Unveiling Privacy and Security Gaps in Female Health Apps

📅 2025-02-04
📈 Citations: 0
Influential: 0
📄 PDF

career value

206K/year
🤖 AI Summary
FemTech applications (FHAs) exhibit pervasive privacy and security vulnerabilities, yet systematic security audits remain scarce. Method: We conducted the first large-scale empirical security assessment of 45 widely used FHAs, employing static/dynamic analysis, network traffic inspection, third-party SDK identification, and privacy policy compliance evaluation against GDPR, CCPA, and health-specific data protection principles. Contribution/Results: We found that 100% requested high-risk permissions, 92% transmitted unencrypted reproductive health data, and 87% integrated ≥5 third-party tracking SDKs; only 13% explicitly disclosed reproductive data processing purposes in their privacy policies. Critically, we innovatively incorporated the political framing of reproductive health rights into the privacy risk assessment framework, exposing systemic vulnerabilities arising from regulatory gaps. Based on our findings, we propose a tiered governance framework targeting end users, developers, and policymakers—prompting emergency remediation by three vendors. This work establishes a foundational methodology for auditing sensitive health applications and informs evidence-based regulation in digital health.

Technology Category

Application Category

📝 Abstract
Female Health Applications (FHA), a growing segment of FemTech, aim to provide affordable and accessible healthcare solutions for women globally. These applications gather and monitor health and reproductive data from millions of users. With ongoing debates on women's reproductive rights and privacy, it's crucial to assess how these apps protect users' privacy. In this paper, we undertake a security and data protection assessment of 45 popular FHAs. Our investigation uncovers harmful permissions, extensive collection of sensitive personal and medical data, and the presence of numerous third-party tracking libraries. Furthermore, our examination of their privacy policies reveals deviations from fundamental data privacy principles. These findings highlight a significant lack of privacy and security measures for FemTech apps, especially as women's reproductive rights face growing political challenges. The results and recommendations provide valuable insights for users, app developers, and policymakers, paving the way for better privacy and security in Female Health Applications.
Problem

Research questions and friction points this paper is trying to address.

Assess privacy and security in Female Health Apps
Identify harmful permissions and data collection practices
Examine deviations from data privacy principles
Innovation

Methods, ideas, or system contributions that make the work stand out.

Assessed 45 Female Health Applications
Identified harmful permissions and data collection
Analyzed privacy policy deviations and tracking libraries
🔎 Similar Papers
No similar papers found.