Two popular menstruation apps have been found sharing users’ personal data about their emotional wellbeing and their bodies – including when they last had sex – to third party groups such as Facebook, according to new research.
A report published on Monday from advocacy group Privacy International examined 10 leading period-tracking apps, and found Mia Fem and Maya have been sharing women’s personal information about contraception use, menstruation dates, and their symptoms, directly to Facebook.
The group claimed the apps have been collecting data and information from users on their mood and sexual life in exchange for information about which days they will be most fertile. Privacy International said this data had been used to manipulate users with targeted adverts based on their information, such as showing a user an ad for health supplements on Facebook after learning they had been experiencing a low mood.
Mia Fem – by Mobapp Development Limited – has more than two million downloads, while Maya – by Plackal Tech – says it was the 2017 winner of Facebook’s FbStart Apps of the year award, and has more than five million downloads.
Privacy International’s report follows on from research the group carried out in December 2018 into data tracking. Testing 36 popular apps that connect to Facebook through smartphones, the group said that 61 per cent of the apps it examined automatically transfered data to Facebook once they were opened. It also found that users did not need to be logged in to Facebook for these apps to send detailed personal data to the social media platform.
In its latest report, Privacy International claimed the Mia Fem and Maya apps start sharing users’ personal data to Facebook as soon as the apps are downloaded, and before users have the chance to agree to any privacy terms, raising serious questions over the security of users’ data.
These apps share data through Facebook’s Software Development Kit (SDK) – a feature which allows users to log in using their Facebook profile for example – in order to help it create targeted ads.
The group found that Maya requested information about when users had sex and whether the intercourse was protected or not. Privacy International pointed out how this appears irrelevant to predicting menstrual cycles, which is the app’s primary use.
Privacy International said: “The wide reach of the apps that our research has looked at might mean that intimate details of the private lives of millions of users across the world are shared with Facebook and other third parties without those users’ free unambiguous and informed or explicit consent, in the case of sensitive personal data, such as data relating to a user’s health or sex life.”
The group also examined some of the most popular menstruation tracker apps, including Period Tracker by Leap Fitness Group, Period Tracker Flo, Period Tracker by Simple Design and Clue Period Tracker, and said none of them shared data with Facebook.
A spokesperson for Facebook told i: “Our terms of service prohibit developers from sending us sensitive health information and we enforce against them when we learn they are. In addition, ad targeting based on people’s interests does not leverage information gleaned from people’s activity across other apps or websites”.
In the case of Maya, the app allows users to enter sensitive information in a diary-like section of the app which was also shared with Facebook, Privacy International found. Information such as experiencing a low-mood can be helpful to advertisers as they can use this data to serve ads for products that purport to help with a person’s experience.
Since the group published its findings, Maya said it has removed the Facebook SDK feature.
Complying with the law
Both Maya and Mia Fem share data further afield than simply Facebook, the research claimed, with marketing sites also having access to the data.
The findings raise serious concerns over these companies’ compliance with GDPR, Privacy International said, as users within the EU are meant to have greater control and awareness over how their data is used.
The group has called for companies to take greater steps to address these issues. Facebook has committed to creating a tool in which users can stop apps and businesses sharing their data with the social platform, though the organisation says this is not enough.
“The responsibility should not be on users to worry about what they are sharing with the apps they have chosen,” Privacy International said.
“The responsibility should be on the companies to comply with their legal obligations and live up to the trust that users will have placed in them when deciding to use their service.”
i has contacted Mia Fem and Maya for comment.
The post Period tracker apps are sharing data to Facebook about when people last had sex appeared first on inews.co.uk.Read More