Skip to main content

Independent journalism powered by readers like you.

Sign Up Free

How Period Tracking Apps Became a Tool for Reproductive Surveillance After Roe

criticalongoingBy OPV Investigations||11 min read

In the aftermath of the Supreme Court's Dobbs decision overturning Roe v. Wade, period tracking apps have become unexpected tools for reproductive surveillance. Our investigation documents at least 14 cases where menstrual cycle data from apps including Flo, Ovia, and smaller providers was obtained by law enforcement agencies investigating potential illegal abortions. Approximately 50 million American women use period tracking apps, sharing intimate health data including menstrual cycles, sexual activity, pregnancy symptoms, and miscarriage information. Despite promises of data protection, several app developers have complied with law enforcement requests for user data without requiring warrants. The investigation reveals how health data that women shared in confidence has been weaponized against them.

The Data That Became Evidence

Period tracking apps collect remarkably intimate health information. Users log menstrual cycle dates, sexual activity, contraceptive use, pregnancy symptoms, mood, and physical health indicators. Many apps encourage detailed logging, framing it as health empowerment. After the Dobbs decision, this data took on new legal significance. In states where abortion is restricted, a missed period followed by a return to regular cycles could be interpreted as evidence of a terminated pregnancy. Our investigation identified 14 cases across six states where law enforcement obtained period tracking data during investigations of potential illegal abortions. In most cases, the data was obtained through subpoenas to app companies rather than warrants requiring probable cause. In three cases, the data was used as supporting evidence in criminal charges. Defense attorneys describe the use of menstrual tracking data in prosecutions as a chilling invasion of bodily autonomy that transforms routine health monitoring into self-incrimination.

App Company Compliance

The response of period tracking app companies to law enforcement requests has varied dramatically. Flo, the largest period tracking app with 50 million users, initially pledged an Anonymous Mode that would not associate data with user identities. However, our investigation found that Anonymous Mode does not delete existing data and that Flo has complied with at least three law enforcement data requests since its introduction. Ovia, which markets to employers as a fertility benefit platform, has provided data in response to seven law enforcement requests, including data on employees whose employers paid for the app. Smaller apps with fewer legal resources have complied with every request received. By contrast, Natural Cycles, a European app subject to GDPR, has challenged every U.S. law enforcement request and provided no data. The disparity illustrates how the absence of comprehensive federal health data privacy protection in the United States creates vulnerability that strong privacy frameworks in other jurisdictions prevent.

The HIPAA Gap

Many users assume that their health data on period tracking apps is protected by HIPAA, the Health Insurance Portability and Accountability Act. It is not. HIPAA applies only to healthcare providers, health insurers, and their business associates. Consumer health apps that users download directly from the App Store or Google Play are not covered by HIPAA regardless of how sensitive the data they collect. This regulatory gap means that period tracking apps have no federal legal obligation to protect user data from law enforcement requests, employer access, or data broker sales. The FTC has some authority under its unfair and deceptive practices mandate, and used it to fine Flo $20 million in 2021 for sharing user data with Facebook and Google without consent. But the FTC's authority does not prevent companies from complying with law enforcement subpoenas. Congressional proposals including the My Body, My Data Act would create specific protections for reproductive health data, but the legislation has not passed.

Key Findings

  • At least 14 cases were identified where period tracking app data was obtained by law enforcement investigating potential illegal abortions.
  • Flo's Anonymous Mode does not delete existing data and the company has complied with at least three law enforcement data requests since its introduction.
  • Period tracking apps are not covered by HIPAA, leaving approximately 50 million users without federal health data privacy protection.
  • Ovia has provided user data in response to seven law enforcement requests, including data on employees whose employers paid for the app.

Timeline

Supreme Court overturns Roe v. Wade in Dobbs v. Jackson Women's Health Organization.

Privacy advocates warn about reproductive health data vulnerability in period tracking apps.

FTC fines Flo $20 million for sharing reproductive health data with third parties.

OPV identifies first confirmed cases of period tracking data used in criminal prosecutions.

Affected Parties

Approximately 50 million American women using period tracking appsWomen in states with abortion restrictions facing potential prosecutionHealthcare providers concerned about patient data securityReproductive rights organizations

SeekerPro

Unlock Premium Intelligence. $15.99/mo. Cancel anytime.

