There's a FOSS alternative called Drip.
It is funded by Mozilla and Open Knowledge Foundation. Available on iOS and Android.
Mensinator is also another FOSS that uses no third party sdks and is reproducibly built for android, fairly actively used, and made by women. https://github.com/EmmaTellblom/Mensinator
As I had failed finding an app that was not ad-ridden or oldish, my girlfriend and I are using this (I am copying her values, to know when her period will be). Also contributing some code :)
Can I ask why you use it? We used test strips - they're really cheap and way more accurate as women's bodies aren't clocks. That was effective for getting pregnant.
Using anything except some kind of active measures to avoid pregnancy doesn't pass my engineer brain and certainly doesn't pass my wife's Pharmacologist brain (i.e. she actually knows what she's talking about whereas I'm using applied probability theory with assumptions).
For the opposite FYI; some aren't trying to either target or not target pregnancy, they want to have a forecast for the next 3 days so they can pack their purse.
Can I ask why you use it?
Honestly just for fun? I think girl stuff is cool and my partner indulges me. It does truly help with emotional/sexual/physical planning, but a very biological embodied flavor of fun is my real reason.
FYI - many couples track cycles because they are trying to get pregnant.
Yes but as I said in my post - it's not effective. Hormone measuring strips are and they costs very little - $2 / month - and are very effective. We wouldn't have three kids now if we relied on counting days.
You use them in conjunction with each other. For instance, if one of you travels for work, you can try to plan around when you think the next cycle will be.
A strip confirming you’re ovulating is pretty useless by itself if your partner is on the other side of the country.
this article got me wondering where the partner app, potentially named drop?, that warns drip user's partners to be more careful in their choice of words, or lack thereof, during that special time where domestic emotions often devolve in to an irrational mess ending with a few days of sleeping on the couch until the drip has subsided
I've never known my partners to turn into an irrational mess because I said something they would otherwise be fine with. I actually find partners to be quite a bit more affectionate around those times. There's certainly an element of emotional volatility, but it swings both ways... And doesn't devolve into messes at all. Nothing that can't be sorted with a simple 'how are you feeling, anything I can do to help?'
I never noticed any "special times" of irrationality with my partner. I have noticed I got the cold shoulder when I behaved like a teenage boy or didn't treat her with the respect an adult human deserves.
I’m not sure why this is downvoted, the strips are indeed a lot more accurate.
It's because people are reading the first few words and thinking "this is an male nerd asking stupid ignorant questions".
It's that or there are people who actually think that counting days is a good way to enable unprotected sex without a risk of baby. Which is absolutely isn't - it changes the risk to 2-5% a shot. Compared to around ~2% year for condoms alone.
It's worth pointing out that due to the nature of how contraceptive studies are done, it's remarkably easy to stay out of that 2% for condoms. (Namely, if you're planning on using condoms as your choice of contraceptive, actually use the condoms).
> Mozilla
So they will end up killing it soon? /s
This gets downvoted for being negative, but it was my immediate reaction when I saw "Mozilla": They're axing projects that don't align for strategic reasons that probably make sense, but is simultaneously very Googly.
Association with Mozilla is a cause for concern when considering the longevity of a project.
Sure, Mozilla does this. So does Google. And Apple. And Microsoft. Everyone does. Pruning is a healthy and expected part of running a business. So what? All software is temporary, given a long enough timeline, even gmail. It's a user's fault for expecting otherwise.
> Mozilla does this. So does Google. And Apple. And Microsoft.
Those are all companies you need to be wary with, because a strategic choice on their behalf may upend your life with a few days warning, or none at all.
And the sad part is that Mozilla joined their ranks, not qualifying as a truly “public service company”.
> All software is temporary, given a long enough timeline
Sure, we must all perish one day. But what you describe is how commercial SaaSS gets pruned because it’s good for business, and I have two objections with that:
1. That doesn’t make it good for users.
2. It’s a different timeline for software than for services.
I was contacted today by the customer of an old employer post bankruptcy. They want to know how to deal with self-hosting the service their hardware depends on; this never got delivered. All software is temporary, I told him, meanwhile his very expensive hardware wouldn’t initialize properly on boot.
Some companies kill projects much more frequently than others.
https://killedbygoogle.com/ vs https://killedbymozilla.com/
Yet Mozilla has the stigma here?
Mozilla launches fewer projects in general, so the denominator is smaller.
But yes, Google is the worst at this, and they've built up a reputation which has really hurt them! For example, basically no one believed that Stadia would stick around long-term, which (I would argue) became a self-fulfilling prophesy.
There’s “move fast and break things” at Facebook.
And then there’s “launch whatever an SVP dreams up” followed by “kill that old SVP’s thing” at Google.
Perhaps slightly exaggerated. Google product reveals and sunsets have frequently followed executive movements in/around/out of the company. Two big examples that had widespread impact are in the later Google Wallet/Pay changes and some of the later insanity around multiple self-canabalizing IM/chat/conferencing services.
There seems to be no long term vision or strategy at Google, and Pichai is notoriously averse to making decisions of consequence. It’s not surprising that Google is rudderless.
Spot on with Stadia! I use GeForce NOW, now, but it's nowhere near as stable or fast as Stadia. Very sad.
If Google had launched it and told everyone from the start that if they canceled it you'd get your money for games/hardware back I think people would've tried it.
If anyone is interested in a privacy focused tracking app that stores all your data locally, I make an app called Reflect [0] whose sole purpose is this, plus on-device analysis.
We’re working on a menstrual tracking feature right now and it’s pretty far along. We’ve just released an anomaly detection feature as well.
[0] https://apps.apple.com/us/app/reflect-track-anything/id64638...
The report in the OP raises valid concerns about SDKs from third parties, including Google and Facebook. Your own site showcases the Reflect SDK which is, I quote:
> The Reflect SDK is the iOS framework that powers the Reflect – Track Anything app and is designed to help you: > > Create forms to track customer product usage and experience > Collect customer biometric data [...]
Source: https://ntl.ai/products/
Let's just say I'm skeptical about your claims.
Edit: provided a more extensive quote and link to source.
This is a totally valid concern. Initially we were considering augmenting our income with a B2B model to license the library we’ve built, but that didn’t pan out and our priorities have changed, so we solely work on the apps for customers now. I actually forgot this was even on our website and, since we aren’t trying to offer those services or license anymore, I’ve removed them.
That looks very interesting. I'm building almost the same actually: http://dailyselftrack.com/
Any reason your app is iOS only?
Reflect started as a passion project for myself and my partner with no intention to make a product out of it. By the time we thought to do so, we’d already put so much into just iOS that doing an Android version as well was its own huge project.
We still plan to implement Android, we have a roadmap where we track this: https://changemap.co/ntl/reflect/task/9239-android-version-o...
Are you going to have it be local only?
I think you would be interested in seeing what Flo has done using OHTTP: https://oblivious.network/ohttp
It won't be local-only, it will be local-first. So you won't have to put your data online if you don't want to.
Are you using OHTTP? If there are cloud aspects - I think you would want to. Learn more: https://oblivious.network/ohttp
No, because we don’t have any servers. We don’t track anything about our users, not even logs or usage.
Do you have a link to the Android app?
Unfortunately no android yet, but you can track progress here: https://changemap.co/ntl/reflect/task/9239-android-version-o...
I'm building an app with the same concept but web based first and converted to Android and iOS via Capacitor, for now.
It's not released yet, but if you'd like to get an e-mail notification you could take a look here: https://dailyselftrack.com/
That sounds like a good idea with one obvious challenge: how can you prove that data will remain private forever?
That’s a tough guarantee, ultimately you’re placing trust in the device’s security once you limit your attack surface to just local data. So that’s why we’re working on encryption with key custody. Any feature like cloud backups are explicitly opt-out by default so no one is putting their data onto someone else’s servers without knowing what they’re getting into.
Just to be clear, you’re saying cloud backups are off by default, and the user must explicitly enable them?
If so, just FYI I believe that pattern is usually referred to as “opt-in.” As in, the feature is off by default, and the user must opt in to using it.
(Don't take any of the below in a negative sense! It's awesome you built a privacy-first solution and care about these things, to the extent practical. Below just musings)
I assume the attack vector here is more along the lines of 23andme bankruptcy -- if developer is bought by a new corporate entity / priorities change, what guarantees exist that privacy architecture won't backslide via updates?
Users shouldn't be concerned that a minor update or corporate sale will change the bargain they made around their privacy.
Honestly, it'd be great if there were scaled third-party cloud key escrow services coupled with enforced legal guarantees.* ^
It feels like we did cloud wrong from a legal/privacy perspective by not separating keyholder from data-at-rest-holder (legal entity wise). Tenant-based encryption is basically there... just still mingling data and key ownership in the same entity.
GDPR / right to be forgotten would be trivial if there were always a third party (who enforced requirements on any first party) I could submit a request to, that would burn my keys on their side, thus rendering first-party stored data un-practically-retrievable.
(And a third party because, similar to the browser+CA system, balancing power against each other to enforce guarantees of good behavior seems effective)
* Legal guarantees like "no caching keys for longer than X" or "no unencrypted user data at rest"
^ Cloud hosting encryption keys would also solve the ugly UX edge of strong encryption around "I lost my key... help?"
This is a wonderful comment, but also ...
Is there a way to prevent future versions of the app from uploaded the locally saved data? Even if none if it was in the cloud to begin with?
That's the route I would be most concerned about.
After that, I agree with the rest of your comment.
Blocking network access by a specific app at the OS level would be the way to achieve this.
I don't believe iOS currently has this ability (all network, not just cellular).
Android has solutions like NetGuard.
But you can make updates manual instead of automatic, that’s something.
The issue with this in practice is that it collapses to one of (a) never take updates ever again or (b) risk that any update changes privacy behavior.
Given that it's impossible for a user to vet each update's content effectively.
I agree about a) but b) does not make sense to me, otherwise you cannot instal the app in the first place. I think that a quick internet search about the apps privacy is sufficient for b), definitely better than automatic updates. And it does not have to happen for every release.
Simple + open source + no access to network + no updates (idk about Android/iOS cross-app data sharing).
Still data can be uploaded to the cloud and will be available to cloud providers.
So there is more vectors to protect user data.
Still, I can steal your phone or use my $5 wrench to get the data. There is no guarantee, so why bother. Hypotheticals can always be used to shit on any idea. They just are not always helpful
> no access to network ?
I wish this were a capability you could (as a user) grant or reject at will. But there’s a UI problem: people are sick of clicking accept on a million dialog boxes already.
Your wish exists. The first thing my phone asks before I install a new app is whether to allow network access or not.
Android and iOS developers need to explicitly request network access in their app's configurations.
What homomorphic encryption technology have you looked into using? this is a good use case for that technology.
I agree it could make sense one day but, as I mentioned in another thread, we don't have any servers and so we don't collect or host any user data (encrypted or not). In fact, I really don't want to; it's overhead and costly, and might involve compliance with HIPAA or GDPR, and I just would rather the user be in charge of their own data.
Having FHE for local data would be very interesting though.
What kind of "analysis" is done on the data ? We have apps like mensinator that are very simple.
I'd like to know if it is different from these simple apps ?
Note: im a guy btw
Do you mean for menstrual data specifically?
Currently for general data there is pearson correlation, five different anomaly detection algorithms, and T tests for significance among other things.
The work in progress we have for menstrual tracking takes temperature, flow, and past grund truth data into account. I know that’s vague, and it’s because my partner is working on it, not me :)
When we release the cycle tracking we’ll have a full writeup
This looked promising, but the first two things I tried to record with it seemed just outside of its capabilities. I track blood pressure daily, but it didn’t seem to have a way to record a metric that has two numbers. In addition, I record the sodium and potassium values of everything I eat, and I want a way to record the name of the food item along with those two values (preferably providing a dropdown for previous entries that auto-fills the numeric parts).
Also, the nagging about buying premium was quite aggressive and it made me feel like I couldn’t even get a feel for what the app is like first.
Yeah, there is no support for “multi-dimensional” metrics. So systolic and diastolic would each have to be their own metric. Food tracking in Reflect could use some work, but if you link with Apple Health, Reflect can pull data from Cronometer or MyFitnessPal for example.
Any particular place you thought the premium was very aggressive? I’m open to changing that, it’s not the kind of feedback we normally get. Thanks for saying so
Could you elaborate on which features are premium only? Or maybe also put them in the AppStore description? I tend to be averse to even downloading apps with IAP, without knowing what they are going to be.
A lot of things I clicked on just led to an upsell page that wanted me to do a week trial that led to a $49 monthly, which surprised me since I hadn’t even begun to explore and only had a single metric which I’d never even recorded a datapoint for. And it seemed like I only was allowed to define a single metric, so I tried to delete it in order to create a new one, but clicking “delete” on it was apparently a premium feature as well. I gave up.
You really need to let people actually use the product with no commitment, see how it’s useful, and then bug them a month later.
Btw, I found a bug: on the page where there are three big buttons and the third is “load a csv”, the csv button isn’t clickable. Only the icon on it is.
Thanks for all that feedback! One minor point is that the 49.99 is annual. You can define and record unlimited metrics and data on the free version so if you can’t then that’s a bug for sure. Also, noted regarding the import bug, thanks for that.
For people living in the US of Freedom, wouldn't it be good think to 'keep putting in' cycles, despite pregnancy? Should anything untoward happen later, a quick flash o' the app and "Nope, Officer, no siree. Like clockwork, me...".
Duress modes are a frequently overlooked feature in general - e.g. I don't want to just block access to my location, I want to lie about my location entirely.
I also would like “give an incorrect location” as an option. Something like that would probably never be supported by Google or Apple officially, because unlike some other privacy features, it’s actively and overtly hostile to advertisers.
Not just location, but all privacy sensitive API's. The OS should have built in support for segregating location, contacts, calendars, storage, etc. (GrapheneOS does this quite well with storage scopes). As part of this segregation you should be able to redirect the API to a custom implementation.
Thus, my transit app would have access to my real location while Amazon thinks I'm still at home and Pokemon Go thinks I'm on an around-the-works trip to collect location specific items.
You mention Pokemon Go... this would basically be the end of that game, no? That's probably worth the tradeoff, but worth mentioning.
People are already spoofing location, and it hasn't been the end of the game so far. Or did I miss something?
It depends on how many people are doing it though, right? If you make it trivially easy by building the functionality into the operating system—and potentially even prompting people to lie when the app asks for their location—I feel like things would be very different.
You don’t even have to guess about what will happen. We have examples. For instance, someone made a chrome browser extension that clicked through every single ad on the page. It was immediately banned by Google. You could have always built said tool yourself and used it, but the second it became immediately available to the masses it was crushed.
For years when Android was a lot more root friendly, this was easy to do. IIRC there was an Xposed module you could activate to do it. If you root I'm certain there are still apps that will do it, though I'm sure Google/Apple will be actively hostile against it, let alone actually support it
regardless of what apple/google allow officially, the cell carrier also has tracking locations. if you're going out to do something that you would want to hide your location, it's best to just leave the device at home. get a burner phone paid for in cash by someone not you doing the transaction.
Your cell carrier operators under very different laws and ability to harm you. Sure they know where you are, but most of the data flowing across their network is encrypted and so they mostly know you have a lot of data to AWS, google, and the like but not what it is. Google as the endpoint of that data has the decrypted version of the data and so they know what it is, and so they can target you in different ways.
If you are going to commit a crime (rape, murder), then all the police need is to know who owns the phones in the area and so you need a burner phone to hide your tracks.
However most of us are not worried about crimes. We are worried about privacy. We are not doing anything illegal, but google still knows far too much about us and is using that to legally abuse us with advertisements. While we all want to pretend we are good at ignoring advertisements, most of us have bought things we don't need and don't really want (or spent too much on things we did need/want).
You seem to have lost the plot a bit. In several locations, it is illegal for women to get certain health care. There are parties out there that are very interested in policing those policies. To prove that, it doesn't matter where they get the tracking data as long as they can prove your location. If someone needs a warrant/subpoena to get the data from a cell carrier or some app developer it doesn't matter to the person being persecuted for seeking health care.
Just pointing out this is an all-or-nothing strawman argument summed up as: if you can't have it all, don't bother trying. It's fallacious. That is all. :^)
I disagree to it being a strawman. If you are doing something where you location being identified could put you in a spot of bother, do not carry anything that can track your location. There's just no way around it. If you want to use wavy hands to pretend tracking of location isn't so bad, then you go ahead and call it a strawman. For people whose physical safety depends on not being tracked, it is not a strawman.
Apps that fuzzy or fake your GPS location are available on android.
I needed one when working on an app with store location detection and it worked pretty decently. I have no idea what it became or if it can be recommended, but there should be a bunch with recent reviews in the Store.
I want this for my contact address book too. “This app would like to know all your contacts. Allow / send empty contact list / generate garbage data”
I’d also enjoy if my advertising cookies were randomly reused by people all over the globe. And I’d like my phone number and email address to get associated with dozens of other identities.
there is an alternative contact app that doesn't share your data. you can then fill the default contact app with fake data or leave it empty.
i am not sure if the last point is a good idea though. i get what you want to achieve. anonymity in numbers and plausible deniability, but you are more likely to get mixed up with problematic stuff others are doing rather than protecting yourself. having a common name already shows that. it is both a blessing and a curse.
