Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
169 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
45 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Privacy and Security of Women's Reproductive Health Apps in a Changing Legal Landscape (2404.05876v1)

Published 8 Apr 2024 in cs.CR and cs.ET

Abstract: FemTech, a rising trend in mobile apps, empowers women to digitally manage their health and family planning. However, privacy and security vulnerabilities in period-tracking and fertility-monitoring apps present significant risks, such as unintended pregnancies and legal consequences. Our approach involves manual observations of privacy policies and app permissions, along with dynamic and static analysis using multiple evaluation frameworks. Our research reveals that many of these apps gather personally identifiable information (PII) and sensitive healthcare data. Furthermore, our analysis identifies that 61% of the code vulnerabilities found in the apps are classified under the top-ten Open Web Application Security Project (OWASP) vulnerabilities. Our research emphasizes the significance of tackling the privacy and security vulnerabilities present in period-tracking and fertility-monitoring mobile apps. By highlighting these crucial risks, we aim to initiate a vital discussion and advocate for increased accountability and transparency of digital tools for women's health. We encourage the industry to prioritize user privacy and security, ultimately promoting a safer and more secure environment for women's health management.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (54)
  1. Progress pays off, 2018. https://powertodecide.org/sites/default/files/media/savings-fact-sheet-national.pdf, Accessed on 05/04/2023.
  2. Cdc 2019- about teen pregnancy, 2019. https://www.cdc.gov/teenpregnancy/about/index.htm, Accessed on 05/04/2023.
  3. Cdc 2020 abortion surveillance report, 2020. https://www.cdc.gov/reproductivehealth/data_stats/abortion.htm, Accessed on 05/04/2023.
  4. Cisco annual internet report (2018–2023) white paper, 2020. https://www.cisco.com/c/en/us/solutions/collateral/executive-perspectives/annual-internet-report/white-paper-c11-741490.html, Accessed on 05/15/2023.
  5. Flo: Anonymous mode white paper, 2022. https://flo.health/flo-health-inc/news/anonymous-mode-whitepaper, Accessed on 05/11/2023.
  6. Hhs issues guidance to protect patient privacy in wake of supreme court decision on roe, 2022. https://www.hhs.gov/about/news/2022/06/29/hhs-issues-guidance-to-protect-patient-privacy-in-wake-of-supreme-court-decision-on-roe.html , Accessed on 05/14/2023.
  7. Roe v. wade, 2022. https://reproductiverights.org/roe-v-wade/, Accessed on 05/08/2023.
  8. Android: Restrictions on non-sdk interfaces, 2023. https://developer.android.com/guide/app-compatibility/restrictions-non-sdk-interfaces, Accessed on 05/08/2023.
  9. Flo: Anonymous mode faq, 2023. https://flo.health/privacy-portal/anonymous-mode-faq#, Accessed on 05/11/2023.
  10. Hipaa privacy: Personal identification information (pii), 2023. https://www.govinfo.gov/content/pkg/CFR-2002-title45-vol1/pdf/CFR-2002-title45-vol1-sec164-514.pdf, Accessed on 05/14/2023.
  11. Hipaa privacy: Research on women’s health, 2023. https://orwh.od.nih.gov/toolkit/other-relevant-federal-policies/HIPAA-privacy-rule, Accessed on 05/14/2023.
  12. Owasp masvs (mobile application security verification standard), 2023. https://mas.owasp.org/MASVS/, Accessed on 04/08/2024.
  13. Sql injection, 2023. https://developer.android.com/topic/security/risks/sql-injection, Accessed on 05/14/2023.
  14. Privacy, data sharing, and data security policies of women’s mhealth apps: Scoping review and content analysis. JMIR mHealth and uHealth, 10(5):e33735, 2022.
  15. Challenges with developing secure mobile health applications: Systematic review. JMIR mHealth and uHealth, 9(6):e15654, 2021.
  16. Jenifer E Allsworth. Telemedicine, medication abortion, and access after roe v. wade, 2022.
  17. On password behaviours and attitudes in different populations. Journal of information security and applications, 45:79–89, 2019.
  18. DKA Analysts, 2021. https://analytics.dkv.global/FemTech/Report-Q4.pdf, Accessed on 03/08/2023.
  19. Android. Permissions on android, 2023. https://developer.android.com/guide/topics/permissions/overview, Accessed on 05/08/2023.
  20. Android. Static analysis using lint, 2023. https://developer.android.com/studio/write/lint, Accessed on 05/08/2023.
  21. Real-world menstrual cycle characteristics of more than 600,000 menstrual cycles. NPJ digital medicine, 2(1):83, 2019.
  22. Samantha T Campanella. Menstrual and fertility tracking apps and the post roe v. wade era. 2022.
  23. Promoting optimal sexual and reproductive health with mobile health tools for black women: Combining technology, culture and context. Perspectives on sexual and reproductive health, 52(4):205, 2020.
  24. Federal Trade Commission. Complying with ftc’s health breach notification rule, 2021. https://www.ftc.gov/business-guidance/resources/complying-ftcs-health-breach-notification-rule-0, Accessed on 04/08/2024.
