Popular fertility app Flo shared 'sensitive' user data with FACEBOOK

‘Deeply personal and shocking’: Women desert fertility-tracking app Flo after it is sanctioned for ‘sharing data about when users were ovulating with Facebook without their consent’

  • Flo has been downloaded by over 140 million women around the world
  • A 2019 report found that the app was sharing sensitive user data with Facebook
  • This includes information on when users were having their periods
  • Now, the Federal Trade Commission has reached a settlement with Flo 

Women are deserting the popular period and fertility-tracking app Flo over allegations that it shared ‘highly sensitive’ user data with Facebook.

Flo has been downloaded over 140 million times, and is used as an ovulation calendar, period tracker and pregnancy app.

But in 2019, a report found that Flo was sharing sensitive users’ data with Facebook, despite promising to keep their information private.

This included information on when users were having their periods, as well as whether they intended to get pregnant.

Now, Flo has reached a settlement with the US Federal Trade Commission (FTC), and has confirmed that it will be notifying all users that it shared their personal information without their consent.

However, the company maintains that it didn’t do anything wrong, and that is has only agreed to the settlement to ‘avoid the time and expense of litigation’.

Following the news, many frustrated women have deleted the app, with one describing the news as ‘deeply personal and shocking.’ 

Flo has been downloaded by over 140 million women around the world, and is used as an ovulation calendar, period tracker and pregnancy app

WHAT APPS SHARE YOUR DATA WITH FACEBOOK? 

An investigation by the Wall Street Journal tested 70 apps and found that 11 were sharing data with Facebook, largely without users’ knowledge.  

Apps named by the Journal include: 

Instant Heart Rate: HR Monitor: Sent information such as heart rate to Facebook

Flo Period & Ovulation Tracker: Informed Facebook when user was having her period or had indicated an intention to get pregnant 

Realtor.com: Sent location and price of listings that a user viewed and even made note of which were favourited

Breethe Inc: Shared users’ email addresses and the name of the meditations they’d completed 

BetterMe: Shared users weights and heights as soon as they were entered 

In the 2019 report, The Wall Street Journal found that Flo had shared period tracking data with Facebook so that it could deliver targeted online ads to users.

While Flo initially denied that it had shared critical user data, testing by The WSJ revealed that this was not the case.

The FTC voted on the proposed settlement 5-0, and will require Flo to obtain an independent review of its privacy practices and obtain users’ consent before sharing their health information.

Flo must also notify users of the FTC charges, and tell them that it shared their personal information without consent.

However, Flo maintains that it did not do anything wrong.

In a statement, a Flo spokesperson said: ‘Our agreement with the FTC is not an admission of any wrongdoing. 

‘Rather, it is a settlement to avoid the time and expense of litigation and enables us to decisively put this matter behind us.

‘Flo did not at any time share users’ names, addresses, or birthdays with anyone. 

‘We do not currently, and will not, share any information about our users’ health with any company unless we get their permission.’

Several Flo app users have taken to Twitter to express their disappointment at the news.

One user said: ‘I’ve been using this app for years, had no idea they were selling my data. I deleted both FB & IG over the past 3 years due to Zucky & data. 

In 2019, a report found that Flo was sharing sensitive user data with Facebook, despite promising to keep user information private

‘It’s absolutely disgusting that Flo have done this. Will seek out a replacement asap, once I can extract my info – the point of tracking.’

Another added: ‘Wow I use that app. That is deeply personal and sick. Deleting that app immediately.’

And one wrote: ‘Wow, monetising menstrual cycles. We are truly living in a dystopia.’

Several Flo app users have taken to Twitter to express their disappointment at the data-sharing news

One Flo user described the data sharing revelations as ‘deeply personal and sick’, and said she was deleting the app

One Flo user tweeted: ‘Wow, monetising menstrual cycles. We are truly living in a dystopia’

Flo isn’t the only app in the firing line over allegations of sharing user data with Facebook.

The original WSJ investigation accused at least 11 apps of covertly collecting deeply personal information, including real estate app Realtor and Instant Heart Rate: HR Monitor.

Andrew Smith, director of the FTC’s Bureau of Consumer Protection, said: ‘Apps that collect, use and share sensitive health information can provide valuable services, but consumers need to be able to trust these apps.

‘We are looking closely at whether developers of health apps are keeping their promises and handling sensitive health information responsibly.’

FACEBOOK’S PRIVACY DISASTERS

July 2019: Facebook data scandal: Social network is fined $5billion over ‘inappropriate’ sharing of users’ personal information

March 2019: Facebook CEO Mark Zuckerberg promised to rebuild based on six ‘privacy-focused’ principles:

  • Private interactions
  • Encryption
  • Reducing permanence
  • Safety
  • Interoperability
  • Secure data storage

Zuckerberg promised end-to-end encryption for all of its messaging services, which will be combined in a way that allows users to communicate across WhatsApp, Instagram Direct, and Facebook Messenger.

December 2018: Facebook comes under fire after a bombshell report discovered the firm allowed over 150 companies, including Netflix, Spotify and Bing, to access unprecedented amounts of user data, such as private messages.

Some of these ‘partners’ had the ability to read, write, and delete Facebook users’ private messages and to see all participants on a thread. 

It also allowed Microsoft’s search engine, known as Bing, to see the name of all Facebook users’ friends without their consent.

Amazon was allowed to obtain users’ names and contact information through their friends, and Yahoo could view streams of friends’ posts.

September 2018: Facebook disclosed that it had been hit by its worst ever data breach, affecting 50 million users – including those of Zuckerberg and COO Sheryl Sandberg.

Attackers exploited the site’s ‘View As’ feature, which lets people see what their profiles look like to other users.  

Facebook (file image) made headlines in March 2018  after the data of 87 million users was improperly accessed by Cambridge Analytica, a political consultancy

The unknown attackers took advantage of a feature in the code called ‘Access Tokens,’ to take over people’s accounts, potentially giving hackers access to private messages, photos and posts – although Facebook said there was no evidence that had been done. 

The hackers also tried to harvest people’s private information, including name, sex and hometown, from Facebook’s systems.

Zuckerberg assured users that passwords and credit card information was not accessed.

As a result of the breach, the firm logged roughly 90 million people out of their accounts as a security measure.

March 2018: Facebook made headlines after the data of 87 million users was improperly accessed by Cambridge Analytica, a political consultancy.

The disclosure has prompted government inquiries into the company’s privacy practices across the world, and fueled a ‘#deleteFacebook’ movement among consumers.

Communications firm Cambridge Analytica had offices in London, New York, Washington, as well as Brazil and Malaysia.

The company boasts it can ‘find your voters and move them to action’ through data-driven campaigns and a team that includes data scientists and behavioural psychologists.

‘Within the United States alone, we have played a pivotal role in winning presidential races as well as congressional and state elections,’ with data on more than 230 million American voters, Cambridge Analytica claimed on its website.

The company profited from a feature that meant apps could ask for permission to access your own data as well as the data of all your Facebook friends.

The data firm suspended its chief executive, Alexander Nix (pictured), after recordings emerged of him making a series of controversial claims, including boasts that Cambridge Analytica had a pivotal role in the election of Donald Trump

This meant the company was able to mine the information of 87 million Facebook users even though just 270,000 people gave them permission to do so.

This was designed to help them create software that can predict and influence voters’ choices at the ballot box.

The data firm suspended its chief executive, Alexander Nix, after recordings emerged of him making a series of controversial claims, including boasts that Cambridge Analytica had a pivotal role in the election of Donald Trump.

This information is said to have been used to help the Brexit campaign in the UK.

Source: Read Full Article