Related papers: Privacy and Security of Women's Reproductive Health Apps in a Changing Legal Landscape

Privacy and Security of Women's Reproductive Health Apps in a Changing Legal Landscape

URL: http://arxiv.org/abs/2404.05876v1
Date: Mon, 8 Apr 2024 21:19:10 GMT
Title: Privacy and Security of Women's Reproductive Health Apps in a Changing Legal Landscape
Authors: Shalini Saini, Nitesh Saxena,
Abstract summary: Privacy and security vulnerabilities in period-tracking and fertility-monitoring apps present significant risks. Our approach involves manual observations of privacy policies and app permissions, along with dynamic and static analysis. Our analysis identifies that 61% of the code vulnerabilities found in the apps are classified under the top-ten Open Web Application Security Project (OWASP) vulnerabilities.
Score: 1.7930036479971307
License: http://creativecommons.org/licenses/by/4.0/
Abstract: FemTech, a rising trend in mobile apps, empowers women to digitally manage their health and family planning. However, privacy and security vulnerabilities in period-tracking and fertility-monitoring apps present significant risks, such as unintended pregnancies and legal consequences. Our approach involves manual observations of privacy policies and app permissions, along with dynamic and static analysis using multiple evaluation frameworks. Our research reveals that many of these apps gather personally identifiable information (PII) and sensitive healthcare data. Furthermore, our analysis identifies that 61% of the code vulnerabilities found in the apps are classified under the top-ten Open Web Application Security Project (OWASP) vulnerabilities. Our research emphasizes the significance of tackling the privacy and security vulnerabilities present in period-tracking and fertility-monitoring mobile apps. By highlighting these crucial risks, we aim to initiate a vital discussion and advocate for increased accountability and transparency of digital tools for women's health. We encourage the industry to prioritize user privacy and security, ultimately promoting a safer and more secure environment for women's health management.

Related papers

Unveiling Privacy and Security Gaps in Female Health Apps [4.387660388540319]
Investigation uncovers harmful permissions, extensive collection of sensitive personal and medical data, and the presence of numerous third-party tracking libraries. Findings highlight a significant lack of privacy and security measures for FemTech apps, especially as women's reproductive rights face growing political challenges.
arXiv Detail & Related papers (2025-02-04T22:34:03Z)
Towards Privacy-aware Mental Health AI Models: Advances, Challenges, and Opportunities [61.633126163190724]
Mental illness is a widespread and debilitating condition with substantial societal and personal costs. Recent advances in Artificial Intelligence (AI) hold great potential for recognizing and addressing conditions such as depression, anxiety disorder, bipolar disorder, schizophrenia, and post-traumatic stress disorder. Privacy concerns, including the risk of sensitive data leakage from datasets and trained models, remain a critical barrier to deploying these AI systems in real-world clinical settings.
arXiv Detail & Related papers (2025-02-01T15:10:02Z)
Open Problems in Machine Unlearning for AI Safety [61.43515658834902]
Machine unlearning -- the ability to selectively forget or suppress specific types of knowledge -- has shown promise for privacy and data removal tasks. In this paper, we identify key limitations that prevent unlearning from serving as a comprehensive solution for AI safety.
arXiv Detail & Related papers (2025-01-09T03:59:10Z)
New Emerged Security and Privacy of Pre-trained Model: a Survey and Outlook [54.24701201956833]
Security and privacy issues have undermined users' confidence in pre-trained models. Current literature lacks a clear taxonomy of emerging attacks and defenses for pre-trained models. This taxonomy categorizes attacks and defenses into No-Change, Input-Change, and Model-Change approaches.
arXiv Detail & Related papers (2024-11-12T10:15:33Z)
The Gradient of Health Data Privacy [15.417809900388262]
This paper introduces a novel "privacy gradient" approach to health data governance. Our multidimensional concept considers factors such as data sensitivity, stakeholder relationships, purpose of use, and temporal aspects. We demonstrate how this approach can address critical privacy challenges in diverse healthcare settings worldwide.
arXiv Detail & Related papers (2024-10-01T17:35:18Z)
A Qualitative Analysis Framework for mHealth Privacy Practices [0.0]
This paper introduces a novel framework for the qualitative evaluation of privacy practices in mHealth apps. Our investigation encompasses an analysis of 152 leading mHealth apps on the Android platform. Our findings indicate persistent issues with negligence and misuse of sensitive user information.
arXiv Detail & Related papers (2024-05-28T08:57:52Z)
Privacy-preserving Optics for Enhancing Protection in Face De-identification [60.110274007388135]
We propose a hardware-level face de-identification method to solve this vulnerability. We also propose an anonymization framework that generates a new face using the privacy-preserving image, face heatmap, and a reference face image from a public dataset as input.
arXiv Detail & Related papers (2024-03-31T19:28:04Z)
What is in Your App? Uncovering Privacy Risks of Female Health Applications [4.387660388540319]
FemTech or Female Technology, is an expanding field dedicated to providing affordable and accessible healthcare solutions for women. With the leading app exceeding 1 billion downloads, these applications are gaining widespread popularity. This exploratory study delves into the privacy risks associated with seven popular applications.
arXiv Detail & Related papers (2023-10-23T01:46:29Z)
A Survey on Privacy in Graph Neural Networks: Attacks, Preservation, and Applications [76.88662943995641]
Graph Neural Networks (GNNs) have gained significant attention owing to their ability to handle graph-structured data. To address this issue, researchers have started to develop privacy-preserving GNNs. Despite this progress, there is a lack of a comprehensive overview of the attacks and the techniques for preserving privacy in the graph domain.
arXiv Detail & Related papers (2023-08-31T00:31:08Z)
On the Privacy of Mental Health Apps: An Empirical Investigation and its Implications for Apps Development [14.113922276394588]
This paper reports an empirical study aimed at systematically identifying and understanding data privacy incorporated in mental health apps. We analyzed 27 top-ranked mental health apps from Google Play Store. The findings reveal important data privacy issues such as unnecessary permissions, insecure cryptography implementations, and leaks of personal data and credentials in logs and web requests.
arXiv Detail & Related papers (2022-01-22T09:23:56Z)
COVI White Paper [67.04578448931741]
Contact tracing is an essential tool to change the course of the Covid-19 pandemic. We present an overview of the rationale, design, ethical considerations and privacy strategy of COVI,' a Covid-19 public peer-to-peer contact tracing and risk awareness mobile application developed in Canada.
arXiv Detail & Related papers (2020-05-18T07:40:49Z)

This list is automatically generated from the titles and abstracts of the papers in this site.