TomorrowMakers

Menstruation tracker apps have shared private, sensitive data belonging to millions of women with Facebook. This information will be used for targeted advertising.

Did you know your menstrual information is not private anymore? Here's why

Social media has become ubiquitous in our lives. Everything that people do is being posted online. Taking a flight? Check-in on Facebook. Taking a vacation? Plaster photos all over Instagram. While all this is voluntarily shared, there should be some information that must be kept private. This would include the menstrual cycle data belonging to millions of women!

Unfortunately, menstruation tracker apps have shared this private, sensitive data belonging to millions of women with Facebook.

A report titled, ‘No Body's Business But Mine: How Menstruation Apps Are Sharing Your Data’, revealed that out of the 36 apps studied, 61% of them immediately transfer data to Facebook as soon as the user opens the app. This happens irrespective of whether the user has a Facebook account or is logged into Facebook or not. Scary, isn’t it? Well, it gets worse.

Some of the apps have shared the most sensitive information in an incredibly detailed form. Two such apps found in the study by Privacy International are India-based Maya and Cyprus-based MIA. If you are a user of these apps, in all probability, Facebook knows about your ovulation cycle, and when you had sex last. These two apps are just a drop in the ocean. There are many more doing just the same – sharing private data with third parties.

Related: The cost of not maintaining menstrual hygiene

Why is Facebook interested in this information? 

Facebook’s intelligent platform leverages artificial intelligence and machine learning to cull data and get actionable insights. This information is then used to bombard users with targeted advertising. As users are unlikely to share private information such as health, sex life, mood, etc., openly, these platforms that are supposed to help track your periods are used to harvest sensitive data. With this information, Facebook knows when a user is vulnerable, happy or anxious and then uses it to target them with strategic, personalised advertising. 

Most apps have Facebook SDKs integrated. This means that once you agree to their privacy policy, the social platform automatically gets all your information. This can be considered a massive breach of privacy, especially when it comes to medical and health data. 

How can you keep your information private?

Be wary of the apps you download. Do not randomly install apps. Although it might be tedious, read the privacy policy carefully. See if they explicitly mention that they will disclose your information to third parties. If it does say that, do not install the app.

Some apps also use caveats. They may say that they do not disclose personal data to advertisers, but the privacy policy says, “the users' personal data may be used to comply with our advertisers’ wishes by displaying their advertisement to that target audience.” This essentially means that your data will be shared with advertisers such as Facebook to determine the right target audience. If you are not comfortable sharing highly personal data, it is best to stay away from apps that ask you for the same.

Privacy laws are not as stringent in India as they are in Europe with the recent GDPR. Unlike the EU, India does not have a data protection law that can safeguard individuals. The fundamental right to privacy is not granted in the Indian Constitution yet. However, the conversation around it has started and sparked hope that citizens’ personal interests will be protected by a separate codified law such as GDPR. Till then, a lot of the onus is on the end-users to keep their data private. 

Check out some of the laws that changed the course for Indian women, to understand how you can protect your rights.

Social media has become ubiquitous in our lives. Everything that people do is being posted online. Taking a flight? Check-in on Facebook. Taking a vacation? Plaster photos all over Instagram. While all this is voluntarily shared, there should be some information that must be kept private. This would include the menstrual cycle data belonging to millions of women!

Unfortunately, menstruation tracker apps have shared this private, sensitive data belonging to millions of women with Facebook.

A report titled, ‘No Body's Business But Mine: How Menstruation Apps Are Sharing Your Data’, revealed that out of the 36 apps studied, 61% of them immediately transfer data to Facebook as soon as the user opens the app. This happens irrespective of whether the user has a Facebook account or is logged into Facebook or not. Scary, isn’t it? Well, it gets worse.

Some of the apps have shared the most sensitive information in an incredibly detailed form. Two such apps found in the study by Privacy International are India-based Maya and Cyprus-based MIA. If you are a user of these apps, in all probability, Facebook knows about your ovulation cycle, and when you had sex last. These two apps are just a drop in the ocean. There are many more doing just the same – sharing private data with third parties.

Related: The cost of not maintaining menstrual hygiene

Why is Facebook interested in this information? 

Facebook’s intelligent platform leverages artificial intelligence and machine learning to cull data and get actionable insights. This information is then used to bombard users with targeted advertising. As users are unlikely to share private information such as health, sex life, mood, etc., openly, these platforms that are supposed to help track your periods are used to harvest sensitive data. With this information, Facebook knows when a user is vulnerable, happy or anxious and then uses it to target them with strategic, personalised advertising. 

Most apps have Facebook SDKs integrated. This means that once you agree to their privacy policy, the social platform automatically gets all your information. This can be considered a massive breach of privacy, especially when it comes to medical and health data. 

How can you keep your information private?

Be wary of the apps you download. Do not randomly install apps. Although it might be tedious, read the privacy policy carefully. See if they explicitly mention that they will disclose your information to third parties. If it does say that, do not install the app.

Some apps also use caveats. They may say that they do not disclose personal data to advertisers, but the privacy policy says, “the users' personal data may be used to comply with our advertisers’ wishes by displaying their advertisement to that target audience.” This essentially means that your data will be shared with advertisers such as Facebook to determine the right target audience. If you are not comfortable sharing highly personal data, it is best to stay away from apps that ask you for the same.

Privacy laws are not as stringent in India as they are in Europe with the recent GDPR. Unlike the EU, India does not have a data protection law that can safeguard individuals. The fundamental right to privacy is not granted in the Indian Constitution yet. However, the conversation around it has started and sparked hope that citizens’ personal interests will be protected by a separate codified law such as GDPR. Till then, a lot of the onus is on the end-users to keep their data private. 

Check out some of the laws that changed the course for Indian women, to understand how you can protect your rights.