PCMag Security Watch

Try these 3 privacy-focused alternatives to period-tracking apps.

Views expressed in this cybersecurity-cyber crime-cyber espionage update are those of the reporters and correspondents.

Accessed on 28 June 2022, 2050 UTC.

Content provided by email subscription to "PCMag Security Watch."

Source: https://mail.google.com/mail/u/0/#inbox/FMfcgzGpGdmqfDMxhHczJgnxbNjvlgrP

Please click link or scroll down to read your selections.

Thanks for joining us today.

Russ Roberts


https://paper.li/RussellRoberts (machine learning, artificial intelligence, IoT, and information security)

Trouble viewing this email? View in a browser
PCMag SecurityWatch
Try These 3 Privacy-Focused Alternatives to Period-Tracking Apps
Last week, the Supreme Court overturned the federal right to abortion access in the United States, leaving the door open for many states to pass abortion bans. In the hours after the news broke, one of the trending topics on Twitter was "delete your period-tracking apps NOW."

After the SCOTUS decision, I spent time reading through the privacy policies of some of the most popular menstrual cycle tracking apps and didn't find anything encouraging in the text. Some Democratic lawmakers are worried that prosecutors in anti-abortion states may use subpoenas to demand that the tech companies who make these apps help them identify which users have visited an abortion provider.

At this time, I cannot recommend any private third-party period-tracking apps, but you still have options when it comes to keeping track of your reproductive health digitally.

Why You Should Delete Your Period-Tracking App

Period trackers are helpful because they allow you to keep track of your cycle and determine when your periods and fertile days begin and end. That information is also needed by doctors, as anyone who has ever had an appointment with an obstetrician or gynecologist knows.

Period trackers can pose a danger to people in states with abortion bans because, like many apps, menstrual trackers collect and store user data. That information may be shared with third parties, including law enforcement looking for evidence that someone had an abortion. Even if you haven't had an abortion, a record of a missed period could be seen as evidence of a crime. That's the world we're living in now. