Menu Close

Refinery29: This Fertility App Shared Data Without User Consent. Here’s How Senators Are Fighting Back

Read the original article here.

By Molly Lyons

8/28/20

Senators are urging the Federal Trade Commission to look into a fertility app that’s allegedly engaged in shady data sharing practicesPremom paints a rosy picture of trying to get pregnant. The website features dewy blades of grass and smiling pregnant people holding lavender. It boasts that it’s a “simple, effective, and affordable solution for all trying to conceive.” But there’s nothing simple about the allegations against the company. Premom’s Android app was collecting a wide range of data from more than half a million users and sharing it with three advertising-focused companies in China, according to an investigation this month from the International Digital Accountability Council (IDAC). And yes, this was done without permission from users. 

Premom has already done a bit of public course-correcting by updating its privacy policy and cutting ties with one of the suspect data companies, but officials are still concerned. In part, because the platform still may still be leeching personal data from users who haven’t yet updated their Premom app. That’s why several members of Congress are demanding the FTC look more deeply into this troubling case. The charge is being led by a bipartisan group of senators, including Amy Klobuchar (D-MN), Elizabeth Warren (D-MA), and Shelley Moore Capito (R-WV). 

“New technologies are helping many families grow and stay healthy, but consumers shouldn’t have to sacrifice the privacy of their most sensitive information in order to benefit from these apps,” Klobuchar exclusively told Refinery29. “Companies mishandling health data must be investigated and held accountable, and I will continue to push for comprehensive privacy legislation to ensure that personal data is being protected.”

Klobuchar previously championed legislation to protect us from data-mining apps when she introduced the Protecting Personal Health Data Act in June 2019 with Lisa Murkowski (R-AK). It focused on health data tracking apps that have given third-party companies access to unprecedented levels of information about us and our health, because we don’t currently have legislation that adequately addresses these issues, according to a release from Klobuchar.

Premom reaches half a million users and is one of the top search results among fertility apps in Google Play and in the Apple App Store. It’s another name to add to the list of companies with suspect data policies, like TikTok, which has been sued for allegedly sharing user data with companies in China.

In this instance, Premom was handing out information such as Android Advertising IDs, geolocations, bluetooth names, and hardware identifiers, Lena Ghamrawi, IDAC’s chief of staff and policy counsel, told Refinery29. Yes, despite that they claimed they’d only share “nonidentifiable” information in their privacy policy, according to the letter senators sent to the FTC.

“This type of data sharing raises privacy concerns around the third parties’ and Premom’s ability to track users over long periods of time and across various apps on their devices,” Ghamrawi explained. Users don’t know this is happening, and have no reasonable recourse to stop this behavior or opt-out of it, she added.  

Data about an individual’s actual fertility, hormone, and ovulation information was not given to third parties, according to IDAC’s investigation, but “it is possible” that it could be, Ghamrawi said.

Perhaps the most concerning part of this is the location sharing. “Location data reveals a lot of information about users: what type of places they frequent, where they work and live, what their hobbies are, and other lifestyle choices,” Ghamrawi said. “Premom, and even the third-parties the company shares this information with, can use this location data, in combination with other data, to infer who users are and create unique user profiles for targeted advertising and monetization purposes.” 

Although Premom has already taken steps to remedy the issue, some experts say it’s not enough. “Now it would be great if Premom explained why they were sharing location data and non-resettable identifiers with these third-parties in the first place,” Ghamrawi said. “Once personal data is out there, it’s difficult to get back.”

In a statement to Refinery29, the legal counsel and the acting spokesperson for Premom said that the app “prioritizes the safety of its users’ data above all, and is constantly evaluating its policies, procedures, and use of third-party tools to ensure the application is compliant with global data privacy laws.” It also claimed that the app limits its use of third-party tools that don’t “comport with Premom’s internal privacy standards and practices,” and doesn’t share user information with advertisers.

The FTC declined to comment on on specific company conduct.

Now, you might be thinking, so what? You’re probably already used to those spookily targeted social media ads, the ones that bring up products you’ve talked about buying, but that you’re actually pretty sure you’ve never Googled. Do you really need to care about this? Well, yes!

“Millennials, and all consumers, should demand and expect better from companies that collect and sell their personal data,” Ghamrawi said. And Premom users should take heed because this is ultimately a big old invasion of privacy. “By knowing your location, your lifestyle habits, [and] your preferences, companies can control and shape the content you see, the products you buy, and predict your choices,” Ghamrawi said. “They’re basically controlling integral aspects of your life without a clear way to stop it from happening.”