• @[email protected]
    link
    fedilink
    16
    edit-2
    2 days ago

    They shouldn’t be collecting it in the first place, store the logs locally (and encrypted tbh) on the user’s device.

  • @[email protected]
    link
    fedilink
    English
    52 days ago

    But it will still disclose that data to advertising companies which WILL give it to the authorities for a nominal fee

    Also, why does the app keep that data in a centralized location where it can be scooped up like that?

    And more importantly, people have known that everything is spyware since the Snowden leaks, why the hell would you ever give that kind of data to an app on your phone? Even if the app was totally E2EE and private, other things on your phone do all kinds of spying

      • @[email protected]
        link
        fedilink
        English
        11 day ago

        typical Trump presidency bullshit. Yet they fail to prosecuate many gangsters and rich money launderers. like this was the biggest problem ever

    • @problematicPanther
      link
      142 days ago

      dystopian hellscape where government has an algorithm to check whether your period has come in a given month, and if you’ve missed more than a few weeks, you’ll be listed as pregnant. And then if you’re not pregnant anymore for any reason other than giving birth, then you’ll be prosecuted for having an abortion.

    • @[email protected]
      link
      fedilink
      132 days ago

      To prosecute criminals. Like women not following a shit take like “Your body, my choice”. Or terrorists. With wombs? Idk.

      This shit is just fucked up.

    • @dance_ninja
      link
      482 days ago

      When they start prosecuting women for miscarriages and suspected abortions under Trump’s national abortion ban.

      • AwkwardLookMonkeyPuppet
        link
        English
        72 days ago

        That’s not a need, that’s a want. The government doesn’t get to do whatever they want.

      • @[email protected]
        link
        fedilink
        English
        -172 days ago

        Literally on video saying he doesn’t want a national abortion ban, but now they are going to take data from period apps? Even the pro lifers aren’t this unhinged.

        • @auzy
          link
          7
          edit-2
          2 days ago

          For a guy who doesn’t want a ban he seems awfully proud of overturning roe vs Wade. There’s literally only one reason to do that

          Why else would he overturn it?

          Why else would he keep claiming people are aborting after birth lol.

          I think I know how he won now. I’m Australian and it turns out even I’ve been paying better attention than you

        • @dance_ninja
          link
          82 days ago

          Ken Paxton’s actions in Texas say otherwise.

          I wouldn’t be surprised if Trump either signs the bill when it gets to his desk or if he just lets it sit there for 10 days and it automatically becomes law without a veto.

        • @MrPoopbutt
          link
          62 days ago

          Lol yes they are.

          Each time you think you have seen a bottom to the barrel to how low they will stoop, be prepared to be disappointed as they drill right through it and show you a whole new bottom. This bottom too will be shattered.

          Mark my words.

        • @problematicPanther
          link
          22 days ago

          It’s also literally on video where he said project 2025 isn’t his platform. Guess what.

  • @Fosheze
    link
    English
    653 days ago

    Why does a period tracking app even need to store the data anywhere other than locally?

    • @[email protected]
      link
      fedilink
      43
      edit-2
      3 days ago

      their given reasons are “to keep backups” and “academic and clinical research with de-identified datasets”

      they seem to actually do a fairly good job with anonymizing the research datasets, unlike most “anonymized research data”, though for the raw data stored on their servers, they do not seem to use encryption properly and their security model is “the cloud hoster wouldn’t spy on the data right?” (hint: their data is stored on american servers, so the american authorities can just subpoena Amazon Web Services directly, bypassing all their “privacy guarantees”. (the replacement for the EU-US Privacy Shield seems to be on very uncertain legal grounds, and that was before the election))

      • @[email protected]
        link
        fedilink
        6
        edit-2
        2 days ago

        De-identified data is an oxymoron. Basically any dataset that’s in any way interesting is identifiable.

        • @[email protected]
          link
          fedilink
          4
          edit-2
          2 days ago

          no it’s not. If you reduce the information in the datapoints until none of them are unique, then it is very obviously impossible to uniquely identify someone from them. And when you have millions of users the data can definitely still be kept interesting

          (though there’s pretty big pitfalls here, as their report seems to leave open the possibility of not doing it correctly)

      • @[email protected]
        link
        fedilink
        English
        233 days ago

        Then that data should be stored encrypted, salted, hashed, smashed, mashed, and passed so that only the person who is moving phones can open it

        Not just for being made to give it over but also like leaks n shit

      • @[email protected]
        link
        fedilink
        22 days ago

        dude, phones have built-in functions to transfer data seamlessly, i helped my dad with that a while back and it amounts to pressing some buttons and putting the phones on top of each other…

        if that’s too difficult i think you need a personal assistant.

        • @[email protected]
          link
          fedilink
          3
          edit-2
          2 days ago

          You can what?! I’ve been using a USB drive…

          Not that I’m complaining, the USB is easy enough, but of what wizardry do you speak?

          • @[email protected]
            link
            fedilink
            22 days ago

            I think it’s only available on stock OSes, it’s one of those things we tech nerds sacrifice for freedom.
            But for the kind of person who uses a period app connected to the internet, yeah that’s not a problem lmao.

            fwiw there are apps to make migrating easier on custom OSes as well, a quick search shows at least BARIA on f-droid.

        • AbsentBird
          link
          fedilink
          English
          12 days ago

          Why are you being so condescending?

          Phones get lost, stolen, damaged beyond repair. I knew a woman whose phone fell into a body of water on vacation and couldn’t be recovered.

          When you have an app used by millions of people, which they depend on for tracking wellness, health issues, reproductive planning, etc. it makes sense to have a cloud backup for those inevitable situations.

          Also yes, not everyone knows how to initiate an NFC file transfer, or even how to navigate their phone’s file system to select the data to transfer. You often have to develop software to the lowest common denominator. There’s open source options like Mensinator for people who want more control and privacy, but most software on the app store is targeted at less technical people.

  • ValiantDust
    link
    fedilink
    1283 days ago

    If anyone is in need of a more secure option in these dystopian times: drip keeps all your data on your phone. You can export the data, so you can keep the tracked data when changing phones. I only use it for tracking my cycle and sometimes symptoms though, so I can’t say much about using it for birth control.

    • @disguy_ovahea
      link
      253 days ago

      Apple’s Cycle Tracking app is also locally and E2E encrypted in iCloud.

      When your phone is locked with a passcode, Touch ID, or Face ID, all of your health and fitness data in the Health app, other than your Medical ID, is encrypted. Any health data synced to iCloud is encrypted both in transit and on our servers. And if you have a recent version of watchOS and iOS with the default two-factor authentication and a passcode, your health and activity data will be stored in a way that Apple can’t read it.

      This means that when you use the Cycle Tracking feature and have enabled two-factor authentication, your health data synced to iCloud is encrypted end-to-end and Apple does not have the key to decrypt the data and therefore cannot read it.

      https://support.apple.com/en-us/120356

      • @[email protected]
        link
        fedilink
        30
        edit-2
        2 days ago

        Sure. It’s encrypted. And your private data only stays on your device. Pinky swear.

        With our 10 billion $ in ad revenue, you can trust that your data never makes it to a third party unencrypted 😚

        Anti Commercial-AI license

        • @disguy_ovahea
          link
          11
          edit-2
          3 days ago

          I’m not sure what that license has to do with Apple’s privacy policy. Apple uses ML to place ads alongside relevant content. They provide no customer information to advertisers. They generate so much ad revenue by keeping a sizable 30% from the advertisers.

          https://support.apple.com/guide/news-publisher/earn-revenue-with-advertising-on-apple-news-apdd44eeeeeb/icloud

          https://support.apple.com/guide/adguide/generate-revenue-apd51c721ca9/icloud

          • JackbyDev
            link
            fedilink
            English
            173 days ago

            onlinepersona posts that on every comment they make. They’re licensing their comments under CC BY-SA-NC 4.0. Given the context of the conversation it may have sounded confusing.

            • @disguy_ovahea
              link
              143 days ago

              That’s the second time you posted that. What does it have to do with Apple’s privacy?

              • @PoopingCough
                link
                English
                483 days ago

                The link has nothing to do with the comment, some people just add that to all their posts because they think it will prevent LLMs from using their comments as training data. It’s useless and very stupid imo, equivalent to people on facebook a few years back copy and pasting that text about owning their pictures and not giving fb permission to use them even though permission was already given in the sign up agreement.

                • @[email protected]
                  link
                  fedilink
                  English
                  -33 days ago

                  I actually hate this take. Unlike facebook, on lemmy, you actually own your data. Will this ownership of data be enforced against LLM companies? Probably not. Stackoverflow had everything under a license that requires attribution, but LLM’s don’t attribute and got away scot free.

                  But… the license that onlinepersona uses is less restrictive, rather than the default of an individual having absolute copyright over content they make. With onlinepersona’s comments, I know exactly what I can legally do with their comments.

