Period-tracking apps store users’ most private data. What will that mean in a post-Roe world?

States that ban abortion could ask period-tracking apps to hand over user information.

Flo Health's period and cycle tracking app

Flo is a popular period-tracking app.

Photo: Flo Health

Period-tracking apps can be a lifesaver for users who want to track their symptoms, view predictions about upcoming cycles and even plan whether they want to conceive or not. In a world in which Roe v. Wade is overturned, privacy experts are concerned that those apps could be forced to hand over some of users’ most private ovulation information.

This isn’t a new worry: Researchers have long waved the privacy flag over the collection of data around people’s sexual lives, medication intake and more. Some period-tracking apps, like FEMM, openly state that third-party platforms could use their data for targeted advertising. Other data has reportedly been used for academic studies and by data analytics providers. But if states outlaw abortion altogether, those apps could be subpoenaed for data on individual users, and that data could then be used as evidence against people who choose to terminate their pregnancies.

It’s a dystopian fear, but not out of the realm of possibility. In fact, it’s happened before: A woman was charged with second-degree murder after a prosecutor used her online searches for abortion pills to imply motive after she lost her pregnancy (although the charges were later dropped). There aren’t many laws preventing period-tracking data from being purchased or requested by police once a user consents to data collection, though some apps limit the collection of information or store it locally on a user’s device.

When users install period-tracking apps and start logging their cycles, they agree to a certain loss of privacy. After all, they have to hand over some information for the apps to effectively predict future cycles, estimate ovulation windows and help monitor their period symptoms. Most users expect that data to remain private, but there’s no guarantee. Most period-tracking apps collect data that can then be shared with advertisers.

“Anything that could be shared with advertisers can be shared with law enforcement,” India McKinney, the director of Federal Affairs at the Electronic Frontier Foundation, told Protocol.

Cycle-tracking apps — and health apps in general, for that matter — aren’t protected by the same privacy protections as patient privacy rules under HIPAA, meaning apps aren’t prevented from sharing this data. McKinney said that makes health-tracking apps of interest to third parties. “Abortion services? Maybe not profitable, but certainly of interest,” she said.

McKinney said in states where restrictive abortion laws have gone into effect, that information could be turned over to a third party if subpoenaed. Say, for example, you live in a state where miscarriages are illegal (there are none, but some state laws are so vague that people have been arrested after pregnancy loss). McKinney said if law enforcement was investigating whether a miscarriage took place and had reason to believe a period-tracking app might have evidence, they could request that data. Even if the app anonymized data, McKinney said it’s easy to re-identify users.

Popular period-tracking apps like FEMM, Flo, Ovia Health and Clue collect a range of personal information, like the length of someone’s period and whether a person had protected and unprotected sex, as well as identifying information like emails and IP addresses. The data is self-reported, but users might not realize that the benefits of tracking their periods might open them up to legal action if abortion is outlawed. Some apps, like Flo, say they don’t hand over any user data to third parties, but McKinney said the fact that they own this user data means it could be requested by law enforcement, and that’s not an uncommon ask. What is unusual is the amount of deeply personal health data that could be exposed if abortion becomes criminalized.

A representative for Clue said health data is “kept private and safe.” The app is required to comply with the EU’s General Data Protection Regulation law, which sets guidelines for collecting and processing personal information, although it’s unclear if those protections extend to U.S. users.

“All our users’ health data is stored on servers in the European Union,” a spokesperson told Protocol.

Representatives for period-tracking apps FEMM and Ovia Health did not return requests for comment.

It’s unclear what kinds of privacy changes these apps might implement if abortion laws become more restrictive.

Evan Greer, deputy director of the nonprofit advocacy group Fight for the Future, said the ability for apps to collect data that could be used by third-party platforms or law enforcement highlights the need for users to better understand consent when using these apps. People may allow an app to collect this sensitive data without realizing it could be used elsewhere.

“Many people just don't actually know what risks are associated with handing over sensitive data to these companies,” Greer told Protocol.

Greer said an important factor is the way an app stores data — some store it in the cloud, where it can be analyzed and shared with advertisers, and some store information locally on a user’s phone. User data in Planned Parenthood’s period-tracking app, Spot On, is stored locally. “No one but you has access to it — not even our developers,” the organization said in 2019. Period-tracking app Euki has the same policy.

At the core of this issue is a lack of federal privacy protections that would require apps to encrypt data and store it locally on a user’s device, said Carrie Baker, a professor of gender, law and public policy at Smith College. The U.S. doesn’t have any singular law that accounts for all types of data collection.

“Our laws around privacy, generally, are not written for the current technological environment,” Baker told Protocol. “They’re not anticipating the kinds of issues with regard to security and privacy that people need to be thinking about today. And I think the abortion issue is just one very frightening example.”


The minerals we need to save the planet are getting way too expensive

Supply chain problems and rising demand have sent prices spiraling upward for the minerals and metals essential for the clean energy transition.

Critical mineral prices have exploded over the past year.

Photo: Andrey Rudakov/Bloomberg via Getty Images

The newest source of the alarm bells echoing throughout the renewables industry? Spiking critical mineral and metal prices.