> there is an alternative contact app that doesn't share your data. you can then fill the default contact app with fake data or leave it empty.
You may want to share your contacts with app X but not with app Y, though.
yes, fair point. i solve that by using shelter where the app and a contact app run with an independent configuration. the downside is that i have to duplicate contacts in the shelter vs outside. however that is what i want because not all contacts are duplicated.
I don't get the downvotes. Plausible deniability is a valid concern when menstrual cycles and geolocation can lead to criminal repercussions in many states of USA [0].
Nevertheless, if I was a fertile woman, I'd be more concerned of my phone/tablet/car leaking my visits to an abortion clinic than a police officer checking my phone.
I guess using FHE like from https://zama.ai you could provide server-side features without compromising privacy
While unlikely, I personally believe that advertising revenue should be taxed at 50%. This would do a lot to align industry incentives. Advertising revenue would be looked at less as a free cash stream that can be bolted on everywhere. In this case, maybe the app could be monetized directly instead of whatever the fuck is happening now.
Revenue isn't taxed. Profit is.
I suppose you could tax a proportion of your profit at a higher rate, according to the proportion of your revenue that came from advertising.
But advertising isn't a "free cash stream that can be bolted on everywhere". It's part of a business model that either is sustainable or isn't.
If you taxed it that much higher, a lot of businesses would simply go out of business, because people aren't willing to pay a subscription instead. Especially businesses that survive on a lot of users who use something only occasionally. Is that really what you want? Think carefully about how much journalism would be even further eroded...
I understand that, and I kind if alluded to this being a concept less than a well thought out policy. If it was strictly profit, then all expenses of the business would be written against advertising and miraculously there would be 0 profit. My general point is that advertising revenue is insanely easy to get, especially with auctions and technology from google. Some of the problems and perverse incentives: - negative engagement in media - advertising screens at gas stations - popups everywhere - hardware devices you own display ads - software you purchase has ads - streaming services you bought without ads have ads added later
You all participate in society, so you get it. Advertising has become a tragedy of the commons and 2nd order effects are things like negative engagement and body dysmorphia. There needs to be a vice tax for advertisements to stop them from being bolted on everywhere. Lobbyists, smart policy makers, economists and lawmakers can come together to find the right mix. However, we should disincentivize it AND use it to make up for budget shortfalls.
Sales taxes are taxes on revenue, and they could certainly be advertisement-specific.
You can tax anything, even beards. Advertising is a business model, but it's a bad one that poisons the social environment. Advertisers are economically incentivized to lie and to push the common denominator ever lower. It is cancer.
If corporations are indeed people, why isn't their income taxed?
They can have the mortgage interest deduction, just like me! I'm a people too!
Also:
>Is that really what you want?
Kinda
Because the actual value corporations provide is only in their profit. Whereas the economic value individuals provide is measured by their compensation. It's completely incoherent to tax a corporation based on revenue. If profit margins are an average of 5%, what exactly would you want the tax rate on revenue to be that wouldn't immediately put out of business nearly every corporation on earth?
And if individuals got to deduct everything they spend money on, then everyone would be incentivized to spend their entire paycheck every year and never save money for retirement or anything.
So the reasons we tax corporations on profit and individuals on income doesn't just make sense logically from a point of measuring economic value, but is also literally the only practical mechanism.
And just to check, you really want most of journalism to go out of business?
Capex and opex create value the same way an individual buying a house (capex) or a happy meal (opex) creates value.
>And just to check, you really want most of journalism to go out of business?
This is bullshit concern trolling.
But if you demand an answer: yes. "JoUrNaLiSm" probably bears half of the fault for getting us to where we are today.
The vast majority of "JoUrNaLiSm" nowadays is just copying and pasting tweets, putting "slams" in the title, and adding commentary anyways.
Low value. Sad. Many such cases.
I think in case of ad companies you could tax the revenue directly. They are strongly vertically integrated so there's really very little reason to track their profit rather than total sales.
The only reason you tax profits rather than revenue is that you want to avoid killing businesses that do useful things why operating at low margins.
Margins in advertising are huge and what those company do is pure detriment to all market actors on average.
Wouldn't that effectively create a massive moat for high efficiency advertisers? The consequences of such a thing sound systematically perversely centralizing. Sort of like how if you were to ban all advertising tomorrow, it would strongly favor incumbents who have the most 'cached' advertising in human memory.
There's absolutely nothing wrong with that. Advertisement is pure waste for the economy. You want to make it highly efficient. If you can make it even more efficient than the free market by itself does, you should.
The crazier thing would be if they were only expendable over 4 years like r&d
I personally believe I should be able to install an ad blocker on my device and completely circumvent the problem.
Why are we creating new economic loopholes? Why not just enforce the anti monopoly laws we currently have?
If your advertising becomes to onerous you simply lose the channel altogether. That will quickly "realign" industry priorities.
A fascinating chapter in The Power of Habit by Charles Duhigg describes market-basket analytics at Target. They wanted to be able to determine whether a shopper is pregnant because that is an event that they believed women to be willing to reconsider their otherwise steadfast shopping brand loyalty. They got too good at their target ad mailers and so had to throw in decoys like motor oil and lawn equipment.
The tipoff for expecting women was purchases of larger quantities of lotion and washrags.
I gave up talking about stuff like this to average people. Whenever I bring stuff like this up, they just get mad and tell they have nothing to hide. This business model will never die, but at least alternatives exhist
They don't need apps to do this. I sat in a meeting with a data broker in 1998 where one of their managers was chuffed that they could determine menstrual cycles by analyzing purchasing records. And it wasn't hygiene products. Various foods and other spending patterns pop out after a 28-day correlation over groups of women that are artificially "synced" into cohort groups.
This invasiveness will continue so long as there are no consumer data protection laws.
Can you elaborate?
Because even with hygiene products, people buy them before they need them and stock up. And with food, you're often shopping for a week and for the whole family. You put things on a shopping list and don't buy them the same day you're using them, or even the same week.
I suspect that even if the manager thought they could determine it, their actual "results" were entirely random. After all, how is he going to check? Call two hundred of the women and ask? Also, periods are irregular. They're not a perfect 28 days each time. They vary month to month.
I don't doubt the manager thought he was doing that. I doubt it actually worked at all, though.
While I expect most women buy in advance, I expect they also don't buy enough and so are out there mid-period at least some of the time. Their cycles also affect their buying patterns, so even women who are stocking up are more likely to buy differently in different parts of the cycle.
The real question is what does the manager do with the data. Across a city on any given day there are about the same number of women in every day of their cycle so it isn't like they are marking up pads on the 25th-28th day of the month to get women who didn't stock up. As such I don't think this data is useful, what is useful is when they discover a women missed her cycle and thus needs to get ads for pregnancy wear in a couple months. Since that is their need for data, the fact that it is noisy and not very accurate is still close enough.
That said, they probably are more accurate than you would expect despite all the noise. Not 100% accurate, but being greater than 50% accurate is a lot better than chance and should be obtainable.
Just knowing what is bought together with menstrual products can influence how they're marketed. It can influence where certain products are placed on shelves relative to menstrual products, where and how they're marketed, which brands in your conglomerate to co-market with, and so on. This is the most innocent use of data in aggregate. The real creepy shit follows now that it's individualized and easily deanonymized.
> The real question is what does the manager do with the data.
Direct-mail (or these days, in-app with notifications) coupons. If you know you'll pay full price at CVS, but it's 30% off at Rite-Aid, you'll go to Rite-Aid and buy other stuff as long as you're making the trip.
I mean, maybe there really are enough women buying last-minute to be able to predict, at least for those women -- and identify who those women are.
If that is your motivation you just blanket send those advertisements all month. Because you want women to think of you when they have need. Some women are stocking up before they have need, and so the coupon when they are having their period is when they won't be buying supplies. Even those who are buying as they have need, if they are out they are buying from the closest store at whatever price, while those who are not in an emergency know where the low prices are (wal-mart or such)
So... the risk to women's safety is that they might end up paying less for hygiene products?
No, the risk to women's safety is that someone the woman doesn't want to know, could find out that they're pregnant. (Or using birth control or whatever)
Someone being an advertiser buying the data?
You think the data brokers aren't aware of varying spending habits? You might be surprised to learn the number of people living day-to-day, cheque-to-cheque who don't have the ability to stock up on much of anything. These are the consumers who are "ripe for the picking" in marketer's eyes. Back in the late 90's this would have been much harder too, probably working with not much more than cash register receipts.
