Is Your Period Tracker App Leaking Data?

Presented at Diana Initiative 2019, Aug. 10, 2019, 10 a.m. (30 minutes).

“Roses are red Violets are blue When the product is free The product is you.” -- Twitter user Matt Cagle (@Matt_Cagle) “Femtech” refers to technology intended to improve women’s health, and it’s a lucrative and growing market. One common example of femtech is period tracking apps, which help women track their menstrual periods and other aspects of their reproductive health. However, there are serious concerns with a number of these apps, notably related to privacy and security. Vox reporter Kaitlin Tiffany wrote, “This app wasn’t designed for me. It wasn’t designed for anyone who wants to track their period or general reproductive health. The same is true of almost every menstruation-tracking app: They’re designed for marketers, for men, for hypothetical unborn children, and perhaps weirdest of all, a kind of voluntary surveillance stance.” We discuss privacy issues related to period tracker applications and introduce some techniques to statically and dynamically analyze the behavior of Android apps so that we can see where data from period tracker apps may be going.

Presenters:

  • Wendy Edwards - Programmer at ASPCA
    Wendy is a programmer at a nonprofit who participated in the SANS Women’s Academy for security training and the NASA Datanauts program. She has one master’s degree in computer science and another in library and information science. She is active in local security groups CU2600 and DC217 and is especially interested in the applications of data science to security.

Links:

Similar Presentations: