HN

Need help?
<- Back
Period tracking app has been selling data to Meta

Period tracking app has been selling data to Meta

campuscodi

Comments (160)

  • freediddy
    Meta only cares about ad revenue so could they be researching or have discovered a link between buying trends and links to a woman's cycle?
  • moffers
    I don’t have the right configuration of equipment to use an app like this, but does anyone know why this needs to be a service-driven app? What piece of functionality requires a server to track your health?
  • culi
    [drip.](https://bloodyhealth.gitlab.io/) [source](https://gitlab.com/bloodyhealth/drip) - around since 2019. Last update 2 months ago - iOS, Android - React Native Mensinator [source](https://github.com/EmmaTellblom/Mensinator) - around since 2024. Last update 2 weeks ago - Android - Kotlin [Menstrudel](https://menstrudel.app/) [source](https://github.com/J-shw/Menstrudel) - around since 2015. Last updated 3 weeks ago. - iOS and Android - Dart [Tyd](https://unobserved.io/tyd/) [source](https://github.com/unobserved-io/tyd) - around since 2023. Last updated 2 years ago. - iOS - Swift EDIT: Someone else pointed out this closed-source alternative that got a 92% by ORCHA: https://www.my28x.com/I think the biggest thing I'd like to see is a data format standard defined. You should be able to "take your data with you" and go anywhere you like. If you decide an app is unethical or if your favorite OSS app stops being updated, it should be simple to switch. Many apps let you export your data. Maybe someone can make a converter between popular proprietary apps and a common data structure spec
  • mghackerlady
    I don't have a period, so I'm not the best person to do it, but there really needs to be a solid FOSS alternative to flo. If GNU had more women, it'd probably already exist
  • childofhedgehog
    Why would anyone think that a non-HIPPA compliant app would keep medical information private to the level of security needed for medical data? Flo has definitely breached user trust, but that trust seems misplaced from the get-go.
  • arkwin
    Now is a good time to bring up.https://bloodyhealth.gitlab.ioA secure open source period tracking app.
  • anon
    undefined
  • DauntingPear7
    I will say, with codex/cc access and a free weekend you could make an app that covers like 99% of this app’s purpose. The harder part would be the art/making it cutesy, as some other commenters have pointed out. Plain SwiftUI or compose just isn’t eye catching enough
  • 2OEH8eoCRo0
    It's really sad that we have all this technology but we can't trust any of it.
  • philipallstar
    > It seems like we can’t just necessarily leave it up to companies – or their ragtag teams of crackpot lawyers rewriting privacy policies every few months – to keep our private data private.It's not a medical requirement from a doctor, so just keep a diary if you want to. Not everything needs to be an app. All the money spent on regulations and regulators to cover increasingly niche opt-in services that are entirely unnecessary is a waste.
  • josefritzishere
    That's incredibly creepy.
  • theptip
    This one seems clear cut as a HIPAA violation. Glad to hear that interpretation was upheld.However, regardless, we really need to just kill the data broker business model.Speaking as someone who implemented GDPR for my startup when the law first came into effect, there were certainly rough edges.But the core premise that you simply cannot sell user data to sub-processors without consent is a powerful one that I believe would fix a lot of broken things in the US system.(Not least because the USG buys private data that would be unconstitutional for it to directly collect, but also things like the incentives for your cell phone provider to sell your location data to advertisers.)
  • ronbenton
    Hey surely Meta wouldn’t send that data to a government interested in regulating women’s reproductive rights
  • frankdenbow
    its crazy to me that Flo is used so widely, as its started by Russian men and their treatment of data has bee public for a while, it just hasnt spread fast enough. I know theres at least one other option called Calessa (http://Calessa.app)
  • jeffbee
    Does anyone happen to know if Meta and Google have ever recovered these judgements from the app developers? All of the industry terms of service specifically forbid SDK licensees from sending sensitive personal data to the platforms, and they require the licensee to indemnify the platform against any judgement that arises from violating those terms. See Meta's statement on this verdict, which seems pretty reasonable to me. This 100% looks like the fault of the app developer:“User privacy is important to Meta, which is why we do not want health or other sensitive information and why our terms prohibit developers from sending any.” Meta maintains that any transmission of sensitive health data is due to a failure to comply with its terms of use.
  • pascal-maker
    [dead]
  • WarcrimeActual
    [flagged]
  • thom-gtdp
    [flagged]
  • aboringusername
    I don't actually see this as a problem, and instead it's a PSA everyone needs to internalize:If you put data onto a networked device it may be sent to some place else.If you don't want your data being shared:Use a device that does not have any networking capability (both hardware and software wise)Use a pen and paper, you can shred and destroy as you see fit.If you're using an application on a mobile device with mobile data/wifi, the chances are, your data is being uploaded.