Mozilla and Reproductive Health Applications, New Findings
August 25, 2022 | 4 minutes read
After the landmark court case Roe v. Wade was overturned in June of 2022, many privacy and reproductive healthcare rights advocates warned that certain mobile software applications had the potential to put the lives of Americans at risk, as these apps function in accordance with geolocation data. This being the case, a woman that is looking to receive an abortion in a state where the practice has been outlawed would likely use some form of internet service when looking to receive this same service in another state. While some people scoffed at this notion, events that have come to pass in recent weeks have only given validity to the idea that many popular reproductive healthcare applications are in fact doing their users a disservice in certain respects.
More specifically, the Mozilla Foundation recently conducted a study where they reviewed 25 of the most prominent reproductive healthcare applications that are currently available to U.S. consumers. While this study revealed a wide range of insights concerning these various mobile applications, one major finding uncovered that as many as 18 out of these 25 mobile applications “received a *Privacy Not Included warning label – meaning they are problematic when it comes to protecting users’ privacy and security.” Moreover, some of these applications included popular period trackers such as Flo, Clue, Period Calendar Period Tracker, Ovia Fertility, and Glow and Eve by Glow, among a host of others.
Privacy not included
The study that Mozilla conducted on reproductive healthcare applications is a part of a larger guide that the foundation has created in order to provide consumers with the information they need to protect their privacy with regard to mobile applications in general. To this point, the Mozilla website states that “If we can’t confirm a product meets our Minimum Security Standards, it automatically earned the *Privacy Not Included label, as we feel those standards are the minimum a product should meet to be on the market. We also look at how a company uses the data the product collects on you, how you can control the data the company collects, and what the company’s known track record is over the past two years for protecting their users’ data.”
Given this information, the study that Mozilla conducted posited that many popular reproductive healthcare applications are essentially failing to safeguard the privacy and personal information of their respective users. Due to the inherent nature of reproductive health, U.S. citizens that disclose their healthcare information when using these applications do so under the assumption that this information will be protected at all times, even outside of the scope of the overturning of Roe v. Wade. Nevertheless, the owners of these applications have often failed to do this, as evidenced by the case of Flo Health, Inc. For reference, this mobile application was at the center of a complaint that was filed with the Federal Trade Commission (FTC) in January of 2021, as it was alleged that Flo Health, Inc. had been collecting the personal data of users without their consent.
Fertility applications and law enforcement
What’s more, there have also been concerns raised about the prospect of the makers of a reproductive health application sharing the personal data of its users with law enforcement officials. Despite the new privacy guidelines that the United States Department of Health and Human Services Office for Civil Rights (HSS OCR) in the wake of the overturning of Roe v. Wade, there is still a great deal of ambiguity as it relates to the legal obligations of a mobile application developer to cooperate with law enforcement officials with respect to an illegal abortion. Furthermore, this level of ambiguity does not even account for the flawed nature in which many mobile applications secure the personal information of users in the first place.
To this end, the study that Mozilla conducted on 25 popular mobile reproductive healthcare applications also questioned the developers of these applications on whether or not they would comply with law enforcement officials if asked to do so. In response, Jen Caltrider, Mozilla’s lead researcher, was quoted as saying “Most were pretty vague in terms of if we get a request from law enforcement, we may share data, and sometimes they would mention subpoenas,” Caltrider warned. “But it was rarely clear if companies would do voluntary disclosure with law enforcement, or they would only disclose data with a court order, and how they limited scope for law enforcement or government requests.”
While the study that the Mozilla foundation conducted on mobile reproductive health applications such as period and fertility trackers was only able to cover a small percentage of these products and services, the results of the study were nonetheless very illuminating. In spite of the checkered history that many mobile application developers have in terms of data protection and personal privacy, many consumers still operate under the assumption that their information will at least be somewhat protected when they use a particular mobile application. However, Mozilla’s most recent study clearly contradicts these assumptions, and the ways in which mobile applications can protect the privacy of their users will be an ongoing debate for years to come.