572
Period tracking app refuses to disclose data to American authorities (www.newsweek.com)
submitted 3 months ago by lemmee_in@lemm.ee to c/privacy@programming.dev
86 comments fedilink hide all child comments
top 50 comments
sorted by: hot top controversial new old
[-] ValiantDust@feddit.org 131 points 3 months ago

If anyone is in need of a more secure option in these dystopian times: drip keeps all your data on your phone. You can export the data, so you can keep the tracked data when changing phones. I only use it for tracking my cycle and sometimes symptoms though, so I can't say much about using it for birth control.

[-] disguy_ovahea@lemmy.world 33 points 3 months ago

Apple’s Cycle Tracking app is also locally and E2E encrypted in iCloud.

When your phone is locked with a passcode, Touch ID, or Face ID, all of your health and fitness data in the Health app, other than your Medical ID, is encrypted. Any health data synced to iCloud is encrypted both in transit and on our servers. And if you have a recent version of watchOS and iOS with the default two-factor authentication and a passcode, your health and activity data will be stored in a way that Apple can’t read it.

This means that when you use the Cycle Tracking feature and have enabled two-factor authentication, your health data synced to iCloud is encrypted end-to-end and Apple does not have the key to decrypt the data and therefore cannot read it.

https://support.apple.com/en-us/120356

[-] onlinepersona@programming.dev 48 points 3 months ago* (last edited 3 months ago)

Sure. It's encrypted. And your private data only stays on your device. Pinky swear.

With our 10 billion $ in ad revenue, you can trust that your data never makes it to a third party unencrypted 😚

Anti Commercial-AI license

[-] disguy_ovahea@lemmy.world 16 points 3 months ago* (last edited 3 months ago)

I’m not sure what that license has to do with Apple’s privacy policy. Apple uses ML to place ads alongside relevant content. They provide no customer information to advertisers. They generate so much ad revenue by keeping a sizable 30% from the advertisers.

https://support.apple.com/guide/news-publisher/earn-revenue-with-advertising-on-apple-news-apdd44eeeeeb/icloud

https://support.apple.com/guide/adguide/generate-revenue-apd51c721ca9/icloud

[-] JackbyDev@programming.dev 16 points 3 months ago

onlinepersona posts that on every comment they make. They're licensing their comments under CC BY-SA-NC 4.0. Given the context of the conversation it may have sounded confusing.

[-] onlinepersona@programming.dev 11 points 3 months ago

I too trust every word apple says.

Anti Commercial-AI license

[-] disguy_ovahea@lemmy.world 14 points 3 months ago

That’s the second time you posted that. What does it have to do with Apple’s privacy?

[-] PoopingCough@lemmy.world 47 points 3 months ago

The link has nothing to do with the comment, some people just add that to all their posts because they think it will prevent LLMs from using their comments as training data. It's useless and very stupid imo, equivalent to people on facebook a few years back copy and pasting that text about owning their pictures and not giving fb permission to use them even though permission was already given in the sign up agreement.

load more comments (3 replies)
[-] Acters@lemmy.world 16 points 3 months ago

Oh that guy posts that link in every post he makes because he trusts the data scraping companies and legal authorities to enforce it/make it a pain to ingest his data. When in reality he is a hypocrite as his sarcasm is stupid.

load more comments (1 replies)
[-] unexposedhazard@discuss.tchncs.de 23 points 3 months ago* (last edited 3 months ago)

Is the app and the OS open source? No? Then please shut the fuck up with your dangerous "advice". People really still havent understood how this shit works. How is this being upvoted? Corporations do not deserve your trust when they claim things without proving them.

This is not a joke, this shit affects peoples lives. After spearheading the technology for creeps to stalk people with physical tags, and being the first to experiment with client side communications scanning, how do people still not understand that apple is just as bad as the rest.

load more comments (18 replies)
[-] kautau@lemmy.world 10 points 3 months ago

For better E2E encryption, you should turn on Advanced Data Protection: https://support.apple.com/en-us/108756

[-] JimmyBigSausage@lemm.ee 11 points 3 months ago

Best to write your data down. Do not put on device or online.

[-] ValiantDust@feddit.org 9 points 3 months ago

I mean, the app offers encryption of the data, so you'd have to enter a password. And you can encrypt your phone as well. If it gets to a point where you are forced to enter the password, a piece of paper in your drawer is probably not much safer.

It's really beyond fucked up that this is something people have to think about.

[-] Fosheze@lemmy.world 62 points 3 months ago

Why does a period tracking app even need to store the data anywhere other than locally?

[-] sus@programming.dev 41 points 3 months ago* (last edited 3 months ago)

their given reasons are "to keep backups" and "academic and clinical research with de-identified datasets"

they seem to actually do a fairly good job with anonymizing the research datasets, unlike most "anonymized research data", though for the raw data stored on their servers, they do not seem to use encryption properly and their security model is "the cloud hoster wouldn't spy on the data right?" (hint: their data is stored on american servers, so the american authorities can just subpoena Amazon Web Services directly, bypassing all their "privacy guarantees". (the replacement for the EU-US Privacy Shield seems to be on very uncertain legal grounds, and that was before the election))

load more comments (2 replies)
[-] absentbird@lemm.ee 12 points 3 months ago

Sometimes people get new phones πŸ€·β€β™€οΈ

load more comments (2 replies)
[-] Duamerthrax@lemmy.world 41 points 3 months ago* (last edited 3 months ago)

~~That's nice, but why does that data need to be on their servers in the first place?~~

Ok, so apparently they don't store the data by default. Guessing they could if the user wants it backed up or synced across devices.

[-] Cosmonaut_Collin@lemmy.world 20 points 3 months ago

I imagine they collect data to improve their algorithm so it can more accurately predict a woman's cycle. Quite a few women use these apps as an alternative birth control, so knowing the specific days where they need to avoid sex is helpful.

[-] Duamerthrax@lemmy.world 12 points 3 months ago

Normally, I'd install the app to find out, but I can't really install any more apps on my phone. And oh man, do I never like seeing the phrase "collect data to improve [their] algorithm".

[-] Droggelbecher@lemmy.world 16 points 3 months ago

In general, medical predictions are a very good example of using AI to benefit humanity, not just shareholders. It's still scary if it's done by a private company.

load more comments (4 replies)
[-] Bluefalcon@discuss.tchncs.de 36 points 3 months ago

Any woman on here, please consider bluemoon. My wife is tech illiterate but loves the app.

Bluemoon (Open source, privacy friendly menstruation tracking app. Your period, your data!) https://f-droid.org/packages/ch.nilsgrob.android.bluemoon/

[-] anzo@programming.dev 10 points 3 months ago

I can recommend Mensinator. It includes logging and calculated ovulation day too. Something I could not see in bluemoon screenshots.

[-] flicker@lemmy.world 11 points 3 months ago

Mensinator

Sounds like something from Doofenshmirtz.

load more comments (1 replies)
[-] imPastaSyndrome@lemm.ee 31 points 3 months ago

Can I get a reminder about the apps that WILL share with the govt so I can help fuck with their data?

[-] jmcs@discuss.tchncs.de 23 points 3 months ago

All US-based apps and all the apps that store their data in US-owned cloud providers at very least.

[-] SecureTaco@lemmy.asc6.org 5 points 3 months ago

US based apps that’s are end-to-end encrypted where you control the private keys cannot physically share as they won’t have access. Even if it’s in their cloud.

[-] jmcs@discuss.tchncs.de 14 points 3 months ago* (last edited 3 months ago)

If the nice people at the FBI show up to your door with a warrant from a secret court set up by Trump show up to your office telling you either implement a backdoor in your app or everyone goes to jail forever, what do you do?

load more comments (2 replies)
[-] ReversalHatchery@beehaw.org 8 points 3 months ago

until they get forced to issue an update that steals your key.

assuming you installed the app from google play.
since for a few years now google holds the signing keys that are used for verifying that the app has not been tampered with, the app developer is not even needed for this. google can make the changes, sign the app with the key they already have, and push an update to your phone.

load more comments (1 replies)
[-] homesweethomeMrL@lemmy.world 24 points 3 months ago

DO NOT put this kind of information in an app!

If you absolutely have to have it in your phone, use the calendar and pick some event that's plausible monthly with a unique name so you can search on it. "Checked for Mxyzlptik updates", "Look at travel to Canada prices" or whatever.

If you need more functionality than that you'll need an offline solution. We live in a fascist dictatorship now. They hate women. And they will 100% use that information against you if they can.

[-] Undaunted@discuss.tchncs.de 24 points 3 months ago

I know it's not feasible, but if a lot of males would just use the apps that are know to report to US authorities and input data, that most likely will raise a alarms, they would have to deal with heaps of false-positives and it would obscure the real data.

[-] Ellvix@lemmy.world 13 points 3 months ago

I'm in. Anyone know of any apps that DO report data?

[-] Proposal6114@lemmy.dbzer0.com 16 points 3 months ago

Same, ready to poison data against fascists anytime.

[-] Agent641@lemmy.world 6 points 3 months ago

I just experienced my first period as a 38 year old male. I know almost nothing about them, so this is gonna be a wild ride for anyone who reads my stats.

load more comments (1 replies)
[-] far_university190@feddit.org 24 points 3 months ago

female and male staff members at Clue, based in Berlin

Basiert und in Berlin.

π•―π–Žπ–Šπ–˜π–Š π•Άπ–”π–’π–’π–Šπ–“π–™π–†π–—π–˜π–Šπ–π–™π–Žπ–”π–“ π–Žπ–˜π–™ π–“π–šπ–“ π•°π–Žπ–Œπ–Šπ–“π–™π–šπ–’ π–‰π–Šπ–— π•­π–šπ–“π–‰π–Šπ–˜π–—π–Šπ–•π–šπ–‡π–‘π–Žπ– π•―π–Šπ–šπ–™π–˜π–ˆπ–π–‘π–†π–“π–‰

[-] serenissi@lemmy.world 15 points 3 months ago

It makes zero sense in keeping the data unencrypted in ang cloud. People usually don't share their cycles details on the public internet.

[-] grysbok@lemmy.sdf.org 11 points 3 months ago

I'm glad this article is about Clue. I hope I can continue to trust them.

I've been using Clue for years and it's nicely trans-friendly and not-pink. When I was first looking for a period app, many options were focused on fertility--either seeking or avoiding pregnancy--which rubbed me the wrong way.

[-] KomfortablesKissen@discuss.tchncs.de 6 points 3 months ago

This is awesome, thank you for your service! Goddamn, the premises around that are just... sad.

[-] kekmacska@lemmy.zip 6 points 3 months ago

tf is usa on, why they need perios statistics

[-] OneWomanCreamTeam@sh.itjust.works 6 points 3 months ago

So they can prosecute people for getting illegal abortions.

load more comments (1 replies)
load more comments
view more: next β€Ί
this post was submitted on 11 Nov 2024
572 points (100.0% liked)

Privacy

1374 readers
1 users here now

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

founded 2 years ago
MODERATORS
Ategon@programming.dev
danielintempesta@programming.dev