As a woman living in the Middle East, to tell you the truth, privacy in period-tracking applications (apps) has never occurred to me. Millions of women worldwide use period-tracking apps to track their menstrual cycles and fertility, but only half of women are concerned about data privacy and security. So, is there a risk in storing sensitive information about our health and bodies in these apps? And is it a cause for concern?

Let’s start from the beginning, in June 2022 when activists and cybersecurity experts in the United States recommended deleting all personal data from period-tracking apps to protect from identifying and potentially prosecuting women who are seeking or considering an abortion. This immediately raised concerns over period-tracking apps and linked them to reproductive rights and the broader issue of women’s rights.

Lydia X.Z Brown, an activist, writer, and attorney expressed these worries in her statement: “We're very concerned in a lot of advocacy spaces about what happens when private corporations or the government can gain access to deeply sensitive data about people's lives and activities. Especially when that data could put people in vulnerable and marginalized communities at risk for actual harm.” Actual harm can include blackmail, discrimination, violence, or other serious consequences.

Now, the main question is: Do period-tracking apps share our data or sell our information for use in advertising or research? That depends on privacy policies that vary significantly from one company to another. A joint study by King's College London and University College London (UCL) examined popular apps in the US and the UK and found that most period-tracking apps lack safeguards against law enforcement or authorities, 35% of apps falsely claimed not to share personal data with third parties, and only 50% of apps assured users that they do not share health data with advertisers.

Another research on the “Privacy and Security of Women’s Reproductive Health Apps in a Changing Legal Landscape” from Texas A&M University analyzed 20 period-tracking mobile apps and revealed that 95% of these apps’ privacy policies declare to collect IP addresses, 85% of apps collect device information, and almost 75% of apps collect location data.

Several period-tracking apps store the data we provide (locally on the device or in the cloud). If these apps experience a data breach due to weak security measures, our sensitive information could be stolen by cybercriminals or wind up on the dark web, potentially exposing us to risks like identity theft. Hence, local storage on our devices means more control over our data.

In the Middle East and Africa, the menstrual health apps market is on the rise and is expected to grow at a Compound Annual Growth Rate (CAGR) of 18.3% between 2024 and 2030. However, research on period-tracking apps’ privacy policies in the Middle East and Africa remains limited. Currently, available literature cannot provide sufficient information on the types of apps, use patterns, and challenges faced in Middle Eastern countries. This highlights the need for increased research to understand the regional menstrual tracking behavior and explore its connection to religious practices.

So, what are our digital defenses? As a first rule, prioritize app security when selecting a period-tracking app to use, choose a reputable app provider, one that has strong security measures. Then, carefully review the app’s privacy policy before downloading. If the privacy policy or terms of service are absent, avoid the app. Only download the app from official app stores (Apple Store or Google Play Store). Before granting any app permissions, notice what data it requests access to (e.g., location, contacts, camera) and ensure you are comfortable with how this data will be used (for app functionality, targeted advertising, or other). If offered the option to restrict data sharing or deny permissions, use these settings to limit access and use of information. When using the app, share the bare minimum, regularly check for app updates, and stay informed about any data breaches.

You can always go the old-fashioned way and use a paper calendar. But here are a few period-tracking apps we found that preserve user privacy: Euki, Drip, and Periodical (on Android only). Drip was created by the Mozilla Foundation and is an open-source app (5).
While period tracking apps have a role in healthcare, fertility, and overall wellness, there are also potential risks involved. For that reason, it is important to balance the advantages and possible downsides.

Conclusively, we can still enjoy the benefits of period-tracking apps with careful consideration and informed choices. Select apps that collect minimal data (such as those mentioned above) and review their sharing practices - I know reviewing the entire privacy policy of the period-tracking app sounds unexciting, but we shouldn’t skip it - store it locally on your device, and ultimately take control of your privacy by using these tools safely and securely.