AIToday

Period trackers leak intimate health data to ad firms, Mozilla finds

WIRED AI3h ago
Period trackers leak intimate health data to ad firms, Mozilla finds

Key takeaway

A Mozilla Foundation audit of six popular period-tracking apps found that most leak intimate reproductive health data to ad firms and analytics companies without clear user consent. Stardust, an astrology-themed tracker, scored the lowest at 2 out of 10, sending users' birth control type, pregnancy status, and symptom details to the analytics firm RudderStack and Facebook via persistent user IDs before the user even enters information. Only Euki, a nonprofit tracker, achieved a perfect 10 by keeping all health data on the device and requiring no account, showing that privacy-respecting design is technically feasible.

Summaries like this, in your inbox every morning.

Sign up free →

3 Key Points

  • What happened

    Mozilla Foundation and Harvard's Berkman Klein Center audited six popular period-tracking apps. Stardust scored 2 out of 10, sending users' reproductive health details—birth control type, pregnancy status, moods, and symptoms—to analytics firm RudderStack and Facebook without clear consent. Euki, a nonprofit tracker, earned a perfect 10 by keeping all health data on-device and requiring no account.

  • Why it matters

    Period trackers often collect intimate personal data that users may assume stays private. Stardust pings third-party trackers before users enter any information, and routes data through RudderStack to unknown destinations—a practice the audit shows is common across commercial apps. For users in the US and abroad, this exposure of reproductive health data to advertisers and data brokers carries both privacy and potential safety risks.

  • What to watch

    Euki's design shows that privacy-first alternatives exist—no account required, health data never leaves the phone, and users can set a PIN or schedule automatic deletion. Mozilla's grading system (0–10) provides a concrete metric for comparing tracker safety; Stardust's disclosure of the audit findings and any response from other apps will signal whether the industry moves toward stricter data practices.

In Depth

Mozilla researcher Shoshana Wodinsky conducted a detailed audit of six popular period-tracking apps in partnership with Harvard's Berkman Klein Center, examining how each app handles sensitive reproductive health data. The astrology-themed app Stardust emerged as the worst performer, scoring 2 out of 10.

Stardust's privacy failures begin immediately upon opening: the app pings third-party trackers before any user enters data. Once a user logs a symptom—whether tender breasts, stomach cramps, or any other detail—that information travels instantly to analytics firm RudderStack alongside a persistent user ID. Critically, RudderStack is built to route data onward to unknown destinations that Mozilla's auditors could not even observe. In addition, Stardust hands Facebook an ad identifier that ties in-app behavior directly to the platform's existing user profiles, enabling ad targeting based on reproductive health details. The app also provides no in-app method for users to shut off data sharing. When asked by TechCrunch about data security practices, Stardust's company stated it has never received a legal demand for user data—a response that sidesteps the audit's core finding.

In sharp contrast, Euki, a nonprofit-run period tracker, earned a perfect score of 10. Euki requires no user account; all health data remains on the device and never leaves the phone. Users can set a PIN to protect access, schedule automatic deletion of entries, or pull up a decoy screen if someone physically forces the phone open. The one minor weakness is an in-app browser for educational pages that loads standard web trackers, but even there, Euki resets identifiers between visits to minimize tracking persistence.

The audit demonstrates that the commercial period-tracking ecosystem treats intimate reproductive health data as an asset for ad-targeting and analytics, whereas a nonprofit model can prioritize user privacy as the default. For millions of users relying on period trackers for health management, the findings raise urgent questions about data exposure and the lack of transparency in how their reproductive data flows to advertisers and data brokers.

Context & Analysis

The Mozilla Foundation audit, conducted in partnership with Harvard's Berkman Klein Center, reveals a stark privacy gap between commercial period-tracking apps and privacy-focused alternatives. Stardust's practice of sending detailed reproductive health data—including birth control type, pregnancy status, and specific symptoms—to third-party analytics and ad platforms without transparent user control reflects a broader pattern in the app ecosystem: health apps often treat intimate data as a commodity for monetization through ad targeting. The audit found that Stardust shares data with RudderStack, which is designed to route information to unknown downstream destinations, creating an opaque data flow that users cannot observe or control within the app.

The contrast with Euki's approach underscores that privacy-first design is technically achievable. Euki demonstrates that a period tracker can operate without requiring an account, keeping all sensitive data local to the user's device, and offering users concrete controls—a PIN, automatic deletion schedules, and decoy screens. This design eliminates the intermediaries (ad networks, analytics firms) that characterize commercial trackers. The audit's public grading system (0–10) provides users with a concrete metric for comparing apps, though the finding that only one of six apps earned a passing score suggests most mainstream options prioritize data extraction over user privacy.

FAQ

Which period tracker scored best on privacy in the Mozilla audit?
Euki, a nonprofit-run tracker, earned a perfect 10. It requires no account, keeps health data on-device, and allows users to set a PIN, schedule automatic deletion, or pull up a decoy screen if someone forces the phone open.
Where is Stardust sending users' reproductive health data?
Stardust sends data to analytics firm RudderStack and Facebook. RudderStack is built to route data onward to unknown destinations, and Stardust also hands Facebook an ad identifier that ties in-app behavior to the platform's existing profiles.
When does Stardust start collecting data from users?
Stardust pings third-party trackers from the moment it opens, before a user enters anything; the instant a user logs a symptom, the details go to RudderStack alongside a persistent user ID.

Get AI news like this every morning

AI-summarized, only the topics you pick — one digest a day via Email, Slack, or Discord.

Free · takes 30 seconds · unsubscribe anytime

Discussion

No discussion yet for this article

Stay ahead with AI news

Get curated AI news from 200+ sources delivered daily to your inbox. Free to use.

Get Started Free

Free · takes 30 seconds · unsubscribe anytime

1 minute a day. The AI essentials.

200+ sources · Email / LINE / Slack

Get it free →