Over the past few years, the Digital Lab evaluated and test a number of products and services informed by criteria, indicators and testing processes from the Digital Standard. To bring more transparency to the Digital Standard, we are launching a series of case studies aimed to highlight examples that will help clarify:
- Problems & Context: What type(s) of problems with products and services does Consumer Reports look into for further testing and evaluation?
- Processes & Methods: What processes or methods does the team use to evaluate and investigate products and services?
- Impact: What type of impact do the product and service evaluations have on stakeholders like industry practitioners, manufacturers, and policymakers?
- Using The Digital Standard: How was the impact of this work informed by the Digital Standard?
Our next case study covers Consumer Reports’ work on Reproductive Health Apps.
What Your Period Tracker App Knows About You
These apps are popular, but they raise concerns about what happens to the very personal data they collect
Project timeframe
January 2020
Problem
Context: Fertility or menstrual cycle trackers have been used by nearly a third of women in the U.S., according to a recent Kaiser Family Foundation survey. They are part of the burgeoning market for “femtech,” which are technology-based products and services focused on women’s health. The market for all digital tools for women’s health needs — such as apps for personalized nutrition advice, weight-loss coaching, and high-tech breast pumps that record when and how much is pumped — could be worth as much as $50 billion by 2025, according Frost & Sullivan, a research and consulting firm.
Sensitive data collection: Fertility or menstrual cycle trackers, broadly categorized as reproductive health trackers, can be used for a wide variety of reasons in addition to monitoring menstruation. Professional athletes, such as those on the U.S. women’s soccer team and several British Olympic hockey gold medalists, use them to tailor workouts and nutrition plans to their body’s cycles. Clue, Ovia, and Flo say that medical researchers use anonymized information from the apps to study women’s health concerns. Some even have features that manufacturers claim will help diagnose medical conditions. Flo and Clue recently introduced tools to assess a user’s risk of polycystic ovary syndrome (PCOS), a hormone disorder that can affect a woman’s fertility. Period tracker apps are billed as useful tools for people who are trying to have a baby, want to prevent pregnancy, or need to monitor menstrual-cycle-related health problems such as hormone-triggered migraines.
Personal information at risk: But to provide these services, the apps collect deeply personal information that can go well beyond the dates of your period. Depending on the app, that can include how often you engage in sexual activity, if you are trying to conceive, and whether you engage in unprotected sex, have experienced a miscarriage, or are approaching menopause.
Data sharing to third parties and marketing: Consumer Reports’ Digital Lab found in a recent examination of five popular reproductive health tracking apps — BabyCenter, Clue, Flo, My Calendar, and Ovia — that even anonymous users have no guarantee that their information won’t be shared in some way with third parties for marketing and other purposes.
[Excerpts gathered from CR Article: What Your Period Tracker App Knows About You]
Process
We conducted a comparative analysis of 5 reproductive health tracker apps: BabyCenter, Clue, Flo, My Calendar and Ovia. CR examined the apps and their privacy policies for clarity and comprehensiveness, authentication, customer service, data benefits, data privacy, security over time, governance, threat notifications and overall user experience.
To evaluate privacy practices and data security for BabyCenter, Clue, Flo, My Calendar, and Ovia, CR’s Digital Lab used principles outlined in the Digital Standard in a comparative analysis. Launched by CR in 2017 in partnership with privacy and security experts, the standard is a set of benchmarks that companies can use to design digital products that are respectful of consumer privacy rights.
Output & Impact
The graphic scorecard illustrates some of the top categories to highlight throughout the experience.
Findings reported in CR article: Consumer Reports reported the findings through an article that highlighted the apps are popular, but raises concerns about what happens to the very personal data they collect. None of the apps guarantee that all of your information will be used only in ways you intend. That’s because they all share some user data with external partners for purposes such as targeted advertising. And those partners may then share or resell your personal information to third parties who make no promises to you about how they handle it.
Letter to app companies: CR’s Digital Lab also found shortcomings among all five apps in how they protect the sensitive user data they gather. The advocacy team wrote an email that urged these apps to:
- Only use collected data for the purpose of the health app;
- Limit the data you collect to only information needed to operate the app;
- Decline to share or sell user information;
- Safely destroy collected data once it is no longer needed to operate the app; and
- Give consumers clear and concise information about what you do with their data and why.
When CR alerted the companies to these findings, some moved quickly to make fixes.
Flo app made changes: Flo dropped Facebook as an ad-tracking and data-analytics partner after The Wall Street Journal revealed in February 2019 that the app shared personal data, such as whether a user intended to become pregnant, with the social media giant, which used the information for targeted advertising. Now Flo uses only one partner for ad targeting and app usage analysis while the other apps CR evaluated use a half-dozen or more.
Identified shortcomings in data collection: While CR’s Digital Lab didn’t uncover any major security issues, it did find shortcomings in the way all five apps handle the sensitive user data they collect, says Maria Rerecich, CR’s senior director of product testing. For example, none require users to log in by default every time they open the app, or offer multi-factor authentication (which requires that users input a code sent by text to their phone), or require an additional security step before accessing the app.
How was this work informed by the Digital Standard?
This work incorporated several specific elements from the larger Digital Standard framework. Specifically, the comparative analysis used elements from the Security and Privacy sections of the Standard:
A simplified version of the Digital Standard, highlighting how the connected camera work was informed by this framework.