FTC says popular fertility tracking app Premom shared sensitive data with Chinese analytics firms

Mai 18, às 12:05


3 min de leitura


0 leituras

A popular fertility tracking app shared users’ sensitive health information with third-party advertisers without their consent, a new Federal Trade Commission complaint alleges. The FTC’s investigation into...
FTC says popular fertility tracking app Premom shared sensitive data with Chinese analytics firms

A popular fertility tracking app shared users’ sensitive health information with third-party advertisers without their consent, a new Federal Trade Commission complaint alleges.

The FTC’s investigation into Premom, a fertility tracking app developed by Easy Healthcare that allows users to track ovulation, periods, and other health information, found that the company had shared identifiable health and location information with Google and marketing firm AppsFlyer since 2018.

Premom collected and shared data on “hundreds of thousands” of users, including details about their sexual and reproductive health, parental and pregnancy status, as well as other information about an individuals’ physical health conditions and status. The app also shared users’ location data along with unique advertising and device identifiers, which could be used by other advertisers to track users across the internet and other apps.

Ultimately it was possible for third parties to associate fertility and pregnancy data “to a specific individual,” the FTC said in its complaint.

The FTC said that this third-party data sharing repeatedly violated Easy Healthcare’s privacy policies, which promised to share only “non-identifiable data” with third parties, in contravention of the FTC’s Health Breach Notification Rule.

Easy Healthcare also allegedly shared users’ sensitive identifiable data with two China-based mobile analytics companies known for “suspect privacy practices,” according to a statement by Connecticut attorney general William Tong. Data including IMEI numbers — strings of numbers tied to individual devices — and precise geolocation data were transferred to analytics firms Jiguang and Umeng between 2018 and 2020, according to the FTC.

The FTC alleges that the company did so knowing that Jiguang and Umeng could use this data for their own business purposes or could transfer the data to additional third parties, and says Easy Healthcare only stopped sharing this data when Google notified the app maker in 2020 that the transfer of data to Umeng violated its Google Play Store policies.

“Premom broke its promises and compromised consumers’ privacy,” Samuel Levine, director of the FTC’s Bureau of Consumer Protection, said. “We will vigorously enforce the Health Breach Notification Rule to defend consumer’s health data from exploitation. Companies collecting this information should be aware that the FTC will not tolerate health privacy abuses.”

As a part of a proposed settlement filed by the Department of Justice, Easy Healthcare has agreed to pay a $100,000 civil penalty for violating the FTC’s Health Breach Notification Rule. It has also agreed to pay a total of $100,000 to the states of Connecticut and Oregon, and the District of Columbia, and, which assisted with the FTC’s investigation.

As part of the order, Easy Healthcare has also agreed to stop sharing personal health data with third parties for advertising and is required to request that the third parties delete the data (though the companies are under no legal obligation to comply). Easy Healthcare has also agreed to implement new security and privacy programs and provide regular privacy and security audits to the agencies.

Easy Healthcare didn’t respond to TechCrunch’s request for comment. However, in a statement on its website, Premom said its agreement with the FTC is “not an admission of any wrongdoing.”

This marks the second time the FTC has brought an enforcement action against a company for violating the Health Breach Notification Rule. In February this year, the agency reached a settlement with online pharmacy GoodRx for failing to disclose to users that it shared personally identifiable health information with Facebook, Google and other third parties.

Continue lendo

Hacker News

Atomic Wallet exploited, users report loss of entire portfolios
Several users on Twitter have reported losses of crypto assets, claiming funds held on the Atomic Wallet app vanished. 10886 Total views 75 Total shares Atomic Wallet has been apparently exploited, with...

Hoje, às 01:41

Hacker News

It Will Cost Up to $21.5 Billion to Clean Up California’s Oil Sites. The Industry Won’t Make Enough Money to Pay for It.
An expert used California regulators’ methodology to estimate the cost of cleaning up the state’s onshore oil and gas industry. The study found that cleanup costs will be triple the industry’s projected profits.

Hoje, às 01:01


How to Create an Evil Twin Access Point; Step-by-Step Guide
Step-by-Step Guide: Creating an Evil Twin An Evil Twin Access Point is a malicious wireless access point that is set up to mimic a legitimate one. It can be used to intercept sensitive information such as...

Jun 3, às 23:41


200 anos em 2 mêses: Usando o ChatGPT para auxiliar na criação de um mundo de fantasia. · MarquesJr
Não, eu não pedi pra Gepeto (ChatGPT) criar um mundo fictício de fantasia pra mim e pronto, nem tão pouco incentivo essa prática e também não irei passar uma fórmula mágica. Nesse artigo...

Jun 3, às 23:07


Atomic Design: A Methodology for Building Design Systems
Introduction Atomic Design is a methodology for creating design systems that recognizes the need to develop thoughtful design systems, rather than creating simple collections of web pages. In this approach,...

Jun 3, às 23:04

Hacker News

Thought Cloning: Learning to Think while Acting by Imitating Human Thinking
Language is often considered a key aspect of human thinking, providing us with exceptional abilities to generalize, explore, plan, replan, and adapt to new situations. However, Reinforcement...

Jun 3, às 23:00

AI | Techcrunch

YouTube rolls back its rules against election misinformation
YouTube was the slowest major platform to disallow misinformation during the 2020 U.S. election and almost three years later, the company will toss that policy out altogether. The company announced Friday...

Jun 3, às 22:57


Techinical Debt; what is it?
Imagine you're building a house. You want to finish it quickly, so you take some shortcuts along the way. You use low-quality materials, skip some important steps, and don't do thorough testing. The house is...

Jun 3, às 22:45

Marktechpost AI Research News

Researchers From UT Austin and UC Berkeley Introduce Ambient Diffusion: An AI Framework To Train/Finetune Diffusion Models Given Only Corrupted Data As Input
For learning high-dimensional distributions and resolving inverse problems, generative diffusion models are emerging as flexible and potent frameworks. Text conditional foundation models like Dalle-2, Latent...

Jun 3, às 22:40

Hacker News

Scientists may be able to put Mars-bound astronauts into 'suspended animation' using sound waves, mouse study suggests
Ellen Ripley (played by Sigourney Weaver) places herself into suspended animation in the 1979 movie Alien. (Image credit: AJ Pics/Alamy Stock Photo) Scientists have blasted the brains of mice and rats...

Jun 3, às 22:38