Menstruation cycle tracking app breached users' privacy, B.C. class-action lawsuit alleges
bc.ctvnews.ca
VANCOUVER - A British Columbia Supreme Court judge says a class-action lawsuit can move forward over alleged privacy breaches against a company that made an app to track users' menstrual and fertility cycles. The ruling published online Friday says the action against Flo Health Inc. alleges the company shared users' highly personal health information with third-parties, including Facebook, Google and other companies.
free, open source, everything stored locally: https://dripapp.org/
Of all the things you most certainly do not need to upload to the cloud....................................................................
I mean cloud apps are popular because they are convenient. It's just a shame that they are invariably infested with toxic capitalism. And now apparently Christian fascists.
Thanks! Was looking for something more privacy focused. I had not found this one.
I am quite impressed by the funders, German state and Mozilla. Wow.
im giggling like an idiot at that name
Result: âsorry we shared your personal data, hereâs a check for 38 cents. â
Damn man, my gf pays for this app. That's how we track her days. Corpos even know when we're probably having sex now D:.
Even your car might know.
For those that arenât aware: https://www.youtube.com/watch?v=OYcmF9IAJbU
TL;DW: The Nissan privacy policy
statesstated that they can collect and store information about your sexual activity for some reason.Note: the page seems to have been updated to remove that wording, but you can see it archived on the Way Back Machine from when the video was released.
Edit: spelling
Stop paying for something that could easily be done with a pencil and a regular paper calendar.
Tell me you're a man without telling me you're a man
Wow, my girlfriend uses this. Time to get her a FOSS-grown solution. Fuck the corpos!
here's one i found from a comment below
@noodlejetski@lemm.ee
They need to fix their SSL certificate.
Seems like they didn't set www to redirect to the main site. If you go to https://dripapp.org it works fine.
Come on, it is the 21st century.
Nobody should assume any other reason to create such an app than to harvest and sell personal medical data.
Periodical is no wifi, no bs and stored locally on your phone storage. Also is about 5mb in size so pretty minimal. If anyone is interested here's the link https://f-droid.org/packages/de.arnowelzel.android.periodical/
That's f'ed up.
Man, sometimes I feel like we've lost our spirit. I'm hopeful we can get it back, but these articles tell a different story. I hope for better days.
Your comment sounds AI generated lmao
Here are some privacy focused alternatives (only for android đ): https://pluja.github.io/awesome-privacy/#menstrual-cycle-trackers
I wrote a period tracker app that also encrypts/password protects the data at rest. If you're concerned about someone taking your phone and accessing your data, it may also be worth a look.https://github.com/cameroncros/PrivatePeriodTrackerhttps://play.google.com/store/apps/details?id=com.cross.privateperiodtrackerDrip looks better for most people though. But they should add encryption if they dont already have it.Use drip.
Encryption and password protection is in the changelog for drips first version v0.0.1 - 5 years ago
I couldnt find your app on fdroid btw
Huh, thats good. I scanned their website for mentions of encryption and didnt find it.
Mine isnt on fdroid, wasnt worth the effort. May as well remove from Google Play as well tbh, Drips seems all round a better option.
Yep it was a struggle to find. I checked website, issues and then finally made a last attempt at the change logs. It should be advertised more for that added piece of mind.
I didnt mean to shoot your app down by the way, in case it came across that way. Ive never used these apps
Thanks for developing your version though. People like you make this community what it is :)
I've never used my app either, I lack the prerequisites :D I wrote it for my partner last time there was a thing about US cops going after the data. But I dont maintain it, so drips is the better option in general.
When drips gets caught selling data I'll revive my app :D
I remember back in my teenage days, I tried to track some menstruations. It didnât end well.
Classic mistake. You weren't rich enough.
It's 2024. People still assume apps installed on their phones aren't siphoning every single 1 and 0 on your phone including your texts and recordings of your voice calls and then selling that data to a 3rd party advertising firm.
Why in FUCKS name would you put your menstrual cycle data on an app that some stranger made?
It's useful?
Agreed. Although I think the usefulness of the apps are aimed at tracking fertility to help people get pregnant. Which is even more scummy that they sell the data.
I think you may be way underestimating the number of people who have no idea the software they use is spying on them.
There's not a word in this article about why this breach of privacy matters while others do not. It's not stated whether this was in the terms of service for the app, and whether those terms were ruled against.
All kinds of apps have been selling personal information for a long time, and it's been ruled before that it's allowed if they have the proper legalese in the terms of service. Did this app just not have any terms of service?
Why is it a breach of privacy for this app, but other apps doing the same selling of personal data is not?
From the article...
IANAL, but my understanding, after having read the whole article, is that regardless of the fact that there may or may not have been an agreement between the app creator and its users, that they still ran foul of laws that cannot be waived by any sort of TOU/EULA agreement.
I read the article too, and those things you quoted sound to me like things every app does.
Hence my question: what is different here?
It's not a matter of something being different or not. It's no matter what, it's illegal. Law trumps any TOU/EULA.
So what are they doing that illegal that other apps aren't doing??
I really don't know how to be any more clear with this question.
Why the fuck would you ever enter that kind of information into your phone? Did they ever make any promises about it all being end-to-end encrypted?
Are the owners of the app based in a privacy friendly country? What kind of things do they require for passwords?
Worse than betterhelp right there. people that use services like those are fucking sheep.
Periods are awful to keep track of yourself, it's not a perfect, "every 4 weeks for 5 days" thing. Those apps actually recalculate the beginning and end of a period when something abnormal happens, like stress moving the period back a few days. This way you don't need to keep it in a personal calendar, which mind you, a lot of people don't even have.
Btw, most apps do also more than just regular tracking, they can predict how bad blood flow will be, and if your periods are known to be rather painful, they can keep track and remind you when a day comes on which you'd need to pack a few extra painkillers.
Hard to argue with any of those points. Nice of you to kindly elaborate for people trying to blame the victims of the scheme.
While the explanation is great, I feel like it shouldn't even be necessary. Like, if people are using an app, can we not just assume that they have a reason for it? A reason that, to them at least, is a good one? Regardless of what the app is about, or which demographic is using it, it seems infantilising not to make that assumption.
Periods are never properly explained in school, a lot of people simply get taught by their mother, or survive with what little knowledge the biology textbook holds about them.
I cannot blame someone for not knowing how awfully complicated they are, when school at most teaches about the ideal period, not even mentioning how much can affect them, or how awful they can be for some people.
I dislike the commenter's attitude, but I do agree with parts of the message. I would prefer to treat any closed-source, internet-connected app as "collecting everything it can", just because it has been the logic for a while. I would not trust my messaging or files to a centralized, closed platform - so why would I use something suspicious for health data this sensitive?
Right, but the privacy implications trump all of that for me.
proton unlimited, proton calendar. Completely private and end-to-end encrypted.
But okay, I guess these apps can be helpful. I still think it's a terrible idea to enter information like that into an app that doesn't guarantee privacy. That's sensitive medical data. I don't give a fuck what any ToS says, no one except you should have the power to give away that kind of information about yourself.
Maybe you could direct your righteous anger at the people misselling the app, not the people who use it to help them get pregnant or to avoid becoming pregnant in a proto-fascist society that has removed their right to an abortion?
Right?? Like what is this rage against the users?!
For Women's Right Day, the android app store featured the lead of Security and Privacy of this very app. A lady BTW. Fuck me sideways how that was a ton of crap, retrospectively. She said in so many words the usual "privacy foremost" and other such obvious shit, then she also said "no selling ever".
I despair of humanity.
So you learned about pandering from two angles on stupid pointless holiday-day.
Iâll check my subscription but Im pretty sure Proton doesnât calculate when I ovulate.
I used these kinds of apps when I was a teenager. I could not keep up with a calendar - I tried but my cycles were too irregular to be predictable based on the calculations I could find in books and the internet. Iâm transgender and found the entire experience unpleasant in a fairly intense way.
Those kinds of apps helped me immensely. Most of them offer some sort of discreet icon or password system - my parents were the type to read my diary/calendars. My periods are all over the place, and I was able to safely log a pattern in related pain/duration/quantity⊠most of them included links to places to find medical information. I found one that wasnât pastel pink and just treated me like a person keeping track of their medical statistics. I got to feel neutral about a part of my body which I despised.
The problem is not that people are naive enough to hand over the information to a third party they can not trust. The problem is the paucity of information and resources for menstrual health. Periods are complicated and scary. When youâre a teenager, youâre not worried about data security - youâre worried about trying to make sure you know when your next cycle will start so that you donât experience the hell that is bleeding through your pants in math class.
I especially wouldn't recommend anyone in the a red state in the US to use a period tracker. States are serious about prison sentences for people seeking abortions and even miscarriages. If a state like Texas or South Carolina gets ahold of that information it's going to ruin your life.