- cross-posted to:
- technology@beehaw.org
- cross-posted to:
- technology@beehaw.org
The team behind menstrual health and period tracking app Clue has said it will not disclose users’ data to American authorities, following Donald Trump’s reelection.
The message comes in response to concerns that during Trump’s second presidency, abortion bans that followed the overturn of Roe v. Wade in 2022 will worsen and states will attempt to increase menstrual surveillance in order to further restrict access to terminations.
You must log in or register to comment.
I don’t know much about menstrual cycles. Wouldn’t it be easier and just as effective to track with pen and paper?
nah. Think about how good computers are at pattern recognition and long term storage for analysis. Far superior to a pen and paper
Period tracking apps should store no data at all in the cloud.
But how will they make their money mate?
no cloud or get fossed, son.
Seriously how some business makes money doesn’t matter in the context of state surveillance
Is there an open source period tracker that you have contributed to?
There are calendar apps, which should get the job done, assuming your menstrual cycle is pretty regular.
Why would you assume the cycle is regular? It’s a biological process that can vary quite a bit, which is part of why you would want to track it in the first place. There’s also much more to track that just the expected start date of your next cycle. The various tracking apps are quite a bit more involved than just a calendar.
Yeah, I know they’re not necessarily regular, seeing as I’m married to someone with menstrual cycles. I guess I’m just not very familiar with what kind of data a calendar and a spreadsheet can’t solve just as easily.
Some people want convenience of accessing the data between devices.
It’s okay to store stuff in the cloud just make it’s encrypted deeply and thoroughly and that the user is the only person with the key.
There’s absolutely no reason for them to have access to this data.
Yup. I use Tuta for email, and they have a calendar feature that should be more than sufficient. Just set a recurring event for 28 days or whatever your personal cycle is, and you’re good to go! Everything is E2EE, so there’s nothing for the authorities to get.
I’m sure Proton Mail’s calendar feature is equally sufficient here, or you could self-host something like NextCloud and use the calendar that way.
It’s not about having a rigid schedule, but about actually tracking periods and analyzing the data. I’m male and that’s about all I know about it
Eh, a calendar and a spreadsheet should be enough, but I also don’t have menstrual cycles, so what do I know…
I’d imagine it’s the same as personal finance apps. A spreadsheet can be enough, and it is enough for a lot of people, but a custom app can make things easier:
- reducing the friction of keeping track
- built in visualizations
- alerts
- integrating the data with other tools
etc.
This kind of surveillance should be something every platform fights against. Remember that the government does not own you and they are only entitled to any of your data at all when necessary to uphold the law and under a warrant. Protect your right to privacy or they will use what you do I private to justify stripping you of all your other rights in the name of justice they will at that point no longer uphold.
Every corporation registered under the US law is subject to the US law.
If you relying on a corpo to protect your data… 🤡
Biowink GmbH is probably not a corporation registered under US law. If I had to guess, the government of Germany will not be particularly eager to force them to turn over data to the USA. The Germans take their Datenschutz very seriously.
Great point. Then they can take the hard stance but I doubt they will not to piss off largest consumer market in the world.
They’ve already taken the hard stance. If they roll it back, they will lose the trust of their users.
🤞
I’d still echo the (current) top comment’s advice to use something open source, local, and encrypted.
No I’m relying on people to protect their own data, I’m saying that platforms should too. Edit: also most of the time they don’t have to turn over anything but do so willingly, they should say no unless presented with a valid warrant.
Corpos are unreliable but yes they should at least pretend not to turn it over.
Unless corpo is using zero knowledge set up, don’t use it is the really the only way to use a corpo service imho
They say that, but when Ken Paxton subpoenas them they will say they have no choice. It would be better to use an app that doesn’t store this data server side at all.
FOSS Period Tracking Apps Exist: (there may be others, as well)
https://fossdroid.com/a/bluemoon.html
https://fossdroid.com/a/mensinator.html
https://github.com/TotallyMonica/foss-period-tracker
Also paper and pencil.
Also the oldest known “writing” is a stick with 28 notches on it.
How does an app being FOSS defend them from warrants?
It doesn’t, but with these apps, you can see what information they send back to their servers (if any). If there is no info getting sent back to any servers, then there’s nothing a subpoena can do since there’s no info to subpoena. You can’t obtain info that just isn’t there.
That makes sense. Thank you!
Simple. Most FOSS are built for privacy and thus do not harvest data to send to some server somewhere in the world for whatever obscure reason. The data is locally stored on your device and stays and dies there.
No callback, no selling nor surrending data.
Personally speaking, I’d quicker have all data banks destroyed than surrendered to whatever purposes, if I ever decided to build an aplication that somehow compiled data.
Something being FOSS doesn’t necessarily mean it’s safe / ethical, but a LOT of FOSS apps are designed with those principles in mind.
However, being FOSS means that if an app claims that it is safe / ethical (ex. In this case, not storing data anywhere but on your device), you or an experienced peer can check the code to verify that fact.
FOSS implies it’s your hardware, therefore a subpoena would extract no information because there is no information outside of the users device.
Interesting, thank you. I guess I don’t know enough about FOSS then.
“Free and open source software.” It’s an ethos that says that code should be free and open for people to use and improve as they see fit. The core of it is that if you modify any software that is FOSS, your software must also be FOSS. So overtime the software and what its used for improve, change, widen. Lucky for us, the movement has been ongoing for 50+ years, so it’s a mature ethos whose benefits are everywhere. Most of the internet runs on FOSS. Lemmy itself is FOSS.
