Are period tracking apps actually safe to use?

Are you safe to use period tracking apps since the overturn of Roe vs. Wade? The short answer is, in some ways, “yes,” though within certain limitations. And in other ways, definitely not.

Given the increase in safety/privacy concerns around such apps, I wanted to find out what is actually safe and what isn’t. To do so, I reached out to popular period tracking apps Flo and Clue to hear how they’re tackling the data privacy and security of their users. I also spoke to cybersecurity experts to get their take on the matter.

Here’s what I learned, and what you should know to keep yourself safe.

How apps are (trying) to keep you protected

Every app developer I spoke to said they’re ensuring private data is always encrypted and safe. None of the apps are purportedly selling information to any third parties either. It makes sense as to why they’re striving for this, especially now. These companies have a stake in this as much as we do, and if users don’t feel safe using their platform, they lose out too. Among all of the apps, the user decides about inputting any period or pregnancy-related logs, so you can withhold information as you see fit.

Flo did specify that it allows you to delete your data whenever you want. Though it remains to be proven if all data is truly gone. In Flo’s privacy policy, the company states that if data collection is required by law, it informs you of the matter and requires your consent before continuing. You can even retract that consent later if you deem it necessary.

Showing no fear, Clue made its stance very clear. “At this fraught moment, we hear the anger and the anxiety coming from our U.S. user community. Many of us at Clue understand firsthand how it feels to fear for our reproductive autonomy. While we navigate this new reality, we promise to squarely face the challenges it brings, to listen, and do everything we can to make every single Clue user’s experience as positive and safe as it can be.”

The company even stated, “At Clue, we strongly believe that the very personal decision to end a pregnancy should be made in the context of legal, regulated healthcare, without shame or fear of prosecution.”

What is safe with period tracking apps

You’re probably wondering what app is safest then? Which one is the best for your security? To no one’s surprise, that varies.

First off, Flo announced an upcoming Anonymous Mode where users can remove any personally identifying information to ensure no data can be traced back to them. It’s a fantastic addition to any period tracker, if not still a low bar. Anonymous Mode is an optional feature users have to manually enable, rather than something that’s turned on by default.

Cybersecurity expert William Budington explained to me that the barest minimum in safety for period tracking apps is the allowance of at least some anonymity. Otherwise, for outright security safety, Budington said, “In the case of period trackers, Consumer Reports found that the best apps (both in policy and in practice) on the scale of user privacy were Euki, Periodical, and Drip.”

However, regardless of the user privacy of any app, that doesn’t secure the information available locally on your device. As such, make sure to utilize the passcode features when available. Either in-app, like what Flo offers, or just on your mobile device itself.

On the other hand, Clue assured me it’s secure in the fact it’s a European company and not subject to American laws. Clue adheres to the European General Data Protection Regulation law which boasts to be the safest and strictest security law out there. As Clue explains, “If we hold your data, our obligation under European law to protect your privately tracked data is the same. No U.S. Court or other authority can override that, since we are not based in the U.S. Our user data cannot simply be subpoenaed from the U.S.”

Comparatively, if you’re an iPhone user, the Apple Health app offers built-in period tracking without the need for a third-party app. While it’s not the most feature-rich period tracker available, Apple’s privacy policy states that all data logged with the period tracker is “encrypted and inaccessible by default.” Another Apple document further explains that “If you’re using iOS 12 or later and have turned on two-factor authentication for your Apple ID, health records are encrypted using end-to-end encryption through iCloud. This means only you can access this information, and only on devices where you’re signed in to iCloud. No one else, not even Apple, can access end-to-end encrypted information.”

Outside of period trackers, it’s also a good idea to keep track of how secure your messaging apps are on your phone. If you’re discussing sensitive information there, make sure you’re safe. Some of the best messaging apps are focused on encryption.

What isn’t safe with period tracking apps

First and foremost, the most dangerous thing you can do is leave your mobile device unlocked. Despite all the efforts of app developers to keep you safe from prosecution, if someone gets a hold of your personal device, they could easily access your sensitive information. Even if an officer asks to search your device, don’t give them consent. The top priority is you and your safety. Use your phone’s face or fingerprint sensor if it has one, or better yet, a long password that only you know.

Apps that state they’re collecting marketing information, or apps that don’t have any privacy protection, also aren’t safe. Avoid them if you can. Try to find an app that does promise privacy protection of some kind. Always read the data privacy policy of any new app before downloading it.

Of course, if a U.S. authority places a warrant to access your information with a U.S.-based company, they will most likely be able to get that information. There is no U.S. federal law in place to ensure the privacy of users on these types of apps.

I also want to mention that in terms of Flo, Budington informed me that the company doesn’t have the best track record in regards to disclosing private information — something to keep in mind if you want the most secure option available. While the new Anonymous Mode will be incredibly helpful, there’s a precedence of Flo not being the most trustworthy with user data.

Despite promises to otherwise keep your privacy safe, if a data breach of your chosen app happens, your information could be taken by force. Do what you can to ensure anonymity and always hold some caution no matter what app you use.

The one thing you should avoid at all costs

If you’re in a state where abortion is outlawed, you should absolutely not log any abortion or miscarriage information into any period tracking apps. A simple breach of privacy could mean criminal charges. While these apps have the means to protect your data and want you to feel safe, they can’t protect you from every possibility — like someone gaining access to your phone.

Even if you aren’t in a state with an abortion ban, there’s an argument that it’s better to remain cautious of what information is stored in case another law changes in the future. If it looks like some laws may be changing in the future, play it safe and keep sensitive information off of these apps.

It’s not even just period trackers. Cybersecurity expert and professor Jason Hong says, “The risks go far beyond period tracking apps, and also include location history and search history.” If you can, try to avoid a digital trail of any information related to abortions or loss of pregnancy. Incognito Mode is a decent workaround for this, as is a good and relevant VPN.

Professor Hong added, “In the data, a miscarriage might not look all that different from an abortion.”

How you can help yourself and others