Period tracking app refuses to disclose data to American authorities : privacy

[–] ArcaneSlime@lemmy.dbzer0.com 16 points 1 day ago* (last edited 1 day ago)

They shouldn't be collecting it in the first place, store the logs locally (and encrypted tbh) on the user's device.

[–] EmperorHenry@discuss.tchncs.de 5 points 1 day ago

But it will still disclose that data to advertising companies which WILL give it to the authorities for a nominal fee

Also, why does the app keep that data in a centralized location where it can be scooped up like that?

And more importantly, people have known that everything is spyware since the Snowden leaks, why the hell would you ever give that kind of data to an app on your phone? Even if the app was totally E2EE and private, other things on your phone do all kinds of spying

[–] kekmacska@lemmy.zip 6 points 1 day ago (1 children)

tf is usa on, why they need perios statistics

[–] OneWomanCreamTeam@sh.itjust.works 6 points 1 day ago (1 children)

So they can prosecute people for getting illegal abortions.

[–] kekmacska@lemmy.zip 1 points 1 day ago

typical Trump presidency bullshit. Yet they fail to prosecuate many gangsters and rich money launderers. like this was the biggest problem ever

[–] ColdWater@lemmy.ca 4 points 1 day ago (1 children)

Why US gov need to know about people's period?, that's weird and creepy

[–] EmperorHenry@discuss.tchncs.de 3 points 1 day ago

To get the needle, you need the whole haystack. Collect everything decrypt later

[–] Anticorp@lemmy.world 46 points 2 days ago (4 children)

Why in the fuck would the government need this information?

[–] problematicPanther@lemmy.world 14 points 1 day ago

dystopian hellscape where government has an algorithm to check whether your period has come in a given month, and if you've missed more than a few weeks, you'll be listed as pregnant. And then if you're not pregnant anymore for any reason other than giving birth, then you'll be prosecuted for having an abortion.

[–] KomfortablesKissen@discuss.tchncs.de 13 points 1 day ago

To prosecute criminals. Like women not following a shit take like "Your body, my choice". Or terrorists. With wombs? Idk.

This shit is just fucked up.

[–] dance_ninja@lemmy.world 48 points 2 days ago (9 children)

When they start prosecuting women for miscarriages and suspected abortions under Trump's national abortion ban.

load more comments (9 replies)

[–] horse_tranquilizers@sh.itjust.works 9 points 1 day ago

China had a database that stored fertility information including information like in the article leak a few years back too. Worse cause it leaked/got hacked. Creepy AF

[–] Fosheze@lemmy.world 65 points 2 days ago (12 children)

Why does a period tracking app even need to store the data anywhere other than locally?

[–] sus@programming.dev 43 points 2 days ago* (last edited 2 days ago) (2 children)

their given reasons are "to keep backups" and "academic and clinical research with de-identified datasets"

they seem to actually do a fairly good job with anonymizing the research datasets, unlike most "anonymized research data", though for the raw data stored on their servers, they do not seem to use encryption properly and their security model is "the cloud hoster wouldn't spy on the data right?" (hint: their data is stored on american servers, so the american authorities can just subpoena Amazon Web Services directly, bypassing all their "privacy guarantees". (the replacement for the EU-US Privacy Shield seems to be on very uncertain legal grounds, and that was before the election))

[–] ballmerpeaking@programming.dev 6 points 1 day ago* (last edited 1 day ago) (1 children)

De-identified data is an oxymoron. Basically any dataset that's in any way interesting is identifiable.

[–] sus@programming.dev 4 points 1 day ago* (last edited 1 day ago)

no it's not. If you reduce the information in the datapoints until none of them are unique, then it is very obviously impossible to uniquely identify someone from them. And when you have millions of users the data can definitely still be kept interesting

(though there's pretty big pitfalls here, as their report seems to leave open the possibility of not doing it correctly)

[–] Anticorp@lemmy.world 13 points 2 days ago

de-identified

Doubt.

load more comments (11 replies)

[–] KomfortablesKissen@discuss.tchncs.de 6 points 1 day ago

This is awesome, thank you for your service! Goddamn, the premises around that are just... sad.

[–] ValiantDust@feddit.org 132 points 2 days ago (4 children)

If anyone is in need of a more secure option in these dystopian times: drip keeps all your data on your phone. You can export the data, so you can keep the tracked data when changing phones. I only use it for tracking my cycle and sometimes symptoms though, so I can't say much about using it for birth control.

[–] disguy_ovahea@lemmy.world 25 points 2 days ago (21 children)

Apple’s Cycle Tracking app is also locally and E2E encrypted in iCloud.

When your phone is locked with a passcode, Touch ID, or Face ID, all of your health and fitness data in the Health app, other than your Medical ID, is encrypted. Any health data synced to iCloud is encrypted both in transit and on our servers. And if you have a recent version of watchOS and iOS with the default two-factor authentication and a passcode, your health and activity data will be stored in a way that Apple can’t read it.

This means that when you use the Cycle Tracking feature and have enabled two-factor authentication, your health data synced to iCloud is encrypted end-to-end and Apple does not have the key to decrypt the data and therefore cannot read it.

https://support.apple.com/en-us/120356

[–] onlinepersona@programming.dev 31 points 2 days ago* (last edited 1 day ago) (9 children)

Sure. It's encrypted. And your private data only stays on your device. Pinky swear.

With our 10 billion $ in ad revenue, you can trust that your data never makes it to a third party unencrypted 😚

Anti Commercial-AI license

[–] uis@lemm.ee 4 points 1 day ago* (last edited 1 day ago)

"If you are paying, it doesn't mean you are not the product"

- Cory Doctorow

load more comments (8 replies)

load more comments (20 replies)

load more comments (3 replies)

[–] Duamerthrax@lemmy.world 41 points 2 days ago* (last edited 2 days ago) (7 children)

~~That's nice, but why does that data need to be on their servers in the first place?~~

Ok, so apparently they don't store the data by default. Guessing they could if the user wants it backed up or synced across devices.

load more comments (7 replies)

[–] Bluefalcon@discuss.tchncs.de 36 points 2 days ago (3 children)

Any woman on here, please consider bluemoon. My wife is tech illiterate but loves the app.

Bluemoon (Open source, privacy friendly menstruation tracking app. Your period, your data!) https://f-droid.org/packages/ch.nilsgrob.android.bluemoon/

load more comments (3 replies)

[–] Undaunted@discuss.tchncs.de 22 points 2 days ago (4 children)

I know it's not feasible, but if a lot of males would just use the apps that are know to report to US authorities and input data, that most likely will raise a alarms, they would have to deal with heaps of false-positives and it would obscure the real data.

[–] Agent641@lemmy.world 5 points 1 day ago

I just experienced my first period as a 38 year old male. I know almost nothing about them, so this is gonna be a wild ride for anyone who reads my stats.

[–] Ellvix@lemmy.world 14 points 2 days ago (1 children)

I'm in. Anyone know of any apps that DO report data?

[–] Proposal6114@lemmy.dbzer0.com 16 points 2 days ago

Same, ready to poison data against fascists anytime.

load more comments (2 replies)

[–] imPastaSyndrome@lemm.ee 29 points 2 days ago (2 children)

Can I get a reminder about the apps that WILL share with the govt so I can help fuck with their data?

[–] jmcs@discuss.tchncs.de 24 points 2 days ago (5 children)

All US-based apps and all the apps that store their data in US-owned cloud providers at very least.

load more comments (5 replies)

load more comments (1 replies)

[–] far_university190@feddit.org 22 points 2 days ago

female and male staff members at Clue, based in Berlin

Basiert und in Berlin.

𝕯𝖎𝖊𝖘𝖊 𝕶𝖔𝖒𝖒𝖊𝖓𝖙𝖆𝖗𝖘𝖊𝖐𝖙𝖎𝖔𝖓 𝖎𝖘𝖙 𝖓𝖚𝖓 𝕰𝖎𝖌𝖊𝖓𝖙𝖚𝖒 𝖉𝖊𝖗 𝕭𝖚𝖓𝖉𝖊𝖘𝖗𝖊𝖕𝖚𝖇𝖑𝖎𝖐 𝕯𝖊𝖚𝖙𝖘𝖈𝖍𝖑𝖆𝖓𝖉

[–] serenissi@lemmy.world 13 points 2 days ago

It makes zero sense in keeping the data unencrypted in ang cloud. People usually don't share their cycles details on the public internet.

[–] homesweethomeMrL@lemmy.world 19 points 2 days ago

DO NOT put this kind of information in an app!

If you absolutely have to have it in your phone, use the calendar and pick some event that's plausible monthly with a unique name so you can search on it. "Checked for Mxyzlptik updates", "Look at travel to Canada prices" or whatever.

If you need more functionality than that you'll need an offline solution. We live in a fascist dictatorship now. They hate women. And they will 100% use that information against you if they can.