Hacker News new | comments | show | ask | jobs | submitlogin
FTC Settlement with Fertility-Tracking App for Facebook/Google SDK Data Sharing (www.ftc.gov)
157 points by averysmallbird 8 days ago | hide | past | web | 74 comments | favorite





To quote a dead comment:

"Am I missing something, or are they really being let off with less than a slap on the wrist, and no fines? Not really sending a great message here, FTC."

Agreed. This is one of the most egregious abuses of privacy imagineable.


> This is one of the most egregious abuses of privacy imagineable.

For people who haven't used these kinds of apps, Flo includes day-by-day tracking of:

  - sex and sex drive
    - didn't have sex
    - protected sex
    - unprotected sex
    - high sex drive
    - masturbation
  - mood: 
    - calm
    - happy
    - [...]
    - sad
    - depressed
    - obsessive thoughts 
    - apathetic
    - very self-critical
  - symptoms (cramps, tender breasts, acne, many more)
  - vaginal discharge (none, spotting, sticky, eggwhite, etc, "unusual")
  - other (travel, stress, disease/injury, alcohol)
There's a ridiculous amount of potential here for just purely creepy oversharing of information that a woman might presume is safe to enter into an app.

There's also a lot of things here that are maybe legally dangerous to be disclosing outside of a doctor-patient context (the last several "mood" items).

This is abhorrent.


It's worth pointing out that traditional data brokers are able to track menstrual cycles based on purchase activity. Nobody can opt out of this and it's been going on for a few decades. It can be used for ad targeting by presenting the target with the optimal content for each week.

Yes, there was this study about clothing purchase correlation:

https://thechart.blogs.cnn.com/2010/08/05/women-buy-sexier-c...


How does this work? Is it that women change their general purchase habits around that time, or that they buy specific products?

You run a 28 day autocorrelation and see what pops out. Start with the obvious purchases then artificially synchronize the purchase history of a group of women to be on the same phase and run another autocorrelation on their aggregate purchases to get the non-obvious signal.

I would imagine women who are buying menstrual products are very likely either about to begin their period or are in the midst of it. Also, things like midol are probably strong indicators.

Hmm, I'm not sure–all the women I know buy massive packs from Costco because it's something that they might as well buy in bulk and save money on. I didn't think of medicine, though–you're probably right about that.

I did not hear about that one. It does sound interesting. Is there some sort of of study discussing it you could link?

For me the canonical example is this story in Forbes about a man who complained to Target about baby-product advertising directed at his teenage daughter.

https://www.forbes.com/sites/kashmirhill/2012/02/16/how-targ...


To spoil an important point of the article: They had a personalized Target account and the daughter had been openly buying pregnancy related products for weeks, her father was the only one not aware of it.

Why is that worth pointing out?

It shows how this could be done for cycle analytics as well...If I remember the target case correctly it was not the buying of a pregnancy test, but general products like more body lotion etc. Things that correlate to the symptoms of the hormons present.

This is freaky, with this data and a rough identity (ads wise) you could literally AB test what ads / suggestive content affects someone's mood and relationship. How bone headed do you have to be to actually ask "what could someone do with this info, seems innocuous to me"?

Perhaps they didn’t think it was innocuous at all?

The FTC brings privacy cases under its 'unfair and deceptive acts or practices in commerce' prohibition, which does not provide it the legal basis to impose civil penalties. There are possibly other things it could have required (the recent Ever case requiring deletion is a good example), but it is currently constrained on what it can force for a first violation. The two Democratic FTC Commissioners issued a useful statement on what else they would have required: https://www.ftc.gov/system/files/documents/public_statements...

You can revive a dead comment if you feel it was unjustly killed. Just click the timestamp then click "vouch".

Thanks for this, I've heard of this option but assumed it was unavailable to my account.

It's available to everyone with a fairly reasonable amount of karma (30, I think?)

I don't see how it's worse than the ubiquitous data brokers built into our society like the private credit bureaus that charge you to access your own data which has a de facto green light from us and our government.

It would be inconsistent to punish this little app severely when we don't care about much more egregious violations. It's tragic that we're only able to care about small things that fit into our tiny laser beam of public outrage.


I do get with the frustration, but with the current state of US (federal) laws it is probably the best remedy available now (unlike GDPR where you can really go and score larger fines and even jail time if it is grossly negligent or intentional).

management could be jailed for fraud.

it is the usual thing where the powerful we say “best we could do” but for the weak we find a way to get them in jail if we don’t like them


i get the frustration.

no you dont


If anyone is looking for an alternative to Flo, as of iOS 13 the built-in Health app has similar functionality:

https://support.apple.com/en-us/HT210407


I know of another one called POW! made by indie developer Benedicte Raae:

https://www.usepow.app/

The data is all client-side encrypted, so she doesn't collect any sensitive user data that could be sold or abused.

I've never used it, but I think the privacy-first mission is cool.