  25. Carol Lynn Curchoe. Smartphone applications for reproduction: from rigorously validated and clinically relevant to potentially harmful. REPRODUCTIVE HEALTH, 2020.
  26. CWE. Common weakness enumeration (cwe), 2022. https://cwe.mitre.org/, Accessed on 04/08/2024.
  27. Drozer. Drozer – android security assessment framework, 2020. https://labs.f-secure.com/tools/drozer/.
  28. Use of menstruation and fertility app trackers: a scoping review of the evidence. BMJ sexual & reproductive health, 2020.
  29. Use of menstruation and fertility app trackers: a scoping review of the evidence. BMJ Sexual & Reproductive Health, 47(2):90–101, 2021.
  30. Examining menstrual tracking to inform the design of personal informatics tools. In Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems, pages 6876–6888, 2017.
  31. FDA, 2018. https://www.fda.gov/news-events/press-announcements/fda-allows-marketing-first-direct-consumer-app-contraceptive-use-prevent-pregnancy.
  32. Hormonal health: period tracking apps, wellness, and self-management in the era of surveillance capitalism. Engaging Science, Technology, and Society, 7(1):48–66, 2021.
  33. Acceptability of the pregnancy, exercise, and nutrition research study with smartphone app support (pears) and the use of mobile health in a mixed lifestyle intervention by pregnant obese and overweight women: Secondary analysis of a randomized controlled trial. JMIR mHealth and uHealth, 9(5):e17189, 2021.
  34. Data sharing practices of medicines related apps and the mobile ecosystem: traffic, content, and network analysis. BMJ, 364, 2019.
  35. Lisa H Harris. Navigating loss of abortion services—a large academic medical center prepares for the overturn of roe v. wade. New England Journal of Medicine, 386(22):2061–2064, 2022.
  36. Mobile apps for self-management in pregnancy: a systematic review. Health and Technology, 11:283–294, 2021.
  37. Mobsf: Mobile health care android applications through the lens of open source static analysis. In 2020 IEEE MIT Undergraduate Research Technology Conference (URTC), pages 1–4. IEEE, 2020.
  38. Deborah Lupton. Quantified sex: a critical analysis of sexual and reproductive self-tracking using apps. Culture, health & sexuality, 17(4):440–453, 2015.
  39. 50 ways to leak your data: An exploration of apps’ circumvention of the android permissions system. In 28th {normal-{\{{USENIX}normal-}\}} Security Symposium ({normal-{\{{USENIX}normal-}\}} Security 19), pages 603–620, 2019.
  40. Betsy Reed. Birth control app reported to swedish officials after 37 unwanted pregnancies), 2018. https://www.theguardian.com/technology/2018/jan/17/birth-control-app-natural-cycle-pregnancies, Accessed at 05/17/2023.
  41. Shannon Riley. Password security: What users know and what they actually do. Usability News, 8(1):2833–2836, 2006.
  42. Tonya Riley. An ftc order bars app maker easy healthcare from sharing additional personal health data with third parties for advertising, 2023. https://cyberscoop.com/ftc-fertility-app-pregnancy-data/, Accessed on 05/17/2023.
  43. Donna Rosato, 2020. https://www.consumerreports.org/health-privacy/what-your-period-tracker-app-knows-about-you-a8701683935/, Accessed on 05/01/2023.
  44. Ashley Martens Sarah Bradley, Elizabeth Bacharach and Jamie Spanfeller. The 11 best period tracker apps to get to know your cycle, according to ob-gyns, 2022. https://www.womenshealthmag.com/health/g26787041/best-period-tracking-apps/, Accessed on 05/16/2023.
  45. It’s time to care: A detailed profile of america’s direct care workforce. PHI: Quality Care Through Quality Jobs, 2020.
  46. Perfect-use and typical-use pearl index of a contraceptive mobile app. Contraception, 96(6):420–425, 2017.
  47. How private is your period?: A systematic analysis of menstrual app privacy policies. Proc. Priv. Enhancing Technol., 2020(4):491–510, 2020.
  48. The cracked cookie jar: Http cookie hijacking and the exposure of private information. In 2016 IEEE Symposium on Security and Privacy (SP), pages 724–742. IEEE, 2016.
  49. Amanda Jean Stevenson. The pregnancy-related mortality impact of a total abortion ban in the united states: a research note on increased deaths due to remaining pregnant. Demography, 58(6):2019–2028, 2021.
  50. Conor Stewart, 2022. https://www.statista.com/statistics/1126913/femtech-vc-investment-worldwide/?locale=en, Accessed on 03/08/2023.
  51. Debra Sullivan. The 10 best period tracking apps, 2022. https://www.medicalnewstoday.com/articles/320758, Accessed on 05/16/2023.
  52. Jennifer Weiss-Wolf. Hhs issued guidance to protect private medical information. here are some best practices for users of period-tracking apps, 2022. https://msmagazine.com/2022/06/30/period-apps-women-health-data-information/, Accessed on 05/15/2023.
  53. Surveillance capitalism: An interview with shoshana zuboff. Surveillance & Society, 17(1/2):257–266, 2019.
  54. Menstrual cycle tracking apps, fertility and reproductive data, and mobile health care management. Journal of Research in Gender Studies, 12(1):84–98, 2022.

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets