Which period tracking apps are safe? Mozilla study reveals Ghana's women face hidden privacy risks
A major privacy investigation by the Mozilla Foundation has exposed troubling gaps in how period tracking apps handle women's most sensitive health information—findings that should concern Ghanaian users who rely on these applications to monitor their menstrual cycles.
The study examined six widely-used apps: Flo, Clue, Stardust, Spot On, Period Calendar, and Euki. Researchers discovered that some applications share reproductive health data with major tech companies including Google, Meta, and TikTok, often without clear disclosure to users. This practice raises significant privacy and security concerns, particularly in contexts where menstrual data could have serious legal consequences.
What the privacy gaps reveal
The investigation found that Stardust, a popular astrology-focused period tracker, sends detailed reproductive health information to a third-party data company called RudderStack. This data includes pregnancy status, contraceptive use, mood patterns, alcohol consumption, and specific symptoms. While Stardust claims this is merely a technical routing service and that RudderStack cannot identify users by name, the practice exposes intimate health information to additional companies—multiplying the risk of data breaches or unauthorised access.
Spot On, created by Planned Parenthood, presented a different concern. Although the app itself doesn't share health data broadly, certain features route users to a website that shares information about the type of healthcare being sought—such as HIV testing or gender-affirming care—with analytics company AB Tasty. This function occurs without prominent user notice.
The research found that most apps send basic user information and advertising identifiers to Google, Meta, Microsoft, and TikTok through analytics and advertising services. Mozilla researcher Shoshana Wodinsky emphasised that transparency is crucial: "People deserve better. At the very least, you should know what's happening."
Why this matters for Ghana
The privacy risks identified in this study have direct implications for Ghanaian women. Although Ghana does not currently have the same legal restrictions on abortion rights as some countries, the broader principle remains critical: health data shared with multiple companies creates vulnerability. Data breaches, government requests, or misuse by third parties could expose intimate information that many Ghanaians prefer to keep private for cultural, religious, or personal reasons.
Additionally, Ghana's data protection landscape continues to develop. The Data Protection Act, 2012 (NDPC Act) provides some safeguards, but enforcement remains inconsistent. Foreign apps operating in Ghana often fall into regulatory grey areas, meaning users have limited recourse if their data is mishandled. The Mozilla findings underscore the need for Ghanaian women to be more selective about which apps they trust with their health information.
For context, period trackers have become increasingly popular in Ghana and across Africa as smartphone penetration grows. Many Ghanaian women use these apps to manage their health, predict fertility windows, and monitor cycle-related symptoms. However, few users fully understand what happens to their data once it's uploaded to these applications.
Which apps offer better protection?
The Mozilla report identified Euki as having particularly strong privacy protections, describing it as "squeaky clean." Clue and Flo, while not perfect, have also made improvements to their privacy practices in recent years—suggesting that companies can and do respond to public scrutiny.
If you use a period tracking app, Mozilla's researchers recommend asking yourself these questions: Does the app clearly explain who can see your health data? Does it share information with analytics companies? Can you use the app's core features without connecting to external services? Does the company have a clear, detailed privacy policy?
Ghanaian users should seek apps that minimise data sharing, use encryption, and provide transparent privacy policies written in accessible language. Consider whether you truly need a connected app or whether a simple, offline tracker might better protect your information. If you do choose a connected app, read the privacy policy carefully and disable non-essential features that may trigger data sharing.
Source: MyJoyOnline

Comments (0)
Be the first to comment.