Photo by Dan Nelson on Unsplash
Photo by Dan Nelson on Unsplash

EXPERT REACTION: All the ways your menstrual tracking data can be misused

Embargoed until: Publicly released:
Not peer-reviewed: This work has not been scrutinised by independent experts, or the story does not contain research data to review (for example an opinion piece). If you are reporting on research that has yet to go through peer-review (eg. conference abstracts and preprints) be aware that the findings can change during the peer review process.

A new Cambridge University report highlights the privacy risks of period tracking apps. Such apps are marketed as a way for users to understand and plan around their menstrual cycles, but the detailed health data they collect often aren't protected like other medical data. The report warns of numerous risks from data exploitation, including targeted advertising around pregnancy, health insurance discrimination, policing of abortion access, and data misuse to undermine court testimony. The author's recommendations include education about these risks, period health research to reduce reliance on apps, and better regulation and transparency.

Research: Paper

Organisation/s: Minderoo Centre for Technology and Democracy, University of Cambridge

Funder: N/A

Media release

From: University of Cambridge

Menstrual tracking app data is a ‘gold mine’ for advertisers that risks women’s safety – report

Menstrual cycle tracking apps are a “gold mine” for consumer profiling, collecting information on everything from exercise, diet and medication to sexual preferences, hormone levels and contraception use, according to a University of Cambridge report.

A report from Cambridge’s Minderoo Centre for Technology and Democracy argues that the financial worth of this data is “vastly underestimated” by users who supply profit-driven companies with highly intimate details in a market lacking in regulation.

The report’s authors caution that cycle tracking app (CTA) data in the wrong hands could result in risks to job prospects, workplace monitoring, health insurance discrimination and cyberstalking – and limit access to abortion.

They call for better governance of the booming ‘femtech’ industry to protect users when their data is sold at scale, arguing that apps must provide clear consent options rather than all-or-nothing data collection, and urge public health bodies to launch alternatives to commercial CTAs.

“Menstrual cycle tracking apps are presented as empowering women and addressing the gender health gap,” said Dr Stefanie Felsberger, lead author of the report from Cambridge’s Minderoo Centre. “Yet the business model behind their services rests on commercial use, selling user data and insights to third parties for profit.”

“There are real and frightening privacy and safety risks to women as a result of the commodification of the data collected by cycle tracking app companies.”

As most cycle tracking apps are targeted at women aiming to get pregnant, the download data alone is of huge commercial value, say researchers, as – other than home buying – no other life event has such dramatic shifts in consumer behaviour.

In fact, data on pregnancy is believed to be over two hundred times more valuable than data on age, gender or location for targeted advertising. The report points out that period tracking could also be used to target women at different points in their cycle. For example, the oestrogen or ‘mating’ phase could see an increase in cosmetics adverts.

Just the three most popular apps had estimated global download figures of a quarter of a billion in 2024. So-called femtech – digital products focused on women’s health and wellbeing – is estimated to reach over US$60 billion by 2027, with cycle tracking apps making up half of this market.

With such intense demand for period tracking, the report argues that the UK’s National Health Service (NHS) should develop its own transparent and trustworthy app to rival those from private companies, with apps allowing permission for data to be used in valid medical research.

“The UK is ideally positioned to solve the question of access to menstrual data for researchers, as well as privacy and data commodification concerns, by developing an NHS app to track menstrual cycles,” said Felsberger, who points out that Planned Parenthood in the US already has its own app, but the UK lacks an equivalent.

“Apps that are situated within public healthcare systems, and not driven primarily by profit, will mitigate privacy violations, provide much-needed data on reproductive health, and give people more agency over how their menstrual data is used.”

“The use of cycle tracking apps is at an all-time high,” said Prof Gina Neff, Executive Director of Cambridge’s Minderoo Centre. “Women deserve better than to have their menstrual tracking data treated as consumer data, but there is a different possible future.”

“Researchers could use this data to help answer questions about women’s health. Care providers could use this data for important information about their patients’ health. Women could get meaningful insights that they are searching for,” Neff said.