                  As for everybody’s else comments, like yours, I don’t really know. Can I quote you, with or with out attribution? Can I legally remix comments? Do I have to ask permission before I use your comment in my presentation? You didn’t sign any kind of license/agreement that explicitly stated what they can do with your comments, did you?

                  I’m never gonna complain about someone explicitly releasing their work under a more free license. I find it frustrating that the fediverse is the “free culture” place and all that, but we don’t have a way to set copyright (or more likely, copyleft), on our comments. Instead, every comment is the equivalent of proprietary, source available software.

                  People mad about onlinepersona’s CC BY-NC-SA 4.0 license, like the other poster who is calling them stupid, are literally mad about receiving free shit. Stay mad, I guess. Personally, I’m happy that I am given content under a more free license than proprietary.

              • @Acters
                link
                153 days ago

                Oh that guy posts that link in every post he makes because he trusts the data scraping companies and legal authorities to enforce it/make it a pain to ingest his data. When in reality he is a hypocrite as his sarcasm is stupid.

      • @[email protected]
        link
        fedilink
        12
        edit-2
        3 days ago

        Is the app and the OS open source? No? Then please shut the fuck up with your dangerous “advice”. People really still havent understood how this shit works. How is this being upvoted? Corporations do not deserve your trust when they claim things without proving them.

        This is not a joke, this shit affects peoples lives. After spearheading the technology for creeps to stalk people with physical tags, and being the first to experiment with client side communications scanning, how do people still not understand that apple is just as bad as the rest.

        • @disguy_ovahea
          link
          -9
          edit-2
          3 days ago

          Apple is very clear how they make their money. Desirable products at high margins, free customer support, and an ecosystem that encourages the purchase of additional devices and services.

          They have also been very clear about their commitment to privacy, and have consistently led the industry in customer-focused privacy software. It’s the primary reason many customers choose Apple over their competitors.

          Realistically, why would Apple blow up a $3.3T global success for an extra $10M? That 1/330 of the company value. For comparison, Apple sells ~$54M in Apple Pencils every year.

          • @[email protected]
            link
            fedilink
            10
            edit-2
            3 days ago

            What apple wants or doesnt want to do is completely irrelevant. The fact that they have the ability to remotely modify your device is a disqualifying factor for any rational person thinking about risk of life level privacy.

            Also they can be legally forced to put backdoors into their software while, under the threat of state violence, being prohibited from telling the public about it. Thats how the US legal system works.

            They can also be forced to put on a theater to make it look like they are not giving the feds access btw.

            • @disguy_ovahea
              link
              -33 days ago

              How can Apple remotely modify your device? Software updates? They have no access to your data.

              • @[email protected]
                link
                fedilink
                12
                edit-2
                3 days ago

                Correct, forced software updates i.e. remotely modifying your device. Also what makes you think they have no access to your data already? Do just trust them when they say “we promise uwu” ?

                Also phones can be caught during shipping and modified, thats how the feds did it for one of their more recent big drug operations. Under Trump who fucking knows what justifications will be used to do the most vile shit.

                • @disguy_ovahea
                  link
                  -3
                  edit-2
                  3 days ago

                  Updates aren’t forced. You have the ability to enable automatic updates, but they are turned off by default. They also cannot affect user data. iOS and app software is sandboxed. The kernel keeps application and OS layers independent, just like Linux. User data is stored in a separate partition.

                  Apple users will experience the same thing that all other computer owners experience when they disable updates entirely; outdated security software and limited compatibility.

          • @[email protected]
            link
            fedilink
            23 days ago

            Realistically, why would Apple blow up a $3.3T global success for an extra $10M? That 1/330 of the company value

            Because they know that even after being caught harvesting user data for advertising, people will still claim they don’t do that even on a specialist privacy community on lemmy. Now think just how long it will take for the average apple user to realize it

            • @disguy_ovahea
              link
              13 days ago

              Yes. There was an issue with iOS 14.1 that enabled personalized ads by default if you didn’t restore from a backup. I was working for Apple at that time. It wasn’t intentional or malicious, and a hotfix was implemented as soon as the bug was identified. The lawsuit was just. Apple fucked up.

      • ValiantDust
        link
        fedilink
        73 days ago

        I mean, the app offers encryption of the data, so you’d have to enter a password. And you can encrypt your phone as well. If it gets to a point where you are forced to enter the password, a piece of paper in your drawer is probably not much safer.

        It’s really beyond fucked up that this is something people have to think about.

  • @Duamerthrax
    link
    41
    edit-2
    3 days ago

    That’s nice, but why does that data need to be on their servers in the first place?

    Ok, so apparently they don’t store the data by default. Guessing they could if the user wants it backed up or synced across devices.

