Menstrual tracking app data is gold mine for advertisers that risks women safety

Original Article ↗ Hacker News Discussion ↗

Privacy-first and FOSS alternatives

  • Multiple commenters discuss or promote privacy-focused, local-first tracking apps (e.g., Reflect, Drip, Mensinator, Embody), often open source or Mozilla-funded, and recommend distribution via F-Droid for trust.
  • There’s debate on UX tradeoffs: privacy apps can be “nerdy” and niche compared to mainstream apps that optimize for simplicity and mass appeal.
  • Some highlight OS-native options like Apple Health’s cycle tracking, which has a clearer privacy model than random third-party apps.

Technical and threat‑model issues

  • Strong support for “offline-first” or “local-only” design; cloud sync, if any, should be strictly opt‑in.
  • Concerns about future app updates or corporate acquisitions quietly changing privacy behavior; users can’t practically audit each release.
  • Suggestions include: OS-level network kill switches per app, duress modes, fake/obfuscated data APIs (location, contacts), and encryption with user-controlled keys.
  • Others point out limits: stolen phones, $5 wrench attacks, cross‑app/cloud backups, and carrier-level location tracking.

Legal and safety concerns

  • Many tie the risk directly to US abortion and “fetal harm” laws: cycle gaps plus travel or purchase data could be used as circumstantial evidence in prosecutions or civil bounty schemes.
  • Risks cited include job discrimination, workplace monitoring, health insurance profiling, cyberstalking, and family or cultural violence if pregnancies or sexual activity are revealed.
  • Some argue these dangers are real but still mostly hypothetical for period apps specifically; others respond that the combination of hostile laws and mass data makes the risk substantial.

Advertising, data monetization, and data brokers

  • Commenters note that cycle data is highly valuable because it predicts pregnancy and long-term spending patterns, not just tampon sales.
  • Historical anecdotes describe retailers and brokers inferring pregnancy and menstrual cycles from purchase history alone; apps just make this more precise.
  • Strong sentiment that targeted ads and surveillance capitalism are the core problem, not just this app category.

Regulation vs individual workarounds

  • Many call for GDPR‑like protections, bans or heavy taxes on targeted advertising, and prohibitions on selling health-related behavioral data.
  • Others are pessimistic about US institutions and bipartisan surveillance laws.
  • Practical advice ranges from using paper calendars, FOSS/local‑only apps, or OS-native tools, to accepting that “normal users” cannot reliably evaluate app risk and so should avoid cloud-based trackers entirely.