Fertility app fined $200,000 for leaking customer's health data
CNN —
The company behind a popular fertility app has agreed to pay $200,000 in federal and state fines after authorities alleged that it had shared users’ personal health information for years without their consent, including to Google and to two companies based in China.
The app, known as Premom, will also be banned from sharing personal health information for advertising purposes and must ensure that the data it shared without users’ consent is deleted from third-party systems, according to the Federal Trade Commission, along with the attorneys general of Connecticut, the District of Columbia and Oregon.
Wednesday’s proposed settlement targeting Premom highlights how regulators have stepped up their scrutiny of fertility trackers and health information in the wake of the US Supreme Court’s decision last year striking down federal protections for abortion.
The sharing of personal data allegedly affected Premom’s hundreds of thousands of users from at least 2018 until 2020, and violated a federal regulation known as the Health Breach Notification Rule, according to an FTC complaint against Easy Healthcare, Premom’s parent company.
Premom didn’t immediately respond to a request for comment.
As part of the alleged violation, Premom collected and shared personally identifiable health information with Google and with a third-party marketing firm in violation of Premom’s own privacy policy, which had promised to share only “non-identifiable data” with others, according to the complaint.
In addition, Premom allegedly shared location information and device identifiers — such as WiFi network names and hardware IDs — with two China-based data analytics companies, known as Jiguang and Umeng, according to the complaint. That information, the FTC alleged, “could be used to identify Premom’s users and disclose to third parties that these users were utilizing a fertility app,” according to an FTC complaint filed against Easy Healthcare, Premom’s parent company.
Since the Supreme Court’s decision in Dobbs v. Jackson, a wave of anti-abortion legislation has raised the prospect that fertility apps, search engines and other technology platforms could be forced to hand over user data in potential prosecutions of abortion-seekers.
“Now more than ever, with reproductive rights under attack across the country, it is essential that the privacy of healthcare decisions is vigorously protected,” said DC Attorney General Brian Schwalb in a statement. “My office will continue to make sure companies protect consumers’ personal information to protect against unlawful encroachment on access to effective reproductive healthcare.”
Samuel Levine, director of the FTC’s consumer protection bureau, said the agency “will not tolerate health privacy abuses.”
“Premom broke its promises and compromised consumers’ privacy,” Levine said in a statement. “We will vigorously enforce the Health Breach Notification Rule to defend consumer’s health data from exploitation.”
Source: CNN