You're making a lot of assumptions there. The guy probably had a training dataset with real cycle data and shopping data and went off of that.
I am, but that's because this is 1998. Where would you ever get such a training dataset with real cycle data tied to shopping data? Menstrual tracking apps weren't a thing then. And any anonymized medical studies that actually did such tracking certainly couldn't have been correlated with identifiable shopping data, I would think.
I think the idea is that the cycle is inferred by analyzing purchasing data.
The person I responded to literally said "training dataset with real cycle data".
I think it's more about when to push than about what to push. Maybe there are specific types of products aside from what's obvious, or actions to take or not to take. Like avoiding discounts when customers are least likely to develop loyalty, maybe even how to rotate through choices of products like meats to vegs to dish soaps.
By the way, I've seen self proclaimed male on social media posting how they use these trackers to predict their irresistible sushi cravings. Apparently, and contrary to intuition, men also have the cycle, just less obvious. Pelvis opening up and such.
From an advertising POV, isn’t that even better? Then they’d know when to advertise to someone to increase sales.
That is, the marketers wouldn’t actually care about a woman’s cycle, but at which points they could monetize it.
(Good lord, I need a shower after just typing that.)
They don't care about your menstrual cycle. Advertisers want to predict your purchase pattern to better target you. So, what you said just reinforces the idea that using menstrual cycle data for placing ads is useful. Essentially using your body against yourself.
> Because even with hygiene products, people buy them before they need them and stock up.
One would think so, but in my experience this is not the case on average. Of the half-dozen long term relationships I've had, only 1 partner was ever prepared for the monthly inevitable. For everyone else it was always treated as a surprise. Suggesting to my current partner that she stock up on the products she just used was dismissed with an "oh I don't need that stuff for weeks".
The trope of guys not wanting to go get tampons, or uncomfortably navigating the feminine hygiene isle, did not just appear out of nowhere.
I don't tend to keep candy in the house. You could track my youngest daughter's menstrual cycle pretty accurately by how often I buy Hershey's bars with almonds. They are never consumed in our household other than during the first part of a particular week. My older daughter and wife don't have quite the same tells though.
> And with food, you're often shopping for a week
That’s not how people shop here in Europe
This theme of anecdote has been trotted out for more than a half century. In the 80’s the yarn was that a supermarket could tell when a woman was pregnant before her doctor from her purchase patterns alone.
To this date, no supermarket has ever produced this result - or any thematically similar.
Assuming purchase history has that clear a pattern (I'm doubtful) doesn't that mean that purchase history alone would ... what? Not be allowed? Because it could be used to determine other things?
I'm not sure what consumer protections could really do much here if the pattern is obvious and the data exists.
read up on that case. it clearly did have a pattern. that was no random guess.
i never pay with card and i don't join any member programs to avoid creating a purchase history. pattern or not, a lot can be gleaned from what i buy.
This is interesting though. How would these sorts of correlation be protected against? We already know that anonymous health data can be traced back. Gather enough data in any domain, and you can pinpoint someone.
Doesn't that assume Just In Time purchasing practices on the behalf of women? Granted it depends upon the type of food. You usually don't buy restaurant food to stock up on it, but you might buy say, three tubs of ice cream because of a buy two get one free.
Given recurring purchase subscriptions from Amazon Prime, perhaps this data is different from 27 years ago
at this point it is already pretty known but mozilla read the tos of some of the most used period apps and analyzed it https://www.mozillafoundation.org/en/privacynotincluded/cate...
A relevant f-droid search:
* https://search.f-droid.org/?q=Menstrual
All of the apps that showed up in the search store data locally. Why would anyone not want to store this sort of data locally? What is the advantage of sending the data off to a server somewhere?
I don't have hard data, but I think I'm correct in assuming that the overwhelming majority of F-Droid users don't menstruate
Because your typical android user is not even aware of it and if they are they don't know or care enough to look for an alternative.
People have multiple devices, want to make the data available to their partners, etc. It's a legitimate but fragile use case.
Can anyone tell me why this would be as much of a problem for safety as they are saying?
The only thing I can see happening is easier selling of pads and tampons during a certain phase of the moon. Apparently this is what the article suggests too, that certain things are easier to sell at a certain point in the cycle.
It’d be embarrassing if someone knew, not dangerous. And even that much feels weird to me for a very well known biological function.
Woman gets pregnant, flagged as such in business intelligence database, she doesn't start buying baby stuff and instead travels out of state, suddenly treated as criminal suspect.
https://www.eff.org/deeplinks/2025/05/she-got-abortion-so-te...
I cannot fathom why you think that highly personal data like this should be sold or shared with law enforcement.
I’m not saying it should be shared. I’m just struggling to come up with truly terrifying things you can do with the information.
That whole article is going mental over the fact that a cop can run a nationwide search on license plates of all things? What’d be the point of running it on a select few states?
“I’ve established that the suspect is not in Texas.”
If you have misunderstood the article so badly, perhaps you should ask someone to sit down and explain to you what it's actually about.
CNN: “A West Virginia prosecutor is warning women that a miscarriage could lead to criminal charges”.
A gap in periods followed by their resumption could theoretically be enough to lead to prosecution.
While it's true that CNN ran an article like that, the underlying claim has been formally rebutted by the West Virginia Prosecuting Attorneys Association, who clarified that:
> Women who experience miscarriage are not required to notify law enforcement and should not fear prosecution…recent public statements do not reflect the consensus of West Virginia prosecutors.
https://wchstv.com/news/local/wva-prosecuting-attorneys-deno...
As far as I understand, the US judicial system is open. How many women have already been held accountable for miscarriages?
A gap in periods could also mean that women body just decided not to bleed this month. It's not common, but it happens, some people have it naturally, some experience it while dieting or overstressed. The physical part of cycle is triggered by hormones, the hormones aren't always there.
Surely they can't prosecute for that.
The problem here is definitely not that someone has information about who is on their period.
Yes, it's not about the menstruation, it's about pregnancy. Having a kid, especially the 1st, is the single largest shift in consumer spending in most people's lives (if they have kids). Aside from all the obvious spending on baby stuff, it predicts buying a house and where they might live, and puts that person (new mother, in this case) on a well-modeled path of buying behavior for the next 18 years. Needs and spending as children age through different phases are quite predictable and the spending is huge and touches almost every aspect of the person's life.
The article is a mess, mixing everything up in a single issue, without saying anything about scale or frequency of them happening:
- Targeted advertising.
- Job prospects and workplace monitoring.
- Insurance discrimination.
- Abortion-related issues.
- Cyberstalking.
Targeted advertising is weird thing, but I believe it's not the particularly important issue here. At least I fail to see the severity of seeing more ads for cosmetics (or sweets or home loans or whatever children stuff) correlated with one's hormonal cycle. I'm not saying it's certainly not an issue (or is an issue), but I don't think it's particularly high on most people list of ethical questions to ponder about. Could be considered benign, could be mildly unethical, but most likely not a huge deal. The way I understand it, much worse problems are in the rest of the list.
It seems that - according to the research linked by the article - some people seem to try to step around the legal barriers on discrimination. While those folks can't (legally) directly discriminate on pregnancy status, they use statistical models to discriminate on a probability of such status, based on the data they can currently buy from app developers. Or maybe not the models but a self-reported goal of becoming pregnant - as it's not a pregnancy per se, so I guess they consider it' s a fair game until a lawmaker or a court says otherwise.
Plus there's also an issue, that some governments have different ideas on personhood, and try to equate abortions (and even miscarriages) with homicide, then try to detect "crime" based on this data, is certainly a major concern.
And there's also something about cyberstalking. I can't say I entirely get it, but a distressed mind can do really weird shit.
Summarized:
1. Menstrual cycle data is sold publicly and is not currently considered a PHI.
2. Some people use this data in ways other people could consider unethical.
3. The article doesn't mention how much of it is arguably harmless or less harmful (such as targeting ads based on predicted hormonal changes) and how much of it is severe abuse. It merely mentions the potential of such abuse, but I haven't found anything about its scale.
I could be, of course, wrong about it all. This is just my current understanding of it after reading for a bit. (My initial understanding was much less than this, like GP I just wondered "there are millions of menstruating people, how is data when they have their periods could be possibly so much valuable to be compared to a gold mine?" as IIRC individual demographic and behavioral data is generally of a very limited value.)
