AGs to Apple: Protect private reproductive health data on apps

In a letter penned to Apple CEO Tim Cook, the attorneys general say Apple hasn’t done enough to protect users’ reproductive health data.

Lecia Bushak

November 28, 2022

4:39 pm

Low angle portrait of young Asian woman using smartphone against beautiful blue sky with cloudscapes, enjoying sunlight outdoors. Lifestyle and technology

Attorneys general from ten states recently penned a letter to Apple calling on the tech giant to do more to protect people’s reproductive health data on mobile apps.

The letter, addressed to Apple CEO Tim Cook, argued that apps available through Apple’s App Store currently don’t have enough measures in place to ensure that data doesn’t make its way into the hands of third parties or individuals who can use it to target people in the wake of Roe v. Wade being overturned.

“Apple has not done enough,” the letter posited. “Location history, search history, and adjacent health data pose a significant risk to individuals seeking or providing abortions, birth control or other reproductive healthcare.”

The attorney generals, including William Tong, Karl Racine and Kwame Raoul, urged Apple to take on three policy recommendations.

First, to delete data that’s not necessary for the app — like location or search history. Second, to provide clear notices that App Store apps may disclose user data to third parties about reproductive healthcare. Finally, for apps that gather reproductive health data to enact the same level of data privacy standards as Apple.

“These actions,” they wrote, “will safeguard reproductive health information from being wrongfully exploited by those who would use it to harm patients or providers.”

Without protecting that information, it’s possible for data brokers to gather reproductive health information from apps to be sold to marketing agencies or other data brokers. It can, however, also be used by law enforcement or others to target people in states where abortion has become criminalized.

In the letter, the authors noted that crisis pregnancy centers, often linked to anti-abortion groups, also purchase such data to develop ads or gather even more data from people seeking reproductive care, then use it to meddle with patients’ access to abortion or share the info with law enforcement.

A recent survey out of Mozilla Foundation found that out of 25 reproductive health apps examined, 18 failed to follow proper privacy and security standards, including basic ones like encryption, automatic security updates or a clear privacy policy.

Those included period tracking apps, pregnancy or fertility apps and even health and fitness wearables. Mozilla gave those 18 apps a “Privacy Not Included” warning label.