08.28.20

Refinery 29: This Fertility App Shared Data Without User Consent. Here’s How Senators Are Fighting Back

Senators are urging the Federal Trade Commission to look into a fertility app that’s allegedly engaged in shady data sharing practices. Premom paints a rosy picture of trying to get pregnant. The website features dewy blades of grass and smiling pregnant people holding lavender. It boasts that it’s a “simple, effective, and affordable solution for all trying to conceive.” But there’s nothing simple about the allegations against the company. Premom’s Android app was collecting a wide range of data from more than half a million users and sharing it with three advertising-focused companies in China, according to an investigation this month from the International Digital Accountability Council (IDAC). And yes, this was done without permission from users.

Premom has already done a bit of public course-correcting by updating its privacy policy and cutting ties with one of the suspect data companies, but officials are still concerned. In part, because the platform still may still be leeching personal data from users who haven't yet updated their Premom app. That’s why several members of Congress are demanding the FTC look more deeply into this troubling case. The charge is being led by a bipartisan group of senators, including Amy Klobuchar (D-MN), Elizabeth Warren (D-MA), and Shelley Moore Capito (R-WV).

 “New technologies are helping many families grow and stay healthy, but consumers shouldn’t have to sacrifice the privacy of their most sensitive information in order to benefit from these apps,” Klobuchar exclusively told Refinery29. “Companies mishandling health data must be investigated and held accountable, and I will continue to push for comprehensive privacy legislation to ensure that personal data is being protected.”

Klobuchar previously championed legislation to protect us from data-mining apps when she introduced the Protecting Personal Health Data Act in June 2019 with Lisa Murkowski (R-AK). It focused on health data tracking apps that have given third-party companies access to unprecedented levels of information about us and our health, because we don’t currently have legislation that adequately addresses these issues, according to a release from Klobuchar.

Premom reaches half a million users and is one of the top search results among fertility apps in Google Play and in the Apple App Store. It’s another name to add to the list of companies with suspect data policies, like TikTok, which has been sued for allegedly sharing user data with companies in China.

In this instance, Premom was handing out information such as Android Advertising IDs, geolocations, bluetooth names, and hardware identifiers, Lena Ghamrawi, IDAC’s chief of staff and policy counsel, told Refinery29. Yes, despite that they claimed they'd only share “nonidentifiable” information in their privacy policy, according to the letter senators sent to the FTC.

“This type of data sharing raises privacy concerns around the third parties’ and Premom’s ability to track users over long periods of time and across various apps on their devices,” Ghamrawi explained. Users don’t know this is happening, and have no reasonable recourse to stop this behavior or opt-out of it, she added. 

Data about an individual’s actual fertility, hormone, and ovulation information was not given to third parties, according to IDAC’s investigation, but “it is possible” that it could be, Ghamrawi said.

Perhaps the most concerning part of this is the location sharing. “Location data reveals a lot of information about users: what type of places they frequent, where they work and live, what their hobbies are, and other lifestyle choices,” Ghamrawi said. “Premom, and even the third-parties the company shares this information with, can use this location data, in combination with other data, to infer who users are and create unique user profiles for targeted advertising and monetization purposes.”

Although Premom has already taken steps to remedy the issue, some experts say it's not enough. “Now it would be great if Premom explained why they were sharing location data and non-resettable identifiers with these third-parties in the first place,” Ghamrawi said. “Once personal data is out there, it’s difficult to get back.”

Premom did not responded to Refinery29’s request for comment before deadline. The FTC declined to comment on on specific company conduct.

Now, you might be thinking, so what? You’re probably already used to those spookily targeted social media ads, the ones that bring up products you’ve talked about buying, but that you’re actually pretty sure you’ve never Googled. Do you really need to care about this? Well, yes!

“Millennials, and all consumers, should demand and expect better from companies that collect and sell their personal data,” Ghamrawi said. And Premom users should take heed because this is ultimately a big old invasion of privacy. “By knowing your location, your lifestyle habits, [and] your preferences, companies can control and shape the content you see, the products you buy, and predict your choices,” Ghamrawi said. “They’re basically controlling integral aspects of your life without a clear way to stop it from happening.”


By:  Molly Longman
Source: Refinery 29

Related Issues: Health