Researchers are calling for improved legislation and regulation to minimise data security and privacy risks associated with fertility apps, associated devices, and other so-called 'FemTech'.
FemTech is a term used to describe a wide range of technologies used to aid the tracking and management of women's health, including menstrual cycles and fertility, as well as the devices used to assist in this, for example fertility trackers. Concerns have now been raised about not only personal data input into apps, but also data obtained via access to the camera of a phone or device used, or location data and contacts stored in the device, by researchers from the UK and Switzerland.
Professor Mike Catt of Newcastle University, one of the authors of the study published in Frontiers in the Internet of Things said: 'Many of the apps surveyed access mobile and device resources too. Some of these permissions are marked as dangerous, according to Google's protection levels. Such access potentially exposes contacts, camera, microphone, location and other personal data.'
The Information Commissioner's Office (ICO) launched a review into how FemTech firms are using data from fertility and period tracking apps in the UK last year (see BioNews 1206). In 2022, an independent report carried out by the Organisation for the Review of Care and Health Apps revealed that 21 of the 25 fertility apps evaluated shared data with third parties and only one obtained consent prior to sharing user data in the UK.
In this most recent piece of research, researchers from Newcastle University, Royal Holloway - University of London, University College London and ETH Zurich, Switzerland, investigated the data and permissions collected, for nine FemTech devices, of which seven were connected to an app, and one solo app. One of the devices investigated was the Daysy Cycle fertility tracker.
They then searched EU, UK and Swiss legislation for specific mentions of FemTech, as well as other words relating to fertility, pregnancy, hormones, sex and ovulation, among other terms, to see how and if collection and sharing of this data was regulated.
Authors concluded current regulations for data security and privacy were insufficient in capturing all possible security threats to users of FemTech. They also raised concerns about the personal data that could be gleaned about a user's partner or child from some of the apps and devices available.
Researchers have shared their results with the ICO. Dr Maryam Mehrnezhad, lead author of the research and senior lecturer at Royal Holloway said: 'We constantly share our research results with the industry and related regulatory bodies, such as the Information Commissioner's Office.
'We hope to see better collaborative efforts across the stakeholders to enable the citizens to use FemTech solutions to improve the quality of their lives without any risk and fear.'
Leave a Reply
You must be logged in to post a comment.