Hey, this is Benedicte. If the app is not for you there is also the newsletter about privacy, menstrual health and POW!: https://www.usepow.app/newsletter

Open inquiry: Anything out there recommended for Android or PC?

Anything on f-droid is going to be good. Last time this story came up I saw a comment saying there was two prominent apps there.

It's scary how many people don't immediately go for the open source alternative before checking the Google play store. Most people publishing on f-droid use their real name, have verifiable open source activity, have a professional reputation to maintain and have their apps open to world to be scrutinised.

Checking F-Droid should be your first choice everytime.


> Anything on f-droid is going to be good

I fail to see how an app being on F-Droid inherently mean it’s going to be privacy-friendly.


Android SDKs themselves can be leaky and are incredibly widespread, this is a clear flaw in mobile appsec and not that well known.

That said basically everything benefits from the sun shining in on it. F-Droid alerts you to anything dodgy under the hood, has reproducible builds[1] and in general has none of the complete shitshow that is playstore.

In my 5EYES country Google's playstore has to secretly insert malware if the government wants it and there's no way for the end user to tell if that's the case.

Tell me a common use for a mobile app and we can compare what is available on both play store and f-droid.

[1] https://f-droid.org/en/docs/Reproducible_Builds/


I’m more pointing out how it’s not a silver bullet (and how a silver bullet for app privacy doesn’t exist); nothing is perfect and f-droid is no exception, even if it is better than Play Store. Nothing is stopping an app from uploading user data for a good purpose then selling it to third parties.

I recommend fertility friend, from their privacy policy

“ FertilityFriend.com is fully funded by its VIP service fees and has been so since we started. It does not rely on any type of data trading for any of its funding or any other purpose. In other words, you are not the product. Clear and straightforward, our charting service is what we sell and nothing else.”

They also have a more data driven approach to fertility than most other sources.


For Android, there's Clue : https://helloclue.com/

I would recommend Drip, which is available on F-Droid. FOSS with very minimal permissions. I'd suggest checking it for trackers with ClassyShark (also on FD).

https://f-droid.org/packages/com.drip

Screenshots feature a modern looking UI.


I'm curious if anyone has insight into the value of this kind of data.

I work with alternative data for investors, mostly consumer spend behavior - things like point of sale transactions and online cart contents. These have value in that you can correlate panel behaviors with a company's revenue or identify trends in the market.

But, for data like ovulation schedules or events like pregnancy, it seems that it's a lot of work (and based on the FTC ethically questionable) to see one-off events or target specific consumers a small set of products.

I must be looking at the available opportunities with some kind of blind spot, because I don't get why companies would pay for this sort of data.


Are you kidding? As far as I know, there is no greater event generally in a persons life when their purchasing habits and lifestyle change, and they are looking for new brands, than pregnancy.

Not only just for the huge amount of money people will spend on baby stuff, sorting out cribs, but then eighteen years perfectly time-able marketing for birthdays, different stages of development, loans, different cars, houses, college loans, It is probably the most valuable single even about someone from an advertising perspective and whoever can get in first is out to make bank.

How valuable do you think it to build relationship with, track the preferences of, and pick a the perfect adverts and products to show a person who has purchasing power for someone for eighteen solid years? With 100% certainty of what they are going to need unless something tragic happens.

Also knowing that based on the socioeconomic status whether they will be pressed for time and desperate for discounts, or be flush enough that they can afford to give their sprogg the most expensive things they will grow out of.


I was not kidding. I guess I didn't realize they were selling data with PII, which is shocking. I'm actually surprised Google and Facebook were taking in other-party data that wasn't aggregated, just due to the privacy and perception concerns.

That said, it still seems like a vector that's really problematic compared to gain. My personal anecdote is that my kids both only used Pampers Swaddlers diapers, simply because that's what the hospital gave us as we left - that is what I would see as a brilliant marketing partnership for P&G without risks of invasive perceptions.


There's a lot of value in knowing about a pregnancy -- in the months leading up to a baby, you're spending a ton of money getting ready for the baby or on constantly buying new clothes for mom as the pregnancy moves along. Once the baby comes, you have a good chance for capturing a repeat customer on a bunch of baby-related items (diapers, wipes, etc).

Also, if you’ve ever known someone who’s a new parent; the sheer volume of “welcome packages”, pamphlets, flyers, coupons, and free samples is staggering and clearly indicates (to me at least) that the customer value is uncommonly high.

If you sell cribs, you likely only have 1 - 2 chances per couple's entire lives to sell a crib. Saturation and timing of ads are paramount.

Oh god, that. When my wife gave birth, she received a "care package" that was just a box with few small items (water and some cosmetics testers, IIRC) and half a kilogram of flyers. I honestly was floored, and my deep hatred for the advertising industry had reached a new level. And then I noticed that the child health book they gave us - an official medical document that we'll be carrying for the next two decades - had multiple full-page ads in it. Because of course it did.

Did I said it already that advertising is a cancer on modern society?


You should read this article about Target going to great lengths to figure out which customers were pregnant. https://www.nytimes.com/2012/02/19/magazine/shopping-habits....