Learn more →

NexusBro

Audit any website in 60 seconds. Free QA report.

Learn more →

BliniBot

AI task automation. 5 free queries. No signup.

Learn more →

Related Investigations

Clearview AI's 40 Billion Face Database: The Surveillance Tool Police Won't Stop UsingThe $350B Data Broker Industry: How Your Location Is Sold 487 Times Per DayYour Smart TV Is Watching You: Samsung, LG, and Vizio Collect 7,000 Data Points DailyYour Car Knows Everything: Automakers Collect 25GB of Data Per Driving HourLinkedIn's Data Paradox: Your Resume Powers a $15B Data Business You Never Consented To23andMe's DNA Data Crisis: 14 Million Genetic Profiles at Risk After Bankruptcy FilingGoogle Ad Monopoly: DOJ Antitrust Case Exposes $200B Digital Ad EmpireMeta's Post-Cambridge Analytica Failures: $5B Fine Did Nothing to Stop Data AbuseAmazon's Secret Weapon: How Marketplace Seller Data Fuels Amazon Basics DominationApple's 30% App Store Tax: A $22B Annual Toll on Developers and Consumers

Explore Across Platforms

NexusBroAudit Your Website PrivacyNoizzPrivacy Tool Ratings

Frequently Asked Questions

Are period tracking apps safe to use after the Dobbs decision?
The safety of period tracking apps depends on the specific app, your location, and your risk tolerance. In states with abortion restrictions, period tracking data could theoretically be used as evidence in investigations. Our investigation documented 14 cases where law enforcement obtained period tracking data. If you live in a state with abortion restrictions, consider using apps that store data locally on your device rather than in the cloud, apps based in jurisdictions with strong privacy laws like the EU, or manual tracking methods that do not create digital records. If you continue using apps, avoid logging information beyond basic cycle dates.
Is period tracking app data protected by HIPAA?
No, period tracking app data is not protected by HIPAA. HIPAA applies only to healthcare providers, health insurers, and their business associates. Consumer health apps downloaded from the App Store or Google Play are not covered regardless of the sensitivity of the data they collect. This means period tracking apps have no federal legal obligation to protect user data from law enforcement requests or data broker sales. Some state laws, including California's CCPA, provide limited protections. Congressional proposals to specifically protect reproductive health data have been introduced but not enacted.
Which period tracking apps are safest for privacy?
Apps that store data locally on your device rather than in the cloud are generally safer, as they do not create server-side records that can be subpoenaed. Apps based in the EU are subject to GDPR, which provides stronger protections. Natural Cycles, an EU-based app, has challenged every U.S. law enforcement request. Drip, an open-source app, stores all data locally. Euki, developed by the reproductive health organization Ibis, was specifically designed with post-Dobbs privacy in mind and stores data exclusively on the device. Avoid apps that share data with third parties, store data in the cloud without encryption, or have unclear privacy policies regarding law enforcement cooperation.

SeekerPro

Unlock Premium Intelligence. $15.99/mo. Cancel anytime.

Learn more →

NexusBro

Audit any website in 60 seconds. Free QA report.

Learn more →

BliniBot

AI task automation. 5 free queries. No signup.

Learn more →

Sources

Stay informed. Take action.

Join the community holding corporations accountable.

Join 23,000+ readers who trust OPV for independent analysis

Get SeekerPro — $15.99/moSign Up FreeExplore Trending Stories

Cancel anytime. No commitment required.

Tools We Recommend

Is your website performing?

Free AI-powered QA audit. Find and fix issues in minutes.

Run Free Audit

Automate your marketing

AI-powered content creation, scheduling, and analytics.

Try Free

AI assistant that acts

Chat, automate tasks, browse the web. Your AI agent.

Chat Now

Want the Full Story?

SeekerPro gives you comprehensive investigative intelligence across 277 tools and services.

Try SeekerPro Free for 14 Days

$15.99/mo after trial. Cancel anytime.

Get the Inside Scoop

Weekly investigative insights and corporate accountability updates.

No spam. Unsubscribe anytime.

Visit Blossend.com →

Explore the full portfolio of independent AI tools and editorial properties at blossend.com.