I think it becomes more an issue when you consider that in these apps, people likely also enter things like prescription medications they take, what kind of contraception they use, if any. Additionally, if this data is being sold to advertisers, and a user of the app becomes pregnant, it is possible that data could be used to determine that the user might be pregnant before they even know. This has the potential by itself to become an issue, especially for teens and in cultures where people take having sex outside of wedlock to extremes (as in responding violently to it) by starting to show that person and potentially their other family members on the same internet connection ads related to pregnancy/baby stuff
> things like prescription medications they take, what kind of contraception they use.. determine that the user might be pregnant
Those are PHI, and Google and other big companies wont dare to touch it with 10 foot pole.
And the other part of your argument is so far into hypothetical space. Just because someone gets ads on certain thing doesn't mean the thing is real. These systems hallucinate all the time.
>Can anyone tell me why this would be as much of a problem for safety as they are saying?
The size of the problem is directly correlated with their level of funding. What else can they say?
>The only thing I can see happening is easier selling of pads and tampons during a certain phase of the moon.
No, with that attitude you definitely won't get a research grants.
So each government should make a period cycle app and ban private companies from doing the same? Or the WHO should make the app? Clearly such laws will never be passed in every country. Is this any different from using a point card at a store and buying prenatal vitamins or a pregnancy test? Even a credit card has this type of purchase information, even if they claim not to share direct personal info to advertisers. I would say let users consent when they download an app and leave it in their hands to decide
Ban all advertising on automatically collected data. Users who desire to may opt in by voluntarily providing information about themselves to get the most relevant ads. Apart from that, ads become targeting-free.
Pretty sure all the data for all targeted advertisement is automatically collected?
When I search for things on AliExpress, and then later browse the Internet, it shows me ads for those things.
Your solution sounds equivalent to banning all advertising on the Internet essentially when I do a Google search for something am I consenting to see ads for that thing?
> Pretty sure all the data for all targeted advertisement is automatically collected?
Sure is.
> Your solution sounds equivalent to banning all advertising on the Internet
Not at all. We made targeted advertising a central pillar of the Internet before we realized what that meant. We've normalized the notion of being spied on on the Internet at all times, but that's a choice we made (or perhaps didn't make) that can be remade.
Every regulation on big business in the history of big business has been whined and bitched and complained about. Corporations swore they could never survive paying negroes the same as whites. Same for not being able to employ children. Same for being made to employ women and other minorities. On and on.
Regulations get passed, society benefits. More often than not the corpos do too, even if they refuse to acknowledge it.
Advertising, including online, existed long before targeting existed. It can exist again. I'm sure there will be pain but I have absolute faith in the tech industry, which employs most of if not all the best minds in my generation, to solve the problem. What they lack is a reason to.
> essentially when I do a Google search for something am I consenting to see ads for that thing?
... yes?
Edit: Also just like... you make it sound like there's NO WAY at ALL to "aim" your advertisements without a surveillance apparatus. It's ridiculous.
* Recommendations based on purchase history: any given retailer can do this without running afoul of privacy regulations. Why not?
* Contextual recommendations: Are you trying to sell drone parts? Cool, advertise on drone enthusiast forums and Facebook groups, and use the hashtags in other social media for those things.
* Make Newsletters actually good: Put up a newsletter about your products. If it's quality work that doesn't hit my inbox EVERY SINGLE DAY, I would sign up for it.
Like there are ways to advertise products in targeted ways without spying on people and creeping the fuck out of your potential customers. You just... treat them like people you have an ounce of respect for? Not sentient wallets you're trying to shake every last penny out of.
>> essentially when I do a Google search for something am I consenting to see ads for that thing?
> ... yes?
My problem with this isn't that I see ads when I do the Google search. My personal problem is that the information is then added to my advertising profile and I see those ads everywhere else, too.
Maybe I was brainwashed by too many Mullvad advertisements. [1] (joking)
[1]: https://mullvad.net/en/blog/advertising-that-targets-everyon...
>Same for not being able to employ children. Same for being made to employ women and other minorities.
I don't quite understand your worldview. So they want to employ children, but not women and minorities?
>Regulations get passed, society benefits.
A very doubtful statement. Especially if you look at the growth of wages compared to the level of labor productivity.
So if I purchase prenatal vitamins, then it’s OK if that retailer advertises to me assuming I am pregnant but if that retailer sells that information to another retailer now it it’s a problem? Is that the short of it?
We've incubated a private, local-first menstrual tracking app!
My partner is the founder. She's a PMDD sufferer who needed a proper, science-first tracker to treat her hormonal symptoms. After Roe, she didn't feel like she had any options but to build her own app — Embody.
We're getting ready for a security audit and to take it open source. Would love any feedback!
If there’s something I’m looking forward with end to end vibe coding tools like Github Spark, Lovable and others is getting rid of these suckers. It would be easier to provide similar functionalities and customize them without major issues. Yes, it’s still not seamless enough for your average user but it’s heading in the right direction.
Curious does anyone know of a app/tool that can ingest a dump of your medical records, across platforms and EHR/EMRs and providers, and show it to you?
Ideally this would be local, or self-hostable, and FOSS, but am still curious if it is not that.
There is little to no standardisation in medical records. There is an International Patient Summary (IPS) which was based on the EU's version.
That and the data itself is decentralised in systems which are designed to be inaccessible.
I didn't see any apps mentioned but my naive question for this space:
Are there any subscription-only apps out there that don't advertise at all (in app) and if they do it is based entirely on anonymized broader categories rather than individual targeting?
At ConsentKeys.com we're already working on integrating with a menstrual tracking app (can't mention until the ink is dry), but we're a good fit for apps concerned with blow back like this as the apps that use us will never get the real personal information of the users in exchange for us offering to place them in our privacy centric marketplace (exposure) as well as de-risking themselves as a business, as well as de-risking their users from a data breach (or their information being sold/shared). Vendors also contractually agree to not try to assemble data in a way to try to identify their users as it makes no sense to use us unless you want to be privacy prioritized.
This category of app should absolutely be offline first.
If the data is shared it needs to be controlled by the user every time and not in a way that automatically goes to advertisers.
It’s honestly kind of disturbing. Period tracking apps used to feel like a helpful tool, but now they feel more like surveillance. Most people have no idea their most personal data might end up in an ad network.
What we really need is stronger default privacy, not just longer consent forms. I’d love to see more apps that are local-first and don’t upload anything by default.
I have been thinking about building a privacy-first tracking app for years now.
Someone already did that with drip.: https://bloodyhealth.gitlab.io/
Maybe you would like to contribute?
Please, make sure it's available on f-droid as well, just being there means it's more trustworthy.
The problem is that stuff like privacy and open source don't attract the vast sums of venture capital that ad-selling businesses do. Sure, an average dev could probably build a working app like that - but could you ship the same quality as someone who can afford to hire an entire UX team?
Probably… it would not make you sit through 30 seconds of ads so that would be a great UX improvement.
Never mind quality - how can you achieve the same reach as someone with an advertising budget?
No, but people don't care about UX perfection in comparison. Usually it just needs to work and not get in the way.
imo, the real problem is that you need to consistently ship. It you made a one-off app then it's going to get de-listed for not being updated despite not needing an update.
I make one! It’s called Reflect.
https://apps.apple.com/us/app/reflect-track-anything/id64638...
Seems too nerdy for the market at large - the correlation etc. features might well be as good as or better than what the likes of Flo provide, but people will have a harder time understanding that than simply 'your next date is expected to be x', 'your cycle is typically x days', etc.
We definitely cater to a niche that wants to know the nitty gritty details. We’re trying to layer the app such that you get the TLDR first if you want, and can zoom into the details of why second
It is painfully evident sometimes that America desperatelyl needs a GDPR-like federal law. The state-by-state laws are by nature peicemeal and it makes for a wild west of outright PII abuse.
Even if you could create such a law, at this point in time, no law can protect americans agains persecution by government-affiliated groups who are immune from court scrutiny thanks to their protections at the very top. You would first have to send corrupt SC justices to prison, impeach Trump and prosecute all his henchmen. Forgive me, but i doubt this is going to happen now that the US is officially a dictatorship. There is no point in laws if you have no independent courts and almost no one is willing to stand up for democratic principles.
Tracking the populace is a bipartisan goal, not just a Republican one. Democrats support some good measures like Net Neutrality, but they're also getting behind the "protect the children" surveillance laws just like the Rs. Even when they're in power, the best we get is department chiefs like Lisa Khan doing good work that the next administration reverts.
But on the lawmaking end, they're still pretty complicit.
For those wondering why this is a safety issue, in many American states abortion or "fetal harm" is considered murder. You can be imprisoned, theoretically for life. This is of course a rapidly evolving area of law since the fall of Roe v. Wade. Having one's menstrual data available for subpoena is therefore quite a literal safety risk.
