s consent. This makes users vulnerable and exposed in a way that they do not realize. For example, information about an abortion can reach unauthorized and thus pose a risk to the user “, says Teresa Almeida in a press release.
In order to ensure that users’ personal and often intimate information is not misused, researchers are now calling for stricter control and more accurate categorization of the apps.
“The data is categorized in the GDPR as ‘sensitive personal data’ and should be handled with extra care. Authorities dealing with this type of issue need to become better at understanding the shortcomings of current rules that enable these apps,” said Teresa Almeida.