Will My Period Tracking App Betray Me? Menstrual Surveillance in a Post-Roe World

One study of 24 health-related apps found 19 shared personal data with third-party sources, who could then transfer the information to hundreds of other companies. (Mad Fish Digital / Creative Commons)

Almost immediately after the leak of the Supreme Court majority’s draft opinion eviscerating Roe v. Wade, Twitter was abuzz warning women to delete period tracking apps from their smartphones. The concern is that the troves of data people who menstruate pour into these apps—including their periods, sexual history and moods—could be shared with police or private citizens enforcing abortion bans.

Over 100 million menstruators use period tracking apps to manage their reproductive health. Users want to know when to expect their periods, to monitor their fertility and to better understand their bodies. Indeed, these apps are wrapped in the language of feminist self-empowerment. After decades of women and others who menstruate being excluded from medical research and health-oriented products, this framing is powerful.

However, the rhetoric is in service of the for-profit femtech industry, in which every aspect of a person’s reproductive health from menstruation to pregnancy to menopause is being monetized by tech developers. While most period tracking apps are “free” to users, they typically make money by selling the collected data.

One study of 24 health-related apps found 19 shared personal data with third-party sources, who could then transfer the information to hundreds of other companies.

In 2021, the Federal Trade Commission settled a case against the popular Flo app for selling intimate health data of users to a range of marketing and analytics companies, including Facebook and Google, despite promising users their data was secure. In 2020, the California attorney general obtained a $250,000 settlement from the Glow app after alleging the app had security flaws that left users’ data at risk.

Further, the aggregation of this reproductive health data with other data sources can lead to gender discrimination. Someone’s digital profile may possibly result in higher insurance rates, increased interest on loans and even lead to workplace discrimination—all without their knowledge. Relatedly, employers are increasingly pushing female employees to download wellness apps, giving them unwarranted access to their workers’ health status and pregnancy information. 

These apps can also embed political aims. One fertility app was designed and funded specifically to promote anti-abortion causes. While the backing of the app is invisible to users, users receive missives which attack the safety and efficacy of hormonal birth control and push natural awareness methods. 

Given this background, do people with uteruses also need to fear their personal data will be used against them in anti-abortion prosecutions or civil cases? At this time, there is no evidence that anyone is running a technological dragnet to trawl for people whose period cycles suggest a termination of pregnancy. Then again, laws such as Texas S.B. 8—providing a $10,000 bounty to anyone who nabs someone assisting in procuring an abortion—are relatively new and the anti-abortion movement is very aggressive.

Indeed, there is ample evidence that reproductive health data is already being weaponized by the anti-abortion movement. For instance, on May 3, Vice reported a data broker firm was selling data about people’s visits to abortion clinics, including Planned Parenthood. The data-for-sale included where the individuals came from, how long they were at the clinic and where they travelled afterwards. Anti-abortion activists and law enforcement could easily buy these sorts of data sets to target women seeking abortions out-of-state. This data could then become evidence in a trial.

There is ample evidence that reproductive health data is already being weaponized by the anti-abortion movement.

Similarly, for several years anti-abortion groups have been sending targeted, anti-abortion propaganda to women while they sit in Planned Parenthood clinics. This targeted advertising uses geo-fencing or location tracking on people’s smartphones to identify abortion patients. This advertising tool could be tweaked to identify women travelling out-of-state for abortion care as well as to generate evidence for a trial.

Unfortunately, these data gathering practices are legal. The United States does not have a comprehensive data privacy law giving consumers control over their personal data or putting obligations on data collectors. Only a handful of states have such laws. 

For its part, HIPAA applies only to medical information shared with doctors; it does not cover data collected by apps or wearable devices. The Food and Drug Administration generally does not regulate medical apps, limiting its review to medical devices that pose patient safety risks in the event of device failure.

Whether they know it or not, when someone consents to an app’s privacy policy, they usually agree to the unlimited sale and sharing of their sensitive data. However, the reality is users do not—and practically cannot—read lengthy, legalistic and boilerplate privacy policies, and even if they do, they have no ability to negotiate their terms.  Moreover, breaches of privacy policies are nearly impossible for users to uncover. 

Accordingly, tech experts recommend a variety of steps for those using period tracking apps, including carefully researching and selecting apps with greater privacy controls, setting devices to use two-factor authentication, turning on ad blockers and turning off geolocation tracking. In the post-Roe world, the recommendations are getting more dire, such as deleting the apps altogether (and requesting data deletions), never going to an abortion clinic with a smartphone and searching online for information about abortion services only through encrypted search engines. Some even advise a return to paper calendars. 

It’s time to envision and build safe and secure period tracking apps that meet menstruator’s needs. Such an app would be science-based, non-profit and non-stereotyped. There would be no sharing of data with third parties and users would be able to control the use of their data. Now, more than ever, we need secure technologies to resist the rise of menstrual surveillance deployed in service of an anti-abortion agenda.

Sign and share Ms.’s relaunched “We Have Had Abortions” petition—whether you yourself have had an abortion, or simply stand in solidarity with those who have—to let the Supreme Court, Congress and the White House know: We will not give up the right to safe, legal, accessible abortion.

Up next:


Michele Gilman is a professor of law at the University of Baltimore School of Law, and the co-director at the Center on Applied Feminism.