"At least 38 states authorize homicide charges for causing pregnancy loss"
https://www.law.cuny.edu/academics/clinical-programs/hrgj/pr...
As a clarification for the "I didn't do anything wrong, I have nothing to hide" crowd, most of the time when someone is pregnant and then suddenly not pregnant, the cause is a miscarriage. And most people would go see a doctor if there is a lot of pain or bleeding. An overzealous prosecutor (usually running for election) is going to make the claim that you went to a doctor and now you aren't pregnant, you must have made an abortion. And now you have to hire lawyers to argue in court. And all in a easily 3rd-party mass-suppeonable database. That's why this is such a big problem.
https://thegeorgiasun.com/news/woman-arrested-after-miscarri...
https://www.themarshallproject.org/2025/04/02/law-pregnancy-...
Yep now instead of menstration cycles and abortion, replace it with antisemitism or grass-eaters or any other political disposition. You may be getting denied jobs because of posts you made to an anonymous imageboard which you thought were anonymous, but something like your Grammarly extension sent all your typed text up the pipe and now the corporate-state squid knows you're a wrongthinker full of thoughtcrime.
Intel agents look for blackmail to gain leverage over targets. I wonder how many security cleared personnel are going to be vulnerable to Chinese and Iranian extortion, once a database run by one of the cloud-based cannabis CRM+POS companies gets leaked with all that customer and purchase info. I am seriously considering making a fake ID for pot shops, so they quit typing my name into their cloud-connected fucking databases!
Try replacing it with something that wasn't even a concern years ago but now is the hot topic. Various things go in and out of style. Those harmless pranks you did as a kid that everyone laughed at then are now immoral and enough to get you on.
Surely the burden of proof is on the prosecution?
I don't have a problem with this. If a child - even an unborn one - dies in mysterious circumstances, I would prefer the inconvenience of a fruitless investigation over the prospect of living in a society where we don't even care enough to ever be suspicious.
There is nothing mysterious about a miscarriage. They are common. According to the Mayo Clinic:
> Miscarriage is the sudden loss of a pregnancy before the 20th week. About 10% to 20% of known pregnancies end in miscarriage. But the actual number is likely higher. This is because many miscarriages happen early on, before people realize they're pregnant.
https://www.mayoclinic.org/diseases-conditions/pregnancy-los...
Subjecting a person who is already upset about her miscarriage to a fruitless investigation is cruel and stupid; I’d prefer to live in a society where we understand that miscarriages happen as a part of nature and don’t need to further torment the people who suffer from them.
As I understand it, in this case, a witness saw a woman throwing a child's remains in a dumpster. After investigation, it was cleared as a miscarriage.
What would you prefer? We turn a blind eye to people disposing of bodies? Cops refuse to investigate such reports?
It sounds like everything worked as intended here. Of course it's unfortunate for the innocent woman involved, but this is clearly not a witchhunt.
This line of discussion inevitably boils down to what one's definition of a human life is and whether a fetus at a particular stage of development meets that definition.
Let's not have that discussion here on HN. It's not going to be fruitful.
For a conviction, yes, the burden of proof is on the prosecution. But in the meantime, you have to pay for a lawyer, and you will be sitting in jail for a year because they don't give bail for murderers. And as for the lawyer bills, the court doesn't refund you the money when you are found innocent, and it isn't going to be cheap, not for murder.
The process is the punishment.
So you want the state to investigate every single miscarriage?
Where did "mysterious circumstances" come from? I didn't see it mentioned anywhere in this thread...
Do you think a miscarriage is a "mysterious circumstance"? I can only assume so, given your response. That seems like the result of what could only be tremendous ignorance.
Ridiculous strawman.
Do you not want police to investigate reports of someone disposing of human remains in a dumpster?
It's not a strawman. You said "mysterious circumstances" when we are talking about miscarriages. Do you think they are the same or not? It's a very simple question.
>Do you not want police to investigate reports of someone disposing of human remains in a dumpster?
What does this have to do with a miscarriage????
Oh, check out the links that started this discussion. tldr- A woman was seen disposing of a baby's body in a dumpster, prompting an investigation. She was ultimately cleared as it was indeed a miscarriage.
That's what I've been talking about. Obviously nobody's being investigated for routine miscarriages.
I find the "shouldn't we investigate dumping possible human remains into a dumpster?" question to be a red herring at best but: yes, sure, we should. I do not find it relevant to menstruation data captured by an application. If we have the remains, we know the age of the fetus or baby, and can prove whether a particular suspect is the mother of that fetus or baby.
Obviously nobody's being investigated for routine miscarriages.
In fact the opposite is much more "obvious" to me: I think a lot of people in America (and elsewhere) would absolutely support such a thing.
At least one county prosecutor in WV is, in fact, discussing investigating routine miscarriages: https://www.wvnstv.com/news/local-news/prosecutor-warns-of-p...
From the article:
> State law does not require a woman to notify authorities when she miscarries, but Truman said that women who miscarry in West Virginia can protect themselves against potential criminal charges by reporting the miscarriage to local law enforcement. > > “Call your doctor. Call law enforcement, or 911, and just say, ‘I miscarried. I want you to know,'” advised Truman.
Now, in fairness, the state's association of prosecutors has clarified that this is not official policy and that the association as a whole does not support it. But it's definitely not out of the realm of possibility.
https://www.newsandsentinel.com/news/local-news/2025/06/pros...
> Obviously nobody's being investigated for routine miscarriages.
Not obvious that this will remain the case. These advocates did not just disappear once they achieved their goal of overturning RvW. They are working towards their next milestones. I guarantee you there are at least politically active citizens in all 50 states who would support criminalizing routine miscarriage, if not actual elected officials working towards it, and speaking publicly about it.
> Obviously nobody's being investigated for routine miscarriages.
Sorry, how does a third party know the miscarriage was "routine?" What is a non-routine miscarriage? Why would it be criminal, it's still a miscarriage? What's the suspicion?
The article you refer to, the investigation happened, not because there was a miscarriage, but because a body was seen being dumped...
Maybe it was the mistake of the other poster for sharing that link, but I do not see what it has to do with your point at all. Either miscarriages are illegal or not... you said they should be investigated when they are "mysterious circumstances" and I am repeatedly asking you to explain when a miscarriage is a mysterious circumstance? Even more so, when is it such that it has any relevancy to this discussion about the state tracking a woman's pregnancy through digital data.
>Oh, check out the links that started this discussion. tldr- A woman was seen disposing of a baby's body in a dumpster, prompting an investigation. She was ultimately cleared as it was indeed a miscarriage.
What about all the other incidents in the other article besides the one you decided to talk about because you are not willing to state whether or not you think a miscarriage is a "mysterious circumstance?" Which seems like a very straightforward question and I do not understand your unwillingness to provide a response when your previous posts make it very unclear as to whether or not you think a miscarriage is a normal occurrence.
>I do not understand your unwillingness to provide a response ... as to whether or not you think a miscarriage is a normal occurrence
Why would I? It's such a rude question. We are discussing the nuances of suspicious "miscarriages" that appear to be home abortions constituting valid reason for investigation and possible prosecution, and you are hung up on ridiculous strawmen as if you're the only person who understands the issue so everybody else who disagrees must be an uninformed sociopath. It's disrespectful and immature. Yes, I have the basic concepts of mammalian biology well understood. And this will be my signoff to you and this discussion.
> We are discussing the nuances of suspicious "miscarriages" that appear to be home abortions constituting valid reason for investigation and possible prosecution
No. We weren't. We were talking about miscarriages being tracked through these kinds of apps. You selected one of over 20 examples provided by one poster.
> you are hung up on ridiculous strawmen as if you're the only person who understands the issue so everybody else who disagrees must be an uninformed sociopath
It was your strawman. You talked about "suspicious miscarriages" or whatever the exact term was. Something you made up on your own.
> Yes, I have the basic concepts of mammalian biology well understood
That's actually not clear at all as evidenced by the several other posters that took the same exact issue with your bizarre characterizations. But great job making yourself into some sort of victim here!
Behind this is the utterly asinine social idea that miscarriages are something rare.
I think it's a big leap from "menstrual tracking" to being prosecuted because ... what? A gap in the tracking data?
That's too distant a connection for me to believe that information really would change anything.