According to a new report from the International Energy Agency, a maelstrom of rising demand and tattered supply chains have caused prices for the materials needed for clean energy technologies to soar in the last year. And this increase has only accelerated since 2022 began.

Keep Reading Show less
Lisa Martine Jenkins

Lisa Martine Jenkins is a senior reporter at Protocol covering climate. Lisa previously wrote for Morning Consult, Chemical Watch and the Associated Press. Lisa is currently based in Brooklyn, and is originally from the Bay Area. Find her on Twitter ( @l_m_j_) or reach out via email (ljenkins@protocol.com).

Sponsored Content

Why the digital transformation of industries is creating a more sustainable future

Qualcomm’s chief sustainability officer Angela Baker on how companies can view going “digital” as a way not only toward growth, as laid out in a recent report, but also toward establishing and meeting environmental, social and governance goals.

Three letters dominate business practice at present: ESG, or environmental, social and governance goals. The number of mentions of the environment in financial earnings has doubled in the last five years, according to GlobalData: 600,000 companies mentioned the term in their annual or quarterly results last year.

But meeting those ESG goals can be a challenge — one that businesses can’t and shouldn’t take lightly. Ahead of an exclusive fireside chat at Davos, Angela Baker, chief sustainability officer at Qualcomm, sat down with Protocol to speak about how best to achieve those targets and how Qualcomm thinks about its own sustainability strategy, net zero commitment, other ESG targets and more.

Keep Reading Show less
Chris Stokel-Walker

Chris Stokel-Walker is a freelance technology and culture journalist and author of "YouTubers: How YouTube Shook Up TV and Created a New Generation of Stars." His work has been published in The New York Times, The Guardian and Wired.


The 911 system is outdated. Updating it to the cloud is risky.

Unlike tech companies, emergency services departments can’t afford to make mistakes when migrating to the cloud. Integrating new software in an industry where there’s no margin for error is risky, and sometimes deadly.

In an industry where seconds can mean the difference between life and death, many public safety departments are hesitant to take risks on new cloud-based technologies.

Illustration: Christopher T. Fong/Protocol

Dialing 911 could be the most important phone call you will ever make. But what happens when the software that’s supposed to deliver that call fails you? It may seem simple, but the technology behind a call for help is complicated, and when it fails, deadly.

The infrastructure supporting emergency contact centers is one of the most critical assets for any city, town or local government. But just as the pandemic exposed the creaky tech infrastructure that runs local governments, in many cases the technology in those call centers is outdated and hasn’t been touched for decades.

Keep Reading Show less
Aisha Counts

Aisha Counts (@aishacounts) is a reporter at Protocol covering enterprise software. Formerly, she was a management consultant for EY. She's based in Los Angeles and can be reached at acounts@protocol.com.


'The Wilds' is a must-watch guilty pleasure and more weekend recs

Don’t know what to do this weekend? We’ve got you covered.

Our favorite things this week.

Illustration: Protocol

The East Coast is getting a little preview of summer this weekend. If you want to stay indoors and beat the heat, we have a few suggestions this week to keep you entertained, like a new season of Amazon Prime’s guilty-pleasure show, “The Wilds,” a new game from Horizon Worlds that’s fun for everyone and a sneak peek from Adam Mosseri into what Instagram is thinking about Web3.

Keep Reading Show less
Janko Roettgers

Janko Roettgers (@jank0) is a senior reporter at Protocol, reporting on the shifting power dynamics between tech, media, and entertainment, including the impact of new technologies. Previously, Janko was Variety's first-ever technology writer in San Francisco, where he covered big tech and emerging technologies. He has reported for Gigaom, Frankfurter Rundschau, Berliner Zeitung, and ORF, among others. He has written three books on consumer cord-cutting and online music and co-edited an anthology on internet subcultures. He lives with his family in Oakland.


Work expands to fill the time – but only if you let it

The former Todoist productivity expert drops time-blocking tips, lofi beats playlists for concentrating and other knowledge bombs.

“I do hope the productivity space as a whole is more intentional about pushing narratives that are about life versus just work.”

Photo: Courtesy of Fadeke Adegbuyi

Fadeke Adegbuyi knows how to dole out productivity advice. When she was a marketing manager at Doist, she taught users via blogs and newsletters about how to better organize their lives. Doist, the company behind to-do-list app Todoist and messaging app Twist, has pushed remote and asynchronous work for years. Adegbuyi’s job was to translate these ideas to the masses.

“We were thinking about asynchronous communication from a work point of view, of like: What is most effective for doing ambitious and awesome work, and also, what is most advantageous for living a life that feels balanced?” Adegbuyi said.

Keep Reading Show less
Lizzy Lawrence

Lizzy Lawrence ( @LizzyLaw_) is a reporter at Protocol, covering tools and productivity in the workplace. She's a recent graduate of the University of Michigan, where she studied sociology and international studies. She served as editor in chief of The Michigan Daily, her school's independent newspaper. She's based in D.C., and can be reached at llawrence@protocol.com.

Latest Stories