Clue Period & Cycle Tracker

Ostrzeżenie: *Prywatność dla tego produktu do nabycia osobno

Clue Period & Cycle Tracker

BioWink
Wi-Fi

Data recenzji: 9 sierpnia 2022

|
|

Według Mozilli:

|
Według użytkowników: Nieco przerażające

Clue is a German-based period to pregnancy tracking app. Being based in Germany is an important selling point for Clue because it means they are governed by Europe's stricter GDPR privacy laws, meant to do a better job at protecting consumers privacy than laws just about anywhere else in the world. Clue says it uses 30+ different tracking options to help you understand how your menstrual cycle affects things such as mood, skin, cravings, energy levels, ovulation, fetal development, pregnancy symptoms, and more. Free to download, Clue offers a yearly subscription for about $40. How does Clue look from a privacy perspective? Well, we think they're OK. We also see a couple places where we think they could do a bit better.

Co się może stać, jeśli coś pójdzie nie tak?

The makers of the Clue Period & Cycle Tracker app really, really want you to know they take privacy and security seriously. They've written many a blog post about how they do this. There's this one from Clue's Co-CEOs on patient data privacy, and this one about Clue's response to the overturning of Roe vs Wade in the US, and this one about the journey of one of your data points, and this one about how Clue says they make money, and this one about scientific research at Clue. And, of course, there is their privacy policy, which, we will give them, is one of the easier to read privacy policies we saw during our research.

It's always nice to see a company that makes an app that collects such sensitive health data tell us they take privacy and security seriously in ways that are accessible to all their users. We appreciate that. That said, we do have some concerns about Clue's privacy and security. Clue is so close to being good at privacy, from our perspective. Unfortunately, it seems they just miss the mark in a couple of places that leave us a little concerned.

First, for the good. Clue states they never sell your data. Yay! And, because Clue is based in Germany and governed by GDPR, Europe's stricter privacy laws, and most user data is stored there, it does provide users with better and stronger privacy when it comes to how their data can be used and what rights they have to access it and delete it. And Clue, as seen in their many blog posts above, does understand that people in the US are concerned about the privacy of their reproductive health data following the end of Roe vs Wade.

But there are concerns. First, Clue does collect a whole lot of information. Things like name, age, email address (if you create an account), device and app usage data such as device ID, IP address, location (but not precise location), and sensitive health data you chose to track in the app such as weight, body temperature, period length, sexual activity, birth control methods, cravings, mood, energy levels, and more. Clue does say they store your personal profile data separately from your cycle tracking data, which is good. Still, that's a whole lot of information the app can collect on you and store. Clue says they store things securely, but we always have to remind people, nothing stored on the internet is ever 100% safe.

It is great that Clue says they don't sell your information. They do however share some data with third parties for advertising, marketing, and research purposes. Clue says, "we do share a minimal amount of data about our users with advertising networks (but we never share the menstrual or other health data you track in the app)… If you are not comfortable with any data being shared for ad optimization, then you can go to Settings and change your preferences." So, you must opt out of your data being shared for advertising. Too bad it's not opt-in, we'd much prefer that. And Clue is very clear that they "do not share any of the data you track with advertisers or other third parties for their use." This is good.

When it comes to sharing data for research purposes, Clue says, "we share data with carefully vetted researchers to advance female health studies. For that purpose we de-identify your personal data by removing or hashing personal identifiers so that neither the researchers nor any third parties can link it to you." This is generally OK. However, we do like to remind folks that it has been found to be pretty easy to re-identify such data, especially if location data is included.

What we found that isn't OK is this statement in Clue's privacy policy: "By using the app you consent that Clue may use cookies and third-party services, and collect your usage data under a unique identifier, as well as your date of birth for the purposes of tracking, analysis, and improvement of our website and app, as well as advertising purposes such as showing you relevant Clue content." Clue says they use a unique identifier and your birth date to track you for things such as advertising and personalization purposes. This is data that could potentially be easily used to identify you, which worries us. And we're not alone. Back in 2020 privacy watchdog Privacy International also raised concerns about using date of birth as a tracker and potentially sharing that data with third parties.

And recently, Motherboard reported they were able to purchase data from the data broker, Narrative, that could be used to identify users of the Clue app. According to the article, "The data does not include information harvested from the Clue app itself, but rather is a list of devices that have the app installed that in turn could be used to identify users." This reporting raised enough concerns that the US Congress launched an investigation into data brokers and period tracking apps, including Clue, to try and better understand what data was available to buy and how better to protect consumers' privacy on this front. We're not sure Clue did anything wrong here. The data economy and data tracking is a vast and complicated world. Still, we think it's important for potential users of Clue to know this happened. We did reach out to Narrative with some questions about purchasing this data and they told us, "prior to May 2022, some data providers had data products regarding period tracking app installs available for purchase in the Narrative Data Streams Marketplace," and " in anticipation of the increased attention to women's health and privacy in light of the Supreme Court's decision to strike down Roe v. Wade, we updated our policy to remove any pregnancy/menstruation/other reproductive health app install data from the Marketplace to prevent any potential misuse of the data." So, here's hoping for the best in regards to buying this sort of data from data brokers (but still, we recommend you plan for the worst).

How does Clue look when it comes to sharing data with law enforcement? Well, here they look pretty darn good, as far as we can tell. They are based in Germany. They are governed by stricter GDPR privacy laws and they make it a point to clearly outline how they protect the data they store from any potential subpoenas or US government requests. We appreciate this very much. They told us in an email, "Disclosing sensitive reproductive health data in order to use it against the data subject would fly in the face of European data privacy principles, which seek to protect people against government surveillance. In the theoretical scenario that a German court did seek to enforce a foreign request, we would resist any such attempt with all means necessary to protect our users’ privacy." This is all good. However, we should mention that their privacy policy does include a bit of a caveat there when they state, "With regard specifically to the United States, the information we and our processors maintain is unlikely to be the subject of inquiry by a public authority in the US that would invoke such laws that may compel a processor to hand over personal information. The risk of such disclosure, however, cannot be eliminated."

Probably the biggest concern we found with Clue is on the security front. Unfortunately, Clue doesn't meet our Minimum Security Standards because they don't require a strong password. We were able to log in to the app with the very weak password of "1". That's bad. When we reached out to Clue to ask about this, they told us: "Clue requires authentication that can be done … by using an email / password combination. Encouraging even stronger password complexity will be addressed in the next major release planned for this summer." So, at least they know they need to do better and seem to have plans to upgrade their password requirement. We will update this review once we have confirmed a stronger password requirement has been implemented.

What's the worst that could happen with Clue? As always, hopefully nothing. But, as they themselves state in their privacy policy, "Usually, the biggest threat to the security and privacy of your data is that someone—probably someone you know—gains access to any of your devices without your consent." We sure hope no one uses this app, doesn't set a strong password because it isn't required, has an angry ex-partner access their phone and learn they had a potential miscarriage, reports this to law enforcement, and causes them to be investigated and harassed by the police for potentially having an abortion in a state where that is illegal. We sure hope that never happens, but these are the worries we all must consider right now.

Wskazówki, jak się chronić

  • Use the app without creating a profile: this way, your data will be processed at your device only, and will less likely end up in hands of data brokers.
  • Go to settings and opt out of data sharing for advertising purposes!
  • Activate a unique PIN code or activate TouchID (iPhone 5S-8) for the Clue app.
  • Do not sign up with third-party accounts such as Facebook or Google! It's better to login with email and password.
  • Chose a strong password! You may use a password control tool like 1Password, KeePass, etc.
  • Use your device privacy controls to limit access to your personal information via app (do not give access to your camera, microphone, images and videos).
  • Keep your app regularly updated.
  • Limit ad tracking via your device (eg on iPhone go to Privacy -> Advertising -> Limit ad tracking) and biggest ad networks (for Google, go to Google account and turn off ad personalization).
  • Request your data be deleted once you stop using the app. Simply deleting an app from your device does not erase your personal data.
  • mobile

Czy może mnie podsłuchiwać? informacje

Aparat

Urządzenie: Nie dotyczy

Aplikacja: Nie

Mikrofon

Urządzenie: Nie dotyczy

Aplikacja: Nie

Śledzi położenie

Urządzenie: Nie dotyczy

Aplikacja: Nie

Czego można użyć do rejestracji?

Facebook and Google account sign-ups available

Jakie dane zbiera ta firma?

Jak ta firma wykorzystuje te dane?

We ding this product for sharing personal data with advertisers by default with a right to opt out (rather than opt-in). And for using date of birth as an advertisement identifier.

"By using our app and our website you consent (in the case of the website, through opt-in in the cookie banner) that Clue may use cookies and third-party services, and collect your usage data under a unique identifier, as well as your date of birth for the purposes of tracking, analysis, and improvement of our website and app, as well as advertising purposes such as showing you relevant Clue content."

"[…] we do share a minimal amount of data about our users with advertising networks (but we never share the menstrual or other health data you track in the app). […] If you are not comfortable with any data being shared for ad optimization, then you can go to Settings and change your preferences.

"We do not sell your personal health data, we protect it and we would never disclose it for anyone to use against you."

"The data you track in Clue about your health and activities is considered sensitive personal data. Clue does not store sensitive personal data without your explicit permission. It is only when you give us explicit consent by creating a Clue account that we start storing all health and sensitive data you track on our secured servers, alongside the personal data necessary to create an account."

