Conversations about women's health data online are increasingly taking center stage as concerns grow about data privacy and security, particularly in women's health apps.
Concerns about the protection of women's health data stem from the U.S. Supreme Court's recent decision to overturn Roe v. Wade, which protected a woman's right to abortion access. The decision opens the door to criminal prosecution of women seeking abortions and raises concerns about law enforcement officials' ability to subpoena abortion-related data from data companies and women's health apps.
President Joe Biden on Friday signed an executive order protecting women's access to abortion, as well as data privacy online. The EO charged federal agencies such as the Federal Trade Commission, as well as the Department of Health and Human Services, with strengthening the protection of sensitive information related to reproductive healthcare services.
Additionally, the U.S. House Committee on Oversight and Reform on Friday sent letters to five personal health companies and five data brokers requesting information on the collection and sale of personal reproductive health data, noting concerns about the misuse of personal data for individuals seeking reproductive health care.
Committee members cited a study that showed 87% of the 23 most popular women's health apps shared data with third parties, with only 50% of women's health apps requesting permission from users to do so.
"The collection of sensitive data could pose serious threats to those seeking reproductive care as well as to providers of such care, not only by facilitating intrusive government surveillance, but also by putting people at risk of harassment, intimidation, and even violence," committee members said in a statement.
Some women's health apps have announced new measures to protect women's health data.
Women's health apps respond
Last week, popular women's health app Flo sent an email to its users saying, "We will do everything in our power to protect the data and privacy of our users."
The app will introduce "anonymous mode" in the coming weeks, which will allow users to remove identifying information such as name and email address from their Flo accounts. The company also committed to never sharing personal data with other companies regardless of whether users opt in to anonymous mode.
Meanwhile, women's health company Bellabeat has decided to roll out a private key encryption feature by the end of July enabling all users to access and decrypt data with a private key. That means any personal data stored on Bellabeat servers would be unreadable, as it's stored in encrypted form that only the user could decrypt with the private key.
With the Roe v. Wade decision came a lack of clarity around what courts can or cannot do with personal data and what personal data is or isn't protected, said Bellabeat co-founder Urška Sršen.
"The first initial reaction was: We have to behave as if this could mean that data could be forced from us by the U.S. courts," Sršen said. "Bellabeat is a U.S. company, most of our customers are in the U.S., so we have to take this really seriously."
Bellabeat used personal data for internal research and to improve its products, but with concerns rising about how data might be accessed in states where medical procedures like abortion could be outlawed, it led the company to move forward with the private key encryption feature, Sršen said. Encrypted data on the women's health app is unreadable even to Bellabeat, she said.
"In this scenario, we really don't have any data in readable form that we can submit to anyone," Sršen said. "In this form, data is also protected from theft, leak and users can be sure we are unable to share it or sell it to anyone."
Sršen said the decision to overturn Roe v. Wade negatively impacts the progress tech companies like Bellabeat have made in women's health by using data collected to offer personalized recommendations in areas such as lifestyle habits and nutrition to improve women's reproductive health. It also hinders data exports to healthcare providers.
"We were so excited that femtech in general was flourishing in the last couple of years finally," Sršen said. "This is a blow on a bigger scale."
Big tech data sharing with law enforcement remains a concern
Beyond data women share with health apps, lawmakers and analysts have also expressed concern with the ability of large tech companies like Apple and Google to collect user data, including women's health data, as well as track user's locations.
Google said in a blog post that in the coming weeks it plans to delete location history for users who visit abortion clinics. The company also noted its "long track record" of pushing back on demands from law enforcement for its data.
Urška SršenCo-founder, Bellabeat
Big tech's response on how they plan to handle data requests from law enforcement agencies in abortion-banning states is critical, GlobalData principal analyst Laura Petrone said in a statement.
"Apple's iMessage and Meta's WhatsApp are all end-to-end encrypted by default," she said. "However, they need to be transparent about whether they would collect, retain, and share data that could be used to identify and prosecute people seeking or providing abortions."
Indeed, tech platforms' number one focus in light of the Roe v. Wade reversal should be on putting users' minds at ease that privacy is being protected, said Mark DiMassimo, founder and creative chief of creative agency DiGo.
"The Supreme Court inadvertently kicked over the privacy hornet's nest," he said. "Anybody who cares about the right of privacy is going to be concerned, awakened, and I think activated by this wake-up call."
Makenzie Holland is a news writer covering big tech and federal regulation. Prior to joining TechTarget, she was a general reporter for the Wilmington StarNews and a crime and education reporter at the Wabash Plain Dealer.