In the UK and EU, period tracking data is considered “special category”, as with that on genetics or ethnicity, and has more legal safeguarding. However, the report highlights how in the UK, apps designed for women's health have been used to charge women for illegally accessing abortion services*

In the US, data about menstrual cycles has been collected by officials in an attempt to undermine abortion access.** Despite this, data from CTAs are regulated simply as “general wellness” and granted no special protections.

“Menstrual tracking data is being used to control people’s reproductive lives,” said Felsberger. “It should not be left in the hands of private companies.”

Investigations by media, non-profit, and consumer groups have revealed CTAs sharing data with third parties ranging from advertisers and data brokers to tech giants such as Facebook and Google.

The report cites work published last month from Privacy International showing that, while the major CTA companies have updated their approach to data sharing, device information is still collected in the UK and US with “no meaningful consent”.

Despite data protection improvements, the report suggests that user information is still shared with third parties such as cloud-based delivery networks that move the data around, and outside developers contracted to handle app functionalities.

At the very least, commercial apps could include delete buttons, says Felsberger, allowing users to erase data in the app as well as the company servers, helping protect against situations – from legal to medical – where data could be used against them.

“Menstrual tracking in the US should be classed as medical data,” said Felsberger. “In the UK and EU, where this data is already afforded special category status, more focus needs to be placed on enforcing existing regulation.”

The report stresses the need to improve public awareness and digital literacy around period tracking. The researchers argue that schools should educate students on medical data apps and privacy, so young people are less vulnerable to health hoaxes.

The report ‘The High Stakes of Tracking Menstruation’ is authored by Dr Stefanie Felsberger with a foreword by Professor Gina Neff and published by the Minderoo Centre for Technology and Democracy (MCTD).

Notes:

*Case studies – UK:

Women accessing illegal abortions:

According to the British Pregnancy Advisory Service (BPAS), from 1967 to 2002 only three women were convicted of having an illegal abortion in England and Wales, but since then the number has increased drastically.  Abortion provider MSI reports of almost ‘60 criminal inquiries in England and Wales since 2018, compared with almost zero before’.

The increased number of investigations does not mean more illegal abortions are taking place, but indicates increased police focus on miscarriages and unexplained cases of pregnancy loss, leaving judges ‘flabbergasted’ as to why some cases reached court.

Women suspected of illegal abortions are pushed into tests during hospital stays after procedures without legal representation. Police have also repeatedly requested data from abortion providers on people who have been turned away from a BPAS clinic because they were over the legal limit for an abortion (which the BPAS has refused to provide). Those under investigation routinely have their phones and other electronic devices confiscated. Police have also made requests for data from menstrual tracking applications in the course of police investigations.

Abortion civil rights organisations have raised their concerns over the use of CTA data in investigations. It is not only data from CTAs, but also text messages and search history that have been used in investigations. Nonetheless, the threat of CTA data being used in police investigations in the UK is of great concern to users. This is taking place in a context where the UK government has put pressure on tech companies to develop inbuilt backdoors into the encrypted services they offer.

**Case studies – US:

Tracking data as court evidence

In 2015, Jeannine Risley reported being sexually assaulted at her boss’ home where the police found a knife, overturned furniture, and a bottle of vodka. She informed police that she lost her FitBit in the struggle with the assailant. When her FitBit was recovered and its data downloaded, the tracker’s movement and heart rate data was taken as contradictory evidence to Risley’s testimony. Risley was charged with making a false report to the police and fabricating evidence.

Preventing abortion access in the United States

Two cases in the US have demonstrated the continuing use of menstrual data against those with periods. In Missouri, the state’s health department kept track of the menstrual cycles of patients in an attempt to investigate failed abortions. Officials also tracked medical ID numbers, gestational age of foetuses, and dates of medical procedures. The investigation led to the withholding of St. Louis’ Planned Parenthood license and led to a state hearing. During President Trump’s first administration, the Office of Refugee Resettlement tracked and monitored the menstrual cycles of unaccompanied minors seeking asylum as part of efforts to prevent them from accessing abortions, even in cases of rape.  The spreadsheet containing dates of menstrual cycles, how long people had been pregnant, whether sex had been consensual, and if they had requested abortion access was made available to the public through a freedom of information request and published by MSNBC.

While in these examples the data did not come from menstrual trackers, but was compiled by others about people’s menstrual cycle, it illustrates how central menstrual tracking data is in efforts to prevent access to abortion services.

