The Bogus Privacy in FemTech: circumventing consent when collecting sensitive sexual and reproductive health data

By Manna Mostaghim 

 

FemTech products (or Female Technology products) are digital tools that claim to empower individuals to take control of their health and wellbeing. But at what cost?

FemTech products are facing more scrutiny because of a lack of clarity on how their privacy policies protect sensitive information that are inputted by users. For example, research has identified that FemTech apps do not consider “menstruation and sex data” as “especially sensitive” data requiring additional safeguarding. Nor is there sufficient protection or explanation about how FemTech products often sell users’ data to third party entities.

The analyses of FemTech privacy protections consistently identify that users are likely not even aware of the extent of their lack of privacy. Yet there has not been enough research on the observations, or commentary, from users on their right to privacy when using FemTech products in the UK.

Consenting to a lack of privacy on sensitive health data

FemTech apps often request personal and sensitive information from users, only after a user has provided consent to their digital tool’s terms and conditions. This consent is said to reassure the user that their use of digital tools is compliant with their right to privacy. It also renders digital interfaces immune from accusations that they are abrogating users’ right to privacy.

But a 2019 report by the UK House of Commons House of Lords Joint Committee on Human Rights identified that the consent of users to an abbreviated right to their privacy is “bogus”. This strident characterization by the UK House of Commons House is due to the fact that:

  1. the terms and conditions of digital interfaces are needlessly, and perhaps, purposely overcomplicated.
  2. tech companies make their profits from selling their users’ data to third parties, often without the knowledge of app users; and,
  3. individuals are misled to believe that by providing more specific information to digital interfaces they are making the use apps better for themselves (personalization), rather than providing more data for a business entity to commoditize.

The right to privacy in law

The right to privacy when using digital tools like FemTech are often identified as a concern for cybersecurity experts and legal experts on data privacy. The Cyber Security and Privacy in Fertility Technologies (CyFer) project has repeatedly identified issues with the articulation of privacy rights in FemTech products currently regulated by UK regulations and legislation. More specifically, there is a lack, or significant gaps, in the legislation that governs the rights to privacy for sensitive sexual and reproductive health information collected by apps.

The wider understandings of what constitutes privacy and the rights an individual expects when using a FemTech app is not understood from the perspective of the user. Do users ultimately abrogate their right to privacy because they seek the benefits and services from FemTech products? Is consent and privacy only an academic concern or is it also the concern of the wider public with a layman’s understanding of privacy?

The right to privacy: how FemTech users’ data could be used?

After the reversal of Roe v Wade, pro-choice activists advised people who menstruate to delete FemTech products that tracked their menstrual cycles. There was a speculation that the data from menstrual tracking apps could subsequently be used as evidence by prosecutors against individuals who illegally procured abortions. This has resulted in an increased public scrutiny of the role of FemTech digital tools in protecting its users’ rights to privacy.

The discourse on data privacy and UK users of FemTech digital tools has not attracted the same attention. This may be attributed to the fact that abortions in the UK are publicly subsidised and more widely available than they are in the United States. However, abortions have still not been wholly decriminalised within the UK’s legislative regime; and individuals in the UK still face prosecution for illegally procured abortions.

Additionally, there have been numerous studies and media outlets that have reported that data from FemTech apps are being sold to third parties or to use “services to monetise their apps”. The sale of this data, so far, has been anonymised information. However, although the data is said to be anonymised, “an entire sub-industry exists that links these identifiers to peoples’ real names and physical addresses”.

Cybersecurity experts speculate that vulnerable persons using FemTech apps could have their data used against them by employers, prosecutors or in situations of intimate partner violence. This could lead to safeguarding risks for people who are trying to retain privacy or discreteness around their sexual and reproductive health. However, there is no information on whether FemTech users perceive of this as a risk or concern when using FemTech digital tools.

 

About the Author

Manna Mostaghim has a J.D. from the University of Sydney and is a PhD candidate at the London School of Economics and Political Studies (LSE). Her research focuses on improving policies on sexual and reproductive healthcare in the UK.  She has presented research at conferences and workshops at LSE, Oxford University, the Royal Society of Medicine, Durham University, Lancaster University and Cambridge University.  She is also an Executive Committee member of Abortion Rights UK.

(Visited 999 times, 1 visits today)