    • Cosmonaut_Collin
      link
      213 days ago

      I imagine they collect data to improve their algorithm so it can more accurately predict a woman’s cycle. Quite a few women use these apps as an alternative birth control, so knowing the specific days where they need to avoid sex is helpful.

      • @Duamerthrax
        link
        133 days ago

        Normally, I’d install the app to find out, but I can’t really install any more apps on my phone. And oh man, do I never like seeing the phrase “collect data to improve [their] algorithm”.

        • @Droggelbecher
          link
          153 days ago

          In general, medical predictions are a very good example of using AI to benefit humanity, not just shareholders. It’s still scary if it’s done by a private company.

          • @Duamerthrax
            link
            33 days ago

            It’s a German company, so I have no idea if they have an equivalent to HIPAA(USA) or if a private company would even have to comply with it.

            • @[email protected]
              link
              fedilink
              English
              43 days ago

              health data in all of eu regulated by gdpr. but did not find reference quick (lost link). but special protection on health data, hipaa is joke compared.

              on other hand, all data you tell your doctor confidential (Arztschweigepflicht). legally even police or judge cannot ask for what you talk about.

    • adr1an
      link
      fedilink
      103 days ago

      I can recommend Mensinator. It includes logging and calculated ovulation day too. Something I could not see in bluemoon screenshots.

      • flicker
        link
        113 days ago

        Mensinator

        Sounds like something from Doofenshmirtz.

        • @dandu3
          link
          43 days ago

          Doofenshmirtz Evil incorporateeeeed

  • @[email protected]
    link
    fedilink
    223 days ago

    I know it’s not feasible, but if a lot of males would just use the apps that are know to report to US authorities and input data, that most likely will raise a alarms, they would have to deal with heaps of false-positives and it would obscure the real data.

    • @Agent641
      link
      52 days ago

      I just experienced my first period as a 38 year old male. I know almost nothing about them, so this is gonna be a wild ride for anyone who reads my stats.

    • @Ellvix
      link
      143 days ago

      I’m in. Anyone know of any apps that DO report data?

    • @[email protected]
      link
      fedilink
      English
      43 days ago

      Wouldn’t that just break the app?

      I’m just assuming they use user data to improve the health data shown, if people are going to fill it up with bogus data, it just destroys whatever use this app has for women.

      • @Dkarma
        link
        123 days ago

        Do you want to be protected or do you want the app optimized pick one

  • @[email protected]
    link
    fedilink
    293 days ago

    Can I get a reminder about the apps that WILL share with the govt so I can help fuck with their data?

    • @[email protected]
      link
      fedilink
      233 days ago

      All US-based apps and all the apps that store their data in US-owned cloud providers at very least.

      • @[email protected]
        link
        fedilink
        English
        53 days ago

        US based apps that’s are end-to-end encrypted where you control the private keys cannot physically share as they won’t have access. Even if it’s in their cloud.

        • @[email protected]
          link
          fedilink
          13
          edit-2
          3 days ago

          If the nice people at the FBI show up to your door with a warrant from a secret court set up by Trump show up to your office telling you either implement a backdoor in your app or everyone goes to jail forever, what do you do?

  • @[email protected]
    link
    fedilink
    English
    223 days ago

    female and male staff members at Clue, based in Berlin

    Basiert und in Berlin.

    𝕯𝖎𝖊𝖘𝖊 𝕶𝖔𝖒𝖒𝖊𝖓𝖙𝖆𝖗𝖘𝖊𝖐𝖙𝖎𝖔𝖓 𝖎𝖘𝖙 𝖓𝖚𝖓 𝕰𝖎𝖌𝖊𝖓𝖙𝖚𝖒 𝖉𝖊𝖗 𝕭𝖚𝖓𝖉𝖊𝖘𝖗𝖊𝖕𝖚𝖇𝖑𝖎𝖐 𝕯𝖊𝖚𝖙𝖘𝖈𝖍𝖑𝖆𝖓𝖉

  • @serenissi
    link
    133 days ago

    It makes zero sense in keeping the data unencrypted in ang cloud. People usually don’t share their cycles details on the public internet.

  • Optional
    link
    193 days ago

    DO NOT put this kind of information in an app!

    If you absolutely have to have it in your phone, use the calendar and pick some event that’s plausible monthly with a unique name so you can search on it. “Checked for Mxyzlptik updates”, “Look at travel to Canada prices” or whatever.

    If you need more functionality than that you’ll need an offline solution. We live in a fascist dictatorship now. They hate women. And they will 100% use that information against you if they can.