A recent study has raised concerns about the security and privacy risks associated with FemTech apps designed for fertility tracking and menstruation management.
Researchers have identified serious vulnerabilities in these applications that collect vast amounts of personal information such as contacts, camera feeds, and location.
Security and Privacy Risks of Using FemTech
The study, conducted by experts from Royal Holloway, University of London, Newcastle University, University of London, and ETH Zurich, sheds light on significant security, privacy, and safety concerns surrounding FemTech applications, which could potentially put users at risk.
These concerns revolve around the intrusive nature of these apps, which often access personal data, including contacts, camera feeds, microphone recordings, location information, and even medical scans, raising serious security and privacy risks for users.
FemTech, an umbrella term encompassing digital technologies aimed at women's health and well-being, includes various applications, software, and wearable devices ranging from period-tracking apps to fertility-tracking wearables and IVF services.
The study urged policymakers to address the vulnerabilities of FemTech technologies in existing regulations. Despite the burgeoning market, estimated to exceed $75 billion by 2025, the regulatory landscape surrounding FemTech remains inadequate, with existing rules in the UK, EU, and Switzerland failing to adequately address data protection and user privacy concerns, according to the research team.
The researchers scrutinized industry practices and found many security and privacy lapses in FemTech systems. These systems are reported to fail often to classify themselves as medical devices, lack valid consent mechanisms, and engage in unauthorized data tracking and sharing practices.
Moreover, the study uncovered instances where intimate user data collected by FemTech systems was being processed and sold to third parties, highlighting the need for stricter regulations and enforcement mechanisms.
Read Also : Researchers Create AI-Aided Biosensor to Improve, Speed Up Neurodegenerative Disease Diagnosis
Handling of Sensitive Data by FemTech Products
The study's lead author, Dr. Maryam Mehrnezhad, emphasized the need for collaborative efforts between industry stakeholders and regulatory bodies to ensure the development and use of secure, private, and safe FemTech products.
She underscored the importance of addressing end-user concerns regarding handling sensitive data by FemTech products. Echoing her sentiments, Professor Mike Catt from Newcastle University stressed the urgency of updating and strengthening regulatory guidelines to safeguard user privacy and security.
He flagged the intrusive permissions sought by many FemTech apps, which could potentially expose users' personal data to malicious actors.
"Some specific permissions, such as access to system Settings and other Accounts on the device, also impose security and privacy risks. Access to sensors on the mobile phone can also be used to break user privacy. Users deserve better protection, especially where this relates to sensitive personal health and gender data," Catt said in a statement.
The study's findings were published in Frontiers in the Internet of Things and Symposium on Usable Privacy and Security Workshop.