Probably the best one-liner fix in law I can think of, is to make it a imprisonable felony to give money to someone or an organization for the purpose of speaking a particular message as their own, and accepting money in exchange for speaking a message as your own. Basically ban advertising, or at least make each commercial basically say "General Motors has paid us to tell you that ... ... ..." instead of the sexy seductive style we have today. Ads, if they are to exist at all, should be limited to factual/quantitative statements about performance and reliability, and must not use any suggestive/qualitative statements. We need to make the various pillars of modern advertising criminal offenses: the main one is the use of psychological/memetic trickery to spread and make memorable a message for commercial purposes, then there's the financial incentive to shit up our cyberspaces with sponsored messages. The only place I should EVER EVER EEEVERRR find an advertisement for (say) a plumber, should be in the local directory for businesses under the plumbing section, and the list must be sortable and filterable by basic transparent criteria (no hidden magic feed algorithms).
It is legal to swindle someone in this country, so long as they get swindled enthusiastically and don't think they got swindled. I think being induced to buy a hamburger at midnight by a well placed ad, instead of just reheating some left-overs, is a swindling even if your dependency on this model for your economic survival has you kneejerking on me! The goal is we all turn into self-sufficient economic agents, not be labor-cattle induced by advertising memes to go into interest bearing debt by a thousand little charges.
>"General Motors has paid us to tell you that ... ... ..."
Are we under the impression that people don't know that?
I think most people know what advertising is. I don't think that would change anything.
Very basic example nobody argues with. Did you know your local news station gets some stories to present as their own and they are paid to present them? You may, but many might find that to be a shocking revelation. I was maintaining cognitive accessibility in that example.
I don't think the news thing would surprise anyone either.
I think there's a weirdly patronizing approach that blames so much on advertising, and if by chance if folks got their way they'd be astonished to find that people make bad choices all on their own, and they know they do ...
I think it makes sense when people are quite literally inundated by ads. If you see a constant stream of advertisements, which thoughts are genuinely your own? What preferences would one have that haven’t been massaged in a direction by ads?
> I don't think the news thing would surprise anyone either.
People who you'd expect to realize this still read the news acknowledging everything they're till they get to a specific domain the news covers. A la Gell-Mann Amnesia.
Wouldn’t that just restrict paid endorsements?
General Motors making an ad campaign paying for broadcast does not equate to the station / channel endorsing a product.
How about a plumbing company buys a billboard and puts an ad for their services on it?
Pretty sure the courts would find this plan violates the first amendment too.
At least in the US, you are going to run into problems with the First Amendment (eg Central Hudson Test).
I regret to inform you that the inmates run the asylum, so your proposal will go nowhere. Banning ads? Making Google confess 'We were paid to say this'? Forcing Burger King to admit they're tricking you into midnight cravings? Politicians funded by ads would outlaw that idea faster than you can say 'campaign donation'. Your felony-for-persuasion is bold. It's also delusional.
>Probably the best one-liner fix in law I can think of, is to make it a imprisonable felony to give money to someone or an organization for the purpose of speaking a particular message as their own, and accepting money in exchange for speaking a message as your own.
You think you can make a law like this work with one line? I do not get the code-as-law people, or whatever it is you are coming from that has left you with this impression. No surprise you are also advocating people become "self-sufficient economic agents" too. It's gotta be simple, right? That's why you gave us the one line, after all.
"You don't actually want this cheeseburger, we are just telling you that you do" sounds like it would be a real buzzworthy campaign today to be perfectly honest. Do you leave your house?
the chickens wish to be treated nicer by the factory farm infrastructure
the factory farm infrastructure does not notice; it cannot notice
The article doesn't define what exactly they mean by "risks women safety".
I don't buy into the idea that all or any advertising is a "safety" issue if that is where they're going. I think there's a very weird type of patronizing that goes on where suddenly we fear for everyone's ability to deal with advertising as if they've got no self control or agency ...
A state like Texas being able to track a woman’s period means they will know when she becomes pregnant or ceases to be pregnant. That’s potential evidence of a felony in Texas. You connect the dots from there.
I don't buy into the idea that ANY possible evidence is a legitimate risk for being prosecuted when it would take a GREAT deal more than that to get to that point.
Would flight info, rental car data, etc also contribute?
Emails saved ...
Why wouldn’t email, flight info, rental car data, etc. also be contributing? You’re aware of course that some states make traveling to get an abortion a crime? Idaho specifically?
You’re bandying about ideas when the people pushing this crap want a return to chattel slavery.
A great deal more like for example a private cause of action bounty program and a clear & established commitment to using technological surveillance to pursue and punish people who have had abortions?
https://en.wikipedia.org/wiki/Texas_Heartbeat_Act
https://www.the-independent.com/news/world/americas/crime/te...
Third paragraph:
"The report’s authors caution that cycle tracking app (CTA) data in the wrong hands could result in risks to job prospects, workplace monitoring, health insurance discrimination and cyberstalking – and limit access to abortion."
If you want to trace the claims to their sources, you can read the full report from MCTD Cambridge here: https://www.mctd.ac.uk/wp-content/uploads/2025/06/The-High-S...
It's not a secret that women of fertile age have periods.
How knowing the specific days could add all those risks is hard to see.
I get why it's icky from a privacy standpoint.
One hypothetical vector is that you can find out which women aren't menstruating normally, meaning they could be pregnant. If that information makes it into the hands of employers or even recruitment platforms that can manifest as discrimination. Typically, women have to be incredibly careful not to give employers the impression they might be pregnant or might be trying to be pregnant.
There's also angles of chronic illness, for example, you could maybe find out which women have PCOS or endometriosis and would therefore be more likely to request time off work.
In general, we've worked very hard to make sure employers cannot find out this data, going so far as to make it explicitly illegal to ask, even in a voluntary disclosure context. But data tracking complicates the situation, and if there's enough convolution you can get real-world results without technically breaking the law. For example, consider RealPage, which uses data analytics to facilitate collusion in the renting market. When we introduce algorithms and heuristics into systems like hiring, we might unintentionally be using biases in the data against applicants.
The report has case studies and citations in the section "Individual Harms: Tracking Data used against Users": https://www.mctd.ac.uk/wp-content/uploads/2025/06/The-High-S...
You can use those to determine the authors' claims and follow their sources to determine whether or not you accept those claims.
The article notes that this data would reveal abortions or miscarriages, and that in some states this information is used as input for criminal prosecution.
Additionally, using implicit hormone levels to adjust the ads that people with menstruations see is uniquely predatory and manipulative. It also serves to "out" trans men when this data can be tied to a profile of someone who as chosen a non-female gender on other online platforms.
Advertising by itself is directly harmful. Its secondary effects on the world are catastrophic. Adding a new layer of "this person is PMSing, let's give them makeup ads because they're feeling insecure" is just evil.
Advertising is what's justified our shiny new 1984 surveillance grid. Advertising is risking all our safety!
Did I miss the part where the data risks women's safety? I was particularly interested in that part of the headline, but I didn't see it detailed in the article.
Third paragraph:
> The report’s authors caution that cycle tracking app (CTA) data in the wrong hands could result in risks to job prospects, workplace monitoring, health insurance discrimination and cyberstalking – and limit access to abortion.
Did you miss it or are you disagreeing with these being a threat?
Or violence or even death. Certain cultures don't take to kindly to pregnancies outside marriage, or maybe the family disagree with the choice of partner. A cousin works for the app company, leaks the information about an unexpected pregnancy to a conservative father or uncle. Girls is shipped of to family back home and is tragically stabbed to death a few days after arriving.
Most people who collect data of this type of data lacks imagination if they don't think it can be misused.
More likely they believe that because they only collect the information they aren't culpable for what other people do with it.
Good point about family violence threats. That wasn't in the article, but makes sense.
The cyberstalking is the most applicable, but I dont see what the menstral data would provide vs not having the mentstral data. A name and address could present a potential threat, but knowing which days someone is bleeding one doesn't seem to be useful in attacking someone unless you believe it makes them a weaker target or something.
The others aren't about safety. The one about restricting abortion is a false attribution as the laws would be the thing actually restricting it, not the use of the app.
I'm not saying the problems shouldn't be addressed, but claiming safety is at risk is a bit of a stretch.
> knowing which days someone is bleeding one doesn't seem to be useful in attacking someone unless you believe it makes them a weaker target or something.
I have other things to say here but immediately this is a wildly gross and sexist way to phrase this.
> The others aren't about safety
> risks to job prospects, workplace monitoring, health insurance discrimination
A threat to livelihood and proper health care is a threat to safety, and the fact that you don't recognize that should hopefully trigger some amount of self-reflection.
Beyond that the fact that you can't make the really simple connection between knowing someone's menstrual cycle and knowing their pregnancy status means I deeply hope you take some time to self-reflect and maybe consider that you don't quite have the tools to engage in a nuance conversation about this and should instead take some time to listen to others
"A threat to livelihood and proper health care is a threat to safety, and the fact that you don't recognize that should hopefully trigger some amount of self-reflection."
