A month after I ordered prenatal vitamins on Amazon, I started hearing an ad on Spotify that featured the sound of a baby’s heartbeat. It was an ad for a prenatal doctor.
“Fuck,” I thought, “the Internet already knows I’m trying to get pregnant.”
But it was impossible to know if it was an example of Target-style omniscience or Spotify accurately targeting my general demographic: Woman listener of child-bearing age. (When I reached out to Spotify, a spokesperson said she was unable to tell me how the ad wound up in my mix.)
When Princeton professor Janet Vertesi got pregnant a few years ago, she went to great lengths to hide her baby bump from the world of big data. She didn’t want her unborn child to be tracked by advertisers and data brokers, so she paid for maternity clothes in cash, used Tor to surf baby sites, ordered baby products to an Amazon locker, and forbade friends and family from discussing the good news on Facebook or via texts.
When I set out to have a child, I decided to do the opposite. I’d download and use the many apps and tech being marketed to women who are pregnant or trying to conceive, and I’d monitor the information flows to see who was actively spreading the word about my efforts. These apps are widely used by the breeding set; I wanted to see what the privacy harms are for those not willing to go to Vertesi’s lengths.
I downloaded a dozen of the most popular apps for wannabe baby mommas. I’ve never had so many pink icons on my phone before: Glow, Nurture, Eve—which are all made by one company started by Paypal co-founder Max Levchin—Clue, What to Expect, P. Tracker, Pink Pad, and WebMD Pregnancy, among others. There are over 165,000 medical apps out there, and based on my cursory search, it seems like a whole lot of them want to know what’s happening in your uterus.
They asked me about my mood, when and how I was having sex, whether it was painful, my weight, whether I exercised, whether I got wasted or smoked, and of course, whether I was having a period and how heavy it was.
Midway through the experiment, Consumer Reports revealed that period-tracking app Glow had a security flaw that would have let any snoop who knew my email address look at all that information. That wasn’t exactly reassuring, but I persisted. And I kept using Glow, as it was one of my favorites and they immediately fixed the problems pointed out to them by the journalists.
While I was trying to get pregnant, I tracked my periods using apps that told me when I should be having sex to maximize the chance of baby-making. High-school sex-ed classes would have you believe that pregnancy happens as soon as the p gets near the v, but in fact, there are only a few days per month when one has a decent chance of getting pregnant. These apps claim to help you identify them, giving you your chance of getting knocked up each day like a weather app predicting the chance of rain.
I soon encountered a problem. Though I put the same information about my period into each app, they had different predictions about when exactly I should be getting busy.
Apparently this isn’t uncommon. In 2016, three doctors from Weill Cornell Medical College in New York released a study of the top 33 free fertility apps for Android and iPhone, none of which they named. According to the researchers, just three of the apps “predicted the precise fertile window.”
“Because there is no rigorous screening process in effect to vet these web sites and apps, we recommend caution in their use to assist with fertility,” wrote the researchers.
Jennifer Tye, a spokesperson for Glow, said the company had looked at that study but found it hard to replicate because the researchers didn’t include much information about their methodology.
“Since our inception, we at Glow have been committed to contributing to the understudied and underserved area of women’s reproductive health. We know that women’s cycles vary from individual to individual,” Tye wrote in an email. “Rather than look just at period start/end dates and cycle length in order to figure out the right day of ovulation, Glow examines the results of ovulation predictor kits, the consistency of your cervical mucus [self-reported, in case you were wondering—ed.], your basal body temperature as well as a multitude of other symptoms (cramping, bloating, anxiety, stress). In the Glow app, your predicted ovulation day (and fertility window) changes as you enter this data. And the app learns from each cycle, becoming smarter and more accurate for an individual woman’s next cycle.”
The month I got pregnant, I had, according to most of my apps, missed my fertile window. So for the many of you out there using these period tracking apps not to get pregnant, be careful.
Lisa Kennelly, a spokesperson for Clue, said there’s a “complexity of factors that affect the timing of ovulation and thus the fertile window - stress, jet lag, exercise, sleep, plus the usual variance in one’s cycle.”
“To be clear, Clue should not be used as a contraceptive,” wrote Kennelly via email.
Once the bun was in the oven, I moved on to tracking the growing fetus in my body, using apps that told me its size in terms of fruit (a “cheesy mango” being the strangest); when it grew skin, eyeballs, fingers, and toes; what I might be feeling that month (usually nothing good); and the all-important countdown to B day. I reported what I was feeling each day in a log, tracking my nausea, my weight, my appetite, feelings of movement, bloating, and on and on. I found the apps oddly addictive: When you’re conducting a human science experiment inside of yourself, it’s comforting to get updates on what’s happening.
“Things are happening to your body that are so different and weird. You’re overwhelmed by the unknown,” said Karen Levy, an information scientist at Cornell University, who, like me, turned to apps when she was pregnant for the first time. “Data makes us feel more in control.”
But the female-body trackers have an agenda: They make money by showing their users ads, and they are increasingly interested in studying them for science. Glow, for example, looked at its users’ periods en masse and claimed they correlated with the phases of the moon. It seems that companies with access to our health information and daily behavior via our smartphones can’t help but turn us into guinea pigs.
While I was using the apps, I was tracking the trackers with a tool from Northeastern University called ReCon, and with help from Electronic Frontier Foundation’s security technologist Cooper Quintin. ReCon tracked everything transmitted by my smartphone when I used fertility and pregnancy apps, and Quintin did a deep dive into those same apps to see how securely they were sending information along.
“The number of security and privacy issues that we discovered in just this cursory look at the few most popular apps could lead one to a pretty grim view of women’s health apps,” wrote EFF’s Quintin at the end of the investigation. He was worried by security issues such as the lack of PIN codes on the apps, and privacy issues such as Pink Pad collecting a person’s location each time she used the app. (Alt12, the company that makes Pink Pad, says in its privacy policy that it uses location to provide users with “location-based information and advertising.”)
I also closely reviewed the terms of use and privacy policies of the apps, and found some disturbing language. The Bump, an app made by the same company that makes the wedding planning app The Knot, warned that it planned to record phone calls placed by its users from within the app. The Bump permits users to search for and call stores to host a baby registry; its privacy policy said that if you made a call to a vendor from within the app, “we will record the phone call and any message you leave for the third party, as well as call information such as the number dialed, the date and time of the call and its duration, and your location as determined by your area code or as otherwise permitted.”
When I reached out to The Bump about this, a spokesperson said the app doesn’t actually do this.
“The language is legacy language from prior contemplated features for The Knot that we do not use in either The Knot or The Bump apps,” she responded by email. “I’ve sent a note to my legal team to update this language in our privacy policy.”
So it turns out no one reads privacy policies, not even a company’s own lawyers. The day after I reached out, the warning about having your calls recorded was removed.
Though much of the marketing and in-app language sounds like medical advice, some apps warned in their fine print that what they offered wasn’t advice you should rely on. Ovia, for example, which makes fertility, pregnancy, and baby-tracking apps, advertises on its website, under a medical symbol, that its pregnancy app can send “real time alerts when your symptoms could be dangerous.” But it’s a different story in its terms of use.
“It’s very important for you to understand one thing: our Services do not give medical advice,” said the terms. “Although our apps... may reference medical topics, we make no warranty whatsoever that any of the articles are accurate, up to date, or error free.”
“Our apps are not a replacement for a clinician and we don’t provide medical advice—we work hard to provide our users with accurate, evidence-based content and information to help inform their care,” said Ovia’s chief medical officer Dr. Adam Wolfberg when asked about the alerts.
Two companies, Clue and Glow, explicitly claim in their privacy policies that they don’t sell or give your personal information to third parties (though they do provide aggregated information to medical researchers for study). But other apps reserve the right to sell you out to third parties, which is usually explained in the “How We Use Your Information” sections of their privacy policies.
The most obvious privacy offender was the What To Expect app, made by a company called Everyday Health Inc., which was recently acquired by the media company Ziff Davis. As soon as I signed up for the app, it passed my email address along to a bunch of other companies, including Pottery Barn Kids and Huggies, who immediately began spamming my inbox. Unfortunately, What To Expect doesn’t confirm your original sign-up with one of those “did you mean to sign up for this?” emails, which means you could subject anyone to a flood of pregnancy-related marketing emails if you were so inclined.
This can have worse consequences than just a lot of spam. A Washington state woman named Amy Pittman used the app when she first got pregnant. She later had a miscarriage. But a week before she would have otherwise given birth, she received a congratulatory package in the mail from the baby formula maker Similac, one of the companies to which What To Expect sells its user list. Everyday Health hasn’t responded to multiple emails, but a spokesperson from Abbott, Similac’s corporate parent, did.
“We are deeply sorry for your reader’s loss. When people contact us or any of our partners to be removed from our lists, we and our partners work quickly to make sure that they no longer receive communication from us,” Susan Oguche, a spokesperson for Abbott, wrote in an email. “Many parents and parents-to-be sign up for our StrongMoms program directly through our website. We also have collaborative partnerships with What to Expect and other trusted third-party partners that allow parents to sign up for our StrongMoms program through third party websites and media channels.”
Being signed up for this came as a surprise to Pittman.
“I hadn’t realized… when I had entered my information into the pregnancy app, the company would then share it with marketing groups targeting new mothers,” she wrote in a New York Times Modern Love column. To discover this, she would have had to have read 2,600 words deep into What To Expect’s privacy policy, where there’s a link to the “advertisers and sponsors” with whom the app shares registration information; the list includes a medical company, baby product makers, and Disney Baby. These users are valuable, after all; they’re a group of people who will spend obscene amounts of money on diapers, baby clothes, and toys for years to come.
Many of the apps weren’t using encryption to send my information along to their servers. That means the women writing in the apps’ message forums about the weird things happening to their bodies or how many times they’ve been raped (a strikingly common conversation on the forums) could have their messages intercepted by someone sharing their Wi-Fi network or providing their Internet service. And thanks to Congress recently overturning privacy rules for ISPs, that’s information that Comcast, Verizon, or Time Warner, for example, could hypothetically collect and use to target those women with ads.
Additionally, all of the period trackers, like most apps, were passing along their user information to third-party analytics companies, social networks, and advertisers, including Google, Facebook, Adobe, Doubleclick (owned by Google), and Crashlytics (owned by Google). In other words, they were sending information to those companies that could enable them to tag that phone as belonging to a “person trying to get pregnant.”
In addition, Glow was passing along the phone’s IMEI—a permanent serial number for the device—to Appsflyer, an ad company. That number can be used to persistently track the user of the phone, as it can’t be changed even if the device is factory-reset. Glow’s head of communications Jennifer Tye told me Glow itself wasn’t collecting the IMEI, and that it has rolled out an integration with Appsflyer that will not send the IMEI as long as an advertising ID is available—which is an identifier for your phone that can be changed.
What Quintin and I weren’t able to find out in this review of the apps was how this information will ultimately be used. I expected to be deluged with ads online for baby products, but that didn’t happen until I actually started buying baby products after my daughter was born. (A pink princess dress that I looked at on Macy’s has been trailing me for months now.) A huge problem with the data-trading business is just how Kafkaesque it is; you don’t know who knows what about you or how it’s influencing what you see or how you’re treated.
It was easy enough for me to figure out to whom What To Expect was selling my data, thanks to the annoying spam emails and its excessively long, but transparent, privacy policy. But the other apps’ data brokering is harder to trace, and even with the help of Quintin and ReCon, I can’t know the ultimate fate of the data I shared with them. Such is the murky nature of privacy in a world where a seemingly endless network of companies you’ve never heard of are collecting information about you and trying to monetize it.
“Information will leak across platforms, and we need to protect against negative outcomes,” said Deborah Estrin, an expert on mobile medical data at Cornell University, bringing up the Genetic Information Nondiscrimination Act as an example of the sort of legislation that can protect conusmers from data-hungry corporations. “That protects you from having your genomic information used against you. We might need another law to protect you from having your health information used against you.”
It pains me to admit that the apps were ultimately helpful in steering me through my first pregnancy, proving that for me, at least, convenience trumped privacy. But now that I know the ropes, I would spare any future fetuses the pregnancy panopticon. The only privacy invasion they’ll be subject to in utero will be the ultrasound.
This story was produced by the Special Projects Desk of Gizmodo Media Group. It is also being presented as a talk given by Kashmir Hill and the Electronic Frontier Foundation’s Cooper Quintin at the security conference Defcon.