Some companies' business is that one off customer. Think of weddings and graduations. Entire businesses are formed around those too.

The value is enormous because women's hormones depend basically on the menstrual cycle and the modifications of that with things like the pill.

People's behavior (women and men) depend a lot on hormones.

Big big data you can identify lots of useful patterns of behavior and you could control those.


At a minimum the last few on the mood list (depressed obsessive thoughts, apathetic, very self-critical) seem like great indicators of when someone might be the most receptive to advertising for SSRIs.

The fact that you can advertise these things at all is kind of shocking to me. I’d expect psychiatric drugs to be prescribed by a psychiatrist on their medicinal merits rather than purchased on an advertising-driven whim.

Wait til you learn how they advertise drugs to your psychiatrist!

https://www.washingtonpost.com/business/2019/01/30/stripper-...


Oh, I mean there's all manner of conflict-of-interest, perverse-incentive type stuff going on there - you kind of expect that (sadly) in big business - but it's another whole level of dodginess marketing prescription pharmaceuticals directly to laypeople. It seems only one step above roaming the streets giving out "free samples" wrapped in twists of aluminium foil.

Facebook and Google do not pay for this data. Flo sends it to them for free, because it improves the performance/ROI of Flo's marketing.

Facebook and Google have no semantic understanding of this data, so it does not have inherent value to them in terms of creating configurable targeting segments. These are arbitrary data points sent by the app, and they might as well be labeled "A", "B", "C", and "D" rather than their sensitive names.

Flo can optimize their ads towards occurrences of event "A" or they can run ads towards "people who have triggered event B in the last week but not event C", but this doesn't offer specific value to other advertisers or FB/G themselves.

That said, when all of this is put into an ML black box, you never know how data points may be correlated. Maybe the system learns that people who trigger event "D" also end up buying baby clothes. That could lead to observable ad patterns, even if no one can explicitly tie event "D" to pregnancy.


> I don't get why companies would pay for this sort of data.

Knowing when someone is pregnant or trying to get pregnant seem like premium moments. Lots of money in fertility treatments and related services. Lots more money in maternity products and new baby products.


Yeah you can definitely sell anything to a couple who is trying to get pregnant, especially if you know they've been trying for a few months without success.

I'm sure you can successfully sell anything from coffee to yoga classes that helps with fertility. Just takes the right pitch and the right mark.

Having done a lot of research myself, there's a ton of folksy "tricks" online but precious little real research information available. A lot of the "tips" boil down to "be young and healthy" and "don't be old and unhealthy."

I've read some peer reviewed research as well but most of that is focused on outcomes and genetic testing of IVF embryos rather than natural fertilization. I get the impression that fertility isn't something that's well-studied outside of really generic health indicators like weight and age. And a lot of fertility information seems to focus on ages 20 to 35. They seem to assume that after that age you've given up on starting a family or that you already have one.


It is not because you are pregnant or because there is a baby on the way. It is because, during this time in a woman’s life she is very open for changes in her daily routines. Everything is interesting: from breakfast brands to shampoo brands, type and brand of car, even housing.

It looks like the "sharing" here was "using 3rd party analytics tools," or is there something more here?

There is also this interesting article about app like these sharing data directly to the employer: https://www.washingtonpost.com/technology/2019/04/10/trackin...

"Is your pregnancy app sharing your intimate data with your boss? As apps to help moms monitor their health proliferate, employers and insurers pay to keep tabs on the vast and valuable data"


Skimmed the complaint. Seems like they got in hot water for deceptive disclaimers and not committing to the tenants of the privacy shield. Had their TOS said "we may disclose your data to advertisers" in small font and not voluntarily entered into the EU-U.S. Privacy Shield they would be okay.

I hope the company Flo Health gets definitively banned from the Google Play store. They just show off how little they understand their business and the principles of medical confidentiality.

Is this related to the US Fertility company's data breach?

Leaked SSN and DoB data, rouge code was on there for a month before they found it.

Edit: it's a different breach of a different fertility related company.

Finally data-breaches are sexy ;)


Whats the actual mechanism here for Google to get value from this data?

You cant create a campaign targeting is_menstruating=true so how are these opaque key value pairs making them money?


So, what's the correct recipe here? Anonimyze your events before sending to third party analytics? Like event5, mood12?

Maybe there are some things where you just shouldn't use 3rd party analytics, if any.

What is the difference between using Google Analytics and Google Spanner then? Or AWS Aurora vs AWS EC2 for that matter?

My understanding is that Google promises not to use data in gcp databases, while it openly says it will use Analytics data for its own purposes. But yes, you should carefully consider that!

This, especially considering that most research has shown that it's trivally easy to take anonymized data and de-anonymize it.

This is abhorrent.

Am I missing something, or are they really being let off with less than a slap on the wrist, and no fines?

Not really sending a great message here, FTC.


A menstrual cycle company named Flo. App-tly named (excuse the pun).



Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: