Fertility app Premom shared users' health data without consent, FTC says

The Federal Trade Commission alleges the company shared personal health information with two China-based firms, Google and analytics company AppsFlyer.
By Jessica Hagen
11:56 am
Share

Photo: Tim Robberts/Getty Images

Fertility-tracking app Premom, owned by Easy Healthcare, came under fire by the Federal Trade Commission, which alleged the company shared consumers' health data with third parties like Google, AppsFlyer and two China-based analytics and marketing firms for advertising purposes without user consent.

Premom is a free app that offers fertility tracking tools, including period and ovulation tracking. The company also sells ovulation test kits. 

The FTC's investigation found the company shared users' personal health information with third parties, such as identifiable location, health information and activities on the app related to users' fertility, periods and pregnancy.

According to the Commission, the company did not disclose to users that it would share their health information while deceiving users about its data-sharing practices. The FTC also claims the company violated the Health Breach Notification Rule, which requires companies gathering personal health information to notify users and the government of a data breach by failing to inform users of its practices.  

Premom was instructed to refrain from sharing health information with third parties for advertising purposes or other purposes without users' consent, to put into place a comprehensive privacy and security program for protecting users' info and to tell the third parties to delete the information collected without users' permission.

Easy Healthcare was ordered to pay a $200,000 settlement fee and is barred from sharing users' data for advertising purposes, or with third parties, without user consent.

"Premom broke its promises and compromised consumers' privacy," Samuel Levine, director of the FTC's Bureau of Consumer Protection, said in a statement. "We will vigorously enforce the Health Breach Notification Rule to defend consumer's health data from exploitation. Companies collecting this information should be aware that the FTC will not tolerate health privacy abuses."

THE LARGER TREND 

After Roe v. Wade was overturned, some argued that personal data could be used against people who may have sought an abortion. 

Late last year, ten state attorneys general sent a letter to Apple urging the tech giant to add new protections for reproductive health data contained in third-party apps hosted on the App Store.

The Federal Trade Commission has been cracking down on companies for their data-sharing practices. In February, the FTC alleged drug-cost and telehealth platform GoodRx shared consumers' personal health information with third parties like Google and Facebook for advertising purposes.

The agency also said GoodRx allowed third parties to use that data for their own internal purposes, misrepresented its HIPAA compliance and failed to set policies on how it should protect its users' personal health information. 

The company agreed to pay a $1.5 million fine to settle the case, but admitted no wrongdoing. 

Share