"We are very careful to give extra protection to your sensitive health data. We do not share any of the data you track with advertisers or other third parties for their use. This is not our business model."

"Clue may use your health data to create de-identified sets of data for academic and clinical research purposes, which Clue may transfer to its collaborators to further research into female health."

How the company says they may share data with law enforcement:

"We are a company incorporated under the laws of Germany and have no subsidiaries or branches outside Germany. GDPR, the European General Data Protection Regulation, obliges us to keep our users’ sensitive health data safe and private, and we honour this obligation.

We have never received such a request from German law enforcement, or from any other authority. As a matter of law and practice, we can not envisage any circumstances in which a German court would permit such a request from local law enforcement, or would be persuaded to enforce a foreign authority’s attempt to enforce their law. Disclosing sensitive reproductive health data in order to use it against the data subject would fly in the face of European data privacy principles, which seek to protect people against government surveillance. In the theoretical scenario that a German court did seek to enforce a foreign request, we would resist any such attempt with all means necessary to protect our users’ privacy."

Jak możesz kontrolować swoje dane?

All of our users - regardless of where they live - have the right to request for their data to be deleted.

We found no option to delete data in the app. Clue says that the way to delete data is to email them.
"Request the complete deletion of your data, including all past data sent to third-party services used for tracking and analysis, by reaching out to [email protected]. Your data will be deleted within 30 days."

"We do not retain your data in an identifiable format for longer than necessary to deliver our services."

Jaka jest znana historia tej firmy w zakresie ochrony danych użytkowników?

Średnia

In 2020 privacy researchers raised a concern that a birthday is used as a advertisement identifier. The practice still continues.

In May 2022, reporters from Vice managed to purchase a list of devices using Clue from data broker Narrative for $100. According to the report, "The data does not include information harvested from the Clue app itself, but rather is a list of devices that have the app installed that in turn could be used to identify users." The fault doesn't likely lie with Clue for data brokers obtaining this information. Still, this data was available for purchase from at least one data broker as recently as May 2022, which is a concern.

Informacje o prywatności dziecka

Clue does not knowingly collect or use personal data from children under the age of 13. By registering to a Clue account you are required to confirm that you are at least 13 years old, or that your parents have agreed that you can use the Clue app.

Czy ten produkt może być używany bez połączenia z siecią?

Tak

Przyjazne dla użytkownika informacje o prywatności?

Nie

Odnośniki do informacji o prywatności

Czy ten produkt spełnia nasze minimalne standardy bezpieczeństwa? informacje

Nie

Szyfrowanie

Tak

Silne hasło

Nie

Managed to sign up with "1" as a password. Clue wrote to us that "Clue requires authentication that can be done … by using an email / password combination. Encouraging even stronger password complexity will be addressed in the next major release planned for this summer." We will update this review once we have confirmed a stronger password requirement has been implemented.

Aktualizacje zabezpieczeń

Tak

Zajmuje się problemami z bezpieczeństwem

Tak

Clue has information security staff that manage reported vulnerabilities. They can be reported via security.text file (which outlines further scope and details), or by contacting the Clue Support Team via their app or website.

Zasady ochrony prywatności

Tak

Czy produkt wykorzystuje sztuczną inteligencję? informacje

Nie

An app tracks a woman’s menstrual cycle through machine learning. The app says they work closely with universities and scientists to improve female health and to find insights that benefit our users. The app also says it is not an AI: "The product uses data analysis and machine learning to calculate the user’s personalised cycle predictions, however this is not an AI."

*Prywatność do nabycia osobno

Dowiedz się więcej

  • Congress to Investigate Data Brokers and Period Tracking Apps
    Vice Odnośnik otwiera się w nowej karcie
  • Data Marketplace Selling Info About Who Uses Period Tracking Apps
    Vice Odnośnik otwiera się w nowej karcie
  • Supreme Court overturns Roe v. Wade: Should you delete your period-tracking app?
    TechCrunch Odnośnik otwiera się w nowej karcie
  • Here’s What Period Tracking Apps Say They Do With Your Data
    Vice Odnośnik otwiera się w nowej karcie
  • We asked 12 period-tracking apps about their post-Roe privacy policies
    Input Odnośnik otwiera się w nowej karcie
  • Consumers swap period tracking apps in search of increased privacy following Roe v. Wade ruling
    TechCrunch Odnośnik otwiera się w nowej karcie
  • Forget Tracking Your Period—Your Period (App) Is Tracking You
    Marie Claire Odnośnik otwiera się w nowej karcie

Komentarze

Masz uwagi? Podziel się nimi z nami.