Attachments:

Note: Not all attachments are visible to the general public

Expert Reaction

These comments have been collated by the Science Media Centre to provide a variety of expert perspectives on this issue. Feel free to use these quotes in your stories. Views expressed are the personal opinions of the experts named. They do not represent the views of the SMC or any other organisation unless specifically stated.

Associate Professor Bryndl Hohmann-Marriott, Co-Director of the Menstrual Health Research Network and Head of the Sociology, Gender Studies and Criminology Programme at the University of Otago, comments:

‘The High Stakes of Tracking Menstruation’ by Dr Stefanie Felberger of the Minderoo Centre for Technology and Democracy is a timely and necessary wake-up call alerting us all to the misuse of our vital health data. Menstrual-cycle tracking apps offer potential for being helpful and are used by hundreds of millions around the world. However, app users may not be making a genuine informed choice in a policy environment that does not sufficiently protect privacy. Menstrual cycle and reproductive justice matters to us all.

"This report offers a concise overview of the key concerns for individual app users. Regardless of apps’ accuracy (or lack thereof), apps are no substitute for limited healthcare and research in this essential area. Widening the focus to structural issues offers particularly useful insights. This new report highlights ways that cycle data is mined and combined with the aim of influencing and policing us. I can confirm from my own research that Aotearoa New Zealand app users may not fully appreciate how powerful their period data is.

"“Cycle tracking apps propose an individual solution to societal problems such as a lack of healthcare services and research gaps in menstrual and reproductive health. Their usefulness in some ways rests on the continuation of these structural problems faced by people with periods. In moving forwards it is crucial to remember that changing individual tracking habits will not make users of cycle tracking apps safer, even if they use a secure app. It also will do nothing to alter the urgent need users have for tracking apps, or make menstrual tracking data more accessible for medical research.” (p. 33)

"All of us need to know more about the use and misuse of our sensitive self-tracking data, so that we can add our support to policy that protects our health data. We must improve healthcare, policy, and research. It is also essential to have independent apps that are driven by healthcare, education, and research rather than profit.

Last updated: 12 Jun 2025 10:35am
Declared conflicts of interest:
No conflicts of interest.

Professor Holly Thorpe, Associate Dean Research, University of Waikato, comments:

Health App users around the world are increasingly asking critical questions about who owns and stores their health data, and what that data could be used for. There is a growing body of research focused on those using Menstruation Tracking Apps (MTAs) for reproductive health, particularly as governments are shifting policies about sex, gender and reproductive health.

"The new study out of Cambridge aligns with some of our findings that will be published tomorrow, focussed on New Zealand women.

Last updated: 12 Jun 2025 10:37am
Declared conflicts of interest:
Holly Thorpe is a co-author of a separate paper about Kiwis' views on period tracker privacy risks.

Anna Friedlander, PhD candidate at the University of Waikato, comments:
 

In our research, which is being published tomorrow, we asked New Zealand period tracking app users what they thought about the data risks of these apps. About half of the users we spoke to didn't think their period data was risky. Some of these users imagined mostly positive uses for their data, like improving apps or contributing to women's health research. Others did perceive possible risks and sometimes engaged in risk minimisation strategies. This group was often largely resigned to their data being used by period tracking apps in ways that they didn't want or didn't know about.

"Some app users in our study contextualised their understanding of period tracking app data risk with respect to reproductive rights - risks that are highlighted in the Cambridge study released today.

"The range of ways in which participants in our study perceived risk shows how difficult it can be to understand and mitigate risk at an individual level. It shows how important it is to have strong protections for our intimate health data.

"That some participants in our study contextualised risk with respect to overseas changes like the overturning of Roe v Wade illustrates that we are living in a globally connected world. On the other hand, the fact that some participants referenced local legislation and concepts like mana motuhake and rangatiratanga shows that it is vital that our data protection regulation is locally relevant to menstruators in Aotearoa.

Last updated: 12 Jun 2025 10:32am
Declared conflicts of interest:
Anna Friedlander is lead author of a separate paper about Kiwis' views on period tracker privacy risks.

News for:

International

Media contact details for this story are only visible to registered journalists.