Do You Actually Need To Worry About Protecting Your Health Data Online?
You’re walking down the street when a stranger runs up to you. He snatches your smartwatch. “Just to take a look,” he says with a friendly grin. Next, he grabs your phone and clicks through every app you’ve ever downloaded. He clicks into your macro tracker, learning what you ate today. He jots down your email address, phone number, and the contact information for your friends and family too. He might also trace your weekly running routine, where you drive, and who your doctors are, among many other details you thought were locked behind your phone screen.
In this scenario, it’s clear you just dealt with creepy, almost unimaginable behavior. Heck, you’d probably flinch and pull away if someone tried to simply peep your step count. Yet we freely give away much of this info to app companies every single day. And, truth be told, health and wellness apps take in best-kept-private info despite having terms of service and privacy policies most people skip over, can’t find, or struggle to understand. After all, what’s the worst that could happen? Eerily well-targeted ads?
With the fall of Roe v. Wade and the loss of abortion rights in about half of the U.S., app users have started questioning whether their most intimate health information could be used in unnerving ways. Even if pregnancy isn’t remotely on your radar, there are a number of other factors to consider in regard to how an outside party accessing your personal info could impact you.
We asked privacy and technology experts to lay out every pertinent thing you need to know about apps and data—and building your own cybersecurity shield.
First: What exactly can health apps do with data?
More than you’d expect, TBH. “Our intuition is that if information is related to health somehow, it’s special and protected,” says Leah Fowler, MPH, research director and an assistant professor in the Health Law & Policy Institute at the University of Houston Law Center. “But as a general matter, that’s not true.”
It’s easy to assume, for example, that an app your doctor suggests to log symptoms of a chronic condition, like endometriosis, is protected territory thanks to HIPAA (the Health Insurance Portability and Accountability Act of 1996, a federal law that protects your health information from being shared without your consent). But HIPAA applies only to interactions with a health-care provider, an insurance company, or their business associates. The vast majority of health apps do not fall into this protected category.
From the start, health apps can collect a slew of data: your contact info; your location as a device pings cell towers, taps into Wi-Fi, and finds GPS signals; even your phone behavior when you’re off the app.
Although many companies love to wax poetic about valuing privacy, your data is often how they make a profit. Health app companies generally share a variety of intel about you with third parties such as advertisers, analytics companies, and data aggregators and brokers who are then free to resell it to others. (Back in 2014, for example, one data broker claimed it had 3,000 data points for almost every consumer in the U.S.—and that was eight years ago.)
And the almost $33 billion femtech industry (the term for products, services, and software that use technology to focus on women’s health) is particularly thirsty. Data from pregnant people is 15 times more valuable than that of nonpregnant people, research suggests. Think about it: As you prepare to give birth, fill a nursery, navigate postpartum recovery, and raise a child, there’s a ton of stuff to buy—and advertisers and brands want your attention, loyalty, and money.
of user data transmissions in health and fitness apps complied with their respective privacy policies in a review of 15,893 apps. Source: The BMJ
Companies often claim they sell data that’s been “anonymized,” or supposedly stripped of identifying details, but in many cases it’s easy to trace back to a person. In fact, the Federal Trade Commission (FTC) recently came out against these claims, saying they’re “often deceptive” and that companies that mislead consumers in this way are on their radar. “Location data, for example, is almost impossible to make truly anonymous,” says Albert Fox Cahn, executive director of the Surveillance Technology Oversight Program (STOP) and coauthor of the recent report “Pregnancy Panopticon,” on post-Roe surveillance. “It’s hard to see a record of someone going from her home to her office and claim you don’t know who that is.”
The main problem lies in the fact that the vast majority of apps aren’t transparent about data-sharing practices. It’s really hard to know exactly what a specific app is doing with your data without becoming a cybersecurity expert and legal scholar. And even then, you could still be exposed.
Take Flo, a menstruation tracking and cycle prediction platform. Just last year, the brand reached a settlement with the FTC after an investigation found it had disclosed millions of users’ intimate health data to a slew of companies, including Facebook and Google, despite saying it wouldn’t. Glow, another women’s health app, separately came under fire and paid a $250,000 settlement for failing to protect users’ personal data and allowing access to it without consent.
Get this: Approximately a third of health apps available on Google Play in Australia (which includes apps for a global audience) offered no privacy policy, according to a privacy audit of nearly 16,000 health and fitness apps, published in The BMJ. Nearly half didn’t honor their promises. Plus, less than half of apps designed for people coping with depression even had a privacy policy, and most weren’t available until you’d already entered personal data, per a study in the journal Internet Interventions. So you’d only know what might happen with that intel after you’d handed some over.
What’s more, app companies are free to adjust their policies at any time and are not obligated to contact you about these tweaks. So even if you’re one of the unicorns who reads and understands the fine print when you signed up, you could still be caught off guard by sudden changes, notes Fowler.
So what's the true harm here?
A common response to all this privacy talk is: But is it really a big deal if an app gets hold of my workouts, diet, or other day-to-day body biz? I’ve got nothing to hide. Fair! The short answer is, you’re right in that you don’t need to lose sleep nightly over this—but knowledge is power, Fowler says. Understanding the best- and worst-case scenarios as far as health data mining goes ultimately empowers and motivates you to take the steps you can to protect your info. It’s difficult to see an abstracted data point—or even thousands of them—as a potential source of harm. But “the more data that’s collected, and the more intimate it is, the more risks it creates,” says Fox Cahn.
Consider cybercriminals. About a quarter of the time, health apps pass around data in an unencrypted form (in nontech speak, it’s not locked up), according to the BMJ study—which means it can easily be subject to hacking.
In a test of 30 apps used to connect patients with health-care providers, a hacker successfully broke into all of them and was able to access immensely personal information like test results, medication prescriptions, and even data of family members, per a separate study conducted last year. In 2018, 150 million MyFitnessPal users’ email addresses, usernames, and passwords were stolen in a massive data breach. A year later, they were reportedly up for sale on the dark web. (Hot tip: You can find out if your email or phone’s been swept up in a data breach at the website haveibeenpwned.com.)
Alright, noted. So, should you delete your period-tracking app?
Downloads that fall into the reproductive health category are arguably at the eye of the storm of this convo. “People have been criminalized for their pregnancy outcomes for ages,” says Kat Green, managing director of Abortion Access Front. Looking to the future, it’s not absurd to expect that people could be thrown into jail for incorrect data as well as miscarriages and pregnancy complications, says Eva Galperin, director of cybersecurity for the Electronic Frontier Foundation (EFF), as it’s happened before. (In 2015, Purvi Patel was convicted of killing a fetus in Indiana, partly due to text messages about seeking a medication abortion. A judge eventually released her, but the precedent is there.)
Yet despite the frenzy over whether you must erase that tracker, the short answer is “probably not,” says Galperin. “Period-tracking apps are a risk, and they do collect data about your health, which could potentially be used against you, but they are not the immediate risk in a post-Roe world; people who are prosecuted are usually turned in by their doctor, a nurse, or someone they trust.”
Your decision here ultimately depends on where you live, what the laws against abortion are like in your area, and how threatened (or not) they make you feel. In a high-risk situation, the safest option may be to track your cycle offline, says Fox Cahn, like with pen and paper. Next-best option? A more protective app.
The features to look for in the privacy policy are pledges stating the company does not sell or share data to third parties and either stores data locally or keeps it in strong end-to-end encryption where only the user holds the key. (The same applies to other health apps.) “In plain English, a third party is any company or individual outside of the app developer,” says Fox Cahn. With local storage, your input remains in your device and you own it, so it’s susceptible to a search warrant if you’re targeted as an individual, but it cannot be accessed if a company is served with a subpoena or hacked by bad actors. If data isn’t stored locally, strong end-to-end encryption where only you hold the key is safer. In this case, your data is locked up so well it would be very difficult if not impossible for a company to comply with a court order; it’s as if only you can access your data vault.
A few period-tracking apps that check these boxes include Drip, Euki, and Periodical, according to Consumer Reports. Clue and Cycles, which are, like Drip, based in Europe, are also smart choices because they must abide by the stricter General Data Protection Regulation, guidelines that require them to be transparent about how they use your data, use it only with your consent, and agree to have it completely erased at your request.
Some apps make powerful promises about protecting users, but it’s important to think critically about the claims—and how they will play out in reality. No matter the statements or press releases that a company may put out about their feelings on government overreach or the importance of user rights, the privacy policy often reveals the truth. Which is that most apps based in the U.S. would share your data as required by law, to comply with a subpoena or similar legal process. (The way out of this is using the app offline, in which case your data is inaccessible.)
Glitzy security features are also easy to misunderstand and could lead to false assumptions that you’re fully protected when you might not be. For example, the fine print may state that the company collects data and is subject to subpoena, but technically, everyone is subject to subpoena, so it’s not unique to any one app.
What This All Means For Your Privacy Now
As long as federal regulations remain lax and few states have comprehensive privacy laws, it’s on, well, you to push the market and elected representatives to do better. Privacy is critically important, Fowler reminds us. But you can help promote a culture that values personal security and insist that it’s time for us to take back control of our data, starting with your own digital life and relationships.
If you’re annoyed your go-to app has a hard-to-access privacy policy or makes confusing proclamations, demand a better product. Check the FAQs, email customer service, and question them about security must-haves until you’re satisfied with their answers, says Fowler.
At the very least, it’s worth reflecting on how comfortable you are with our current state of privacy and how we, as a society, would like to move forward. “At the end of the day, these tools are so convenient and do make our lives better—I don’t want to diminish that,” says Fowler. “But recognizing that nothing is free and the trade-off has been our data is helpful.”
Are you comfortable continuing to give strangers intel about yourself and letting them do whatever they want with it—or do you want to draw a line? Put another way: A guy runs up to you on the street. He tries to take your smartwatch. It’s ultimately up to you if you let him.
DIGITAL DEFENSE PLAN
There's no single way to keep personal data 100 percent private. But these simple tips are a smart start to lock-and-key your private matters.
Do a social scrub. It never hurts to periodically purge your friends lists on social platforms of potentially phony followers, delete your browser history, upgrade your privacy settings, and let your friends know what your boundaries are for sharing info or photos online. This puts you in the know of who has eyes on your info.
Use encrypted services. Some messenger apps for texts, like Signal, have a feature that allows you to delete messages after sensitive conversations. Also, avoid sending delicate emails altogether (there’s no erasing those receipts), or at least opt for a higher-privacy platform like Proton.
Search thoughtfully. For sensitive Qs you’d rather not share with the rest of the world (perhaps, when researching reproductive health care), use a Tor browser, which isolates each website you go to so third-party trackers and ads can't follow you. (Download here.)
Sources: Kat Green, Eva Galperin, EFF
You Might Also Like