A threat to livelihood is not a direct threat to safety. If we take this indirect route of logic, it can be applied to anything. Furthermore, how is it a threat to livelihood? Don't we have protected statuses for pregnant women in employment law?
"Beyond that the fact that you can't make the really simple connection between knowing someone's menstrual cycle and knowing their pregnancy status means I deeply hope you take some time to self-reflect and maybe consider that you don't quite have the tools to engage in a nuance conversation about this and should instead take some time to listen to others"
I'm asking legitimate questions, but I'm getting emotional responses instead of logical ones. You're making implications here about menstrual vs pregnancy status but not forming an actual response about them.
the most obvious is that abortions are illegal in the US and you can monitor that status through the app.
So in extreme cases if you are pregnant and the baby is going to kill you, you aren't allowed to abort it - get an illegal abortion - woops the app spied on me and now you are in prison.
Elective abortions are illegal in some states. Even the most restrictive states, like those with six week bans, include exemptions for things like ectopic pregnancy and preeclampsia.
Further, nationwide abortion rates are at an all-time high. The fall of Roe vs Wade has not moved the needle on that count.
While the letter of the law is one thing, the other aspect we have to consider is the intentional chilling effects these laws introduce. Doctors and providers are understandably more much hesitant to administer abortions, even in circumstances where it would be legal.
In highly restrictive states, the result is it's very difficult to get a doctor to stand by your abortion, even if you really need it. And, more concerning, some out-of-state doctors won't do it either, for fear of prosecution. States like Texas have demonstrated they intend to overstep and prosecute individuals getting abortions in other states.
For doctors, it's a game of risk-reward. They need to balance their own personal safety and employment, as well as their medical license and reputation. Many have decided it's not worth the risk.
More than just elective abortions, the ambiguity of the laws and serious threat to doctors are also preventing life-saving abortions
https://www.pbs.org/newshour/show/investigation-links-georgi...
I didn't really see laws as a threat to safety. While their enforcement can be, that train of thinking can be applied to anything. If you have a machine gun that isn't registered, is the app you took notes about it in a threat to your safety, or is it the law/enforcement? You can have people believe very strongly that abortion is a right or that owning an unregistered machine gun is a right. There may be implicit value based bias if we want to treat circumventing one scenario more favorably than circumventing another. At the heart of the issue, society/government is a threat to anyone who is breaking the law, which is implicitly how laws work.
> I didn't really see laws as a threat to safety.
I'm going to lay off of responding to you after this, I know I've made a couple of responses and quick succession, but these laws are a threat to safety in that they are preventing women from getting life-saving medical attention. Here is one example but there are many
https://www.pbs.org/newshour/show/investigation-links-georgi...
As usual, we need laws preventing gross (in every sense) invasions of privacy. Building new apps that aren't evil still allows the evil ones to exist. Targeted advertising as a whole should be eradicated.
Laws don't seem to work when it comes to Meta, Google, et. al. They just do what they want anyway.
Truly - how is this not data theft?
Because you "technically" agreed to it in the 5000 words long terms and conditions, you also agreed to the clause that says they can change at anytime.
Maybe limit the contract that a person (who is not a professional in the subject of the contract) can sign to 200 words. Anything past the 200th word doesn't exist even if you sign it.
> arguing that apps must provide clear consent options rather than all-or-nothing data collection
What's wrong with "nothing"? Other than the companies not being able to squeeze a few more dollars out of selling user data, of course
the 'nothing' doesn't mean no data sent - it means you don't get access to the app's features if you don't consent to the data collection.
Combine this with the Meta Pixel illegal localhost tracking that bypasses privacy measures [1] [2] and the privacy leaking could be off the scale.
I think this goes for all things - medical data such as heart rate, blood sugar, steps, weight, VO2 max, etc, could all be seriously misused.
Personally I try to use apps that are not cloud-based, or make my own, but this isn't an option for everybody.
[1] https://www.zeropartydata.es/p/localhost-tracking-explained-...
You don't need a Meta pixel if the app simply... shares the data with Facebook, as Flo was caught doing.
https://en.wikipedia.org/wiki/Flo_(app)#Privacy_and_security...
In the current climate, no one should use a menstrual tracking app of any kind, even those with on-device-only data. Asking normal people to figure out the risk profile of that data, and to evaluate the trustworthiness of a given app, is just too much.
Use a paper calendar.
The risk profile of paper seems to be equal to the risk profile of on-device-only? How do they differ?
Something you have v. something you have
The argument is that normies can't differentiate between apps that are really safe (i.e. on-device processing + data) versus apps that merely say they are safe, nor do they have the tools/knowledge to verify these claims.
It's safer then to recommend to stay away from apps entirely, and rather use paper, for as long as you have that piece of paper, your data is private and safe.
You can give file access to other apps on your phone, no? Apps can be sold to a new owner with different views on what to do with this data. Data on a device vs data on an Internet connected device vs paper have obvious differences.
The practicality of dragnetting it. Google and Apple could decide or be forced to start syncing that previously only-local data. There is no central entity to mass-collect paper without sending out an army of people to raid homes.
Paper is easier to destroy quickly, and to also plausibly lose or deny having.
This is actually one of the biggest problems I've found with Yubikeys: they're both too fragile yet also hard to reliably, deliberately destroy quickly.
I really don't agree. If I take a photo on my phone, it can be deleted in less than a millisecond. Shredding a paper calendar takes at least 30 seconds. I don't see denial of ownership as a legitimate strategy to data confidentiality.
if you have an iphone [0], im not exactly sure how you’re able to truly delete a photo in a millisecond as you have to go through
* a pop up dialog confirming you want to delete the photo with the below message
> This photo will be deleted from iCloud Photo on all your devices. it will be in Recently Deleted for 30 days.
* deleting the photo a second time from recently deleted folder, with a second confirmation dialog
> this will delete the selected photo from icloud and all connected devices
bonus round: any device which has previously downloaded the photo, but is not connected to icloud services at the time of deletion, requires you to physically go to that device and connect it to icloud / manually delete the photo all over again.
—
versus, take cigarette lighter out of pocket, start burning paper, wait.
[0]: statistically probably quite likely given HN demographics and iphone market share
It can be marked as deleted in the file table. Destroying a paper can be done on the toilet or simply eaten.
nitpick: data is at least partially recoverable for both of these examples for a period of time as well. so they are kind of soft deletes.
but yeah, probably much faster to full delete than most cloudy services with backups. along with some other anti-recovery benefits (the bodily fluids kind).
iPhone and Android now use file encryption for every file. Impossible to recover a file as both file and key are deleted.
Assuming the ToS for your photo app didn't change at some point and do something different with the data.
Even people in Canada? New Zealand?
Many billions of people live completely free of this concern.
> Use a paper calendar.
Well yes and no. I do see what you're getting at, but in certain environments, e.g. abusive relationships, it might be easier to keep you secrets on your phone. You're more likely to be able to keep track of it at all times, as compared to a notebooks or a calendar. It can also store years of data easily. Ideally storing these things in the cloud would be safer that storing them on device or on paper, but that assumes that the cloud providers can be trusted.
So in this case the menstrual tracking app would be a cloud service that only you have access to. Data stored encrypted, only to be unlocked when you access it. It's just, you can't monetize that easily and how would people who truly need 100% privacy pay? Bitcoin, how would they get Bitcoins?
The article doesn't explain how their safety is at risk.
Women do not have legal autonomy over their bodies in the US, and health data especially dealing with reproductive matters has been used to target individuals.
One of reasons I am underwhelmed by all the smart sport watches. When eventually their DBs get hacked or they sell data willingly, I dont want my employer to see that I was running in the forest during lunch time, or my health insurance to see any circulatory anomaly if I had any.
Fuck that, I will start ignoring that few years before retirement, not a second earlier. Its a shame, and I know people like me wont bend the direction we firmly head towards
OTOH, my mom went to the doctors because her watch showed data that made no sense (aerobic exercise all day when she was at work - retail is not that much work), and that started the chain that eventually found her cancer early and thus it was more treatable and she in turn is alive.
We detected an anomaly in your circulatory system. Your insurance premium has now been increased.
Further advisory from BioMon Sentinel Node 7: Irregular fluctuations in hemodynamic integrity suggest low compliance with your prescribed wellness protocol. Molecular telemetry indicates caffeine saturation at 347% above neural-optimal threshold. Risk cluster escalation: Tier Sigma-4.
Your vitals have been submitted to the Actuarial Nexus. A claim adjustment algorithm is currently rewriting your financial destiny.