It doesn’t necessarily mean an app is more private, but it does mean you can generally self host, as the commentor said. There isn’t a profit motive with most FOSS, at least not at its core, so there is little desire to data harvest generally. There is also a heavy overlap between FOSS advocates and privacy advocates, so they tend to be more privacy conscious via local data storage or encryption.
Ok yeah, I understood everything in your first paragraph. The privacy part was what I was really asking about. So if you’re not self hosting you’re still at the whim of the person/company/whatever that is.
You could also argue that if even if you’re not self-hosting (i.e. renting server hardware from a 3rd party), your data is still in a siloed environment. While it may be accessible by law enforcement if you are targeted specifically, it’s unlikely to be dragnetted like the data collected from popular apps.
Just to key in on the overlap between FOSS and privacy, because the source code for the software is open, it means that anyone can take a peek at how everything is running under the hood (among other things). It becomes possible to verify that software is storing data locally and properly encrypting when applicable (as opposed to blindly trusting the software’s author and or lawyers).
It may also be a fun fact that best practice in encryption is to open source your algorithms. The helps safeguard against backdoors and mistakes/ errors that could compromise the security of the algorithm. Much for similar reasons as above, as it allows the security community to check your math (in a field where it is incredibly easy to get your math wrong).
Good news but kind of bad that they say this publicly.
The pro of showing support for reproductive rights, building trust and protecting user privacy is great for publicity but I am afraid the downsides will eventually lead to legal consquences, making the whole thing seen even more political than it already is and that it might have a huge impact on their business.
The last thing might sound stupid, but it’s a business. And if you have crazy woman who will not use this because they support the ban on abortions the sells will go down in for example republican states making the company MORE VULNERABLE to changing how they think about sharing data to authorities or not.
And yes america has woman who totally want the government to be in control of their bodies LOL. And yes america has many people who can’t even figure out the name of bordering states. States, not countries. Ask 10 americans and only 5 will know that Canada is directly above (North) of america and Mexico South.
You have Burger King removing the 1/3 pounder Burger because people thought it’s less than a 1/4 pounder Burger cause 4 is higher than 3 making Burger King have less sells on the 1/3 Pounder than the 1/4 LOL.
Sometimes not talking about specific topics is “more” than even speaking about it. Just don’t share data and say nothing, they won’t ask. Most maga’s trumpers won’t ask if you don’t give them a foundation to poop on.
This isn’t a company that has a great track record. They are saying this now when Trump is powerless as a form of advertisement. When up against a legal wall and at risk of losing advertisers or going out of business, they too will cave. In this era you get to say whatever you want right now and you don’t even need to apologize when you renig on it tomorrow.
You have Burger King removing the 1/3 pounder Burger because people thought it’s less than a 1/4 pounder Burger cause 4 is higher than 3 making Burger King have less sells on the 1/3 Pounder than the 1/4 LOL.
My bad :-)
BRB, going to sell 1/8 lb burgers to take advantage of dumb Americans
Research conducted by the Mozilla Foundation indicates that the app referred to in the article, Clue, gathers extensive information and shares certain data with third parties for advertising, marketing, and research reasons.
Here are some menstruation tracking apps that are open-source and prioritize user privacy by keeping your data stored locally on your device:
The only way to protect data is to not gather it.
Having your own data can be incredibly useful and valuable, the trick is protecting that data so that nefarious actors can’t use it.
False
So the government just needs to acquire this data from one of those third parties if it wants it.
Drip doesn’t save anything to the cloud, it’s all local to your device. I can’t speak to the others.
Which does mean one has to backup and manually move your tracking history to a new device. Guess who forgot to do that 😂
Good idea is to use something like Syncthing to copy data between your phone and another device like a laptop or another phone. This depends on the app, for Drip you have to manually export the data yourself on a regular basis.
Another useful idea is if you have an old phone lying around get it connected via Syncthing and back up everything to it. If your current phone dies or is lost you can switch back immediately, a hot backup. If you have root on your device you can use NeoBackup to schedule backups of the data into a folder Syncthing can access and send to backup locations, say a home computer or spare device.
so what they’re really saying is they won’t give it away for free
Where is Mark Zuckerberg when you need something to “accidentally” get leaked after billions of dollars are spent.
I hadn’t seen this comment, thanks for making it.
I don’t know if they’re already doing this, but they need to find ways to make security so robust that it is architecturally impossible for the business to handover useful data.
And here’s hoping courts continue to allow people to plead the 5th and not fork over passwords. If that protection falls, I don’t know how you’d design a digital workaround that would keep people out of contempt of court charges.
They could do it by not uploading any of the data, or if they do, uploading it encrypted with the only key being on the user’s device or a passcode.
Both are well established ways to secure data, but the company itself would not be able to interact with the data at all past storing it, so any features/revenue there would end.
Newsweek has reached out to Clue, the Trump campaign and Youngkin for comment via email.
I wouldn’t trust it. We now live in an era where, if you want control of any kind of information, you simply can’t share it digitally in any way.
Not a choice they can make, if they have the data then the government can compel them to turn it over
Why cant ladies just use their password manager and keep a log?
Because 99% of ladies, and gentlemen, don’t use password managers.
They just remember that shit?
They remember the one password that they use for everything.
It’s easy when you use the same password for encoding everything.
Yeah they may not cooperate with authorities, but I’m sure they’d be happy to sell it to contractors working on behalf of the government to the same ends. They already sell the info as it is.
Hey government perverts. Keep out of panties that are not on your own ass or your partner’s. And ask before you dive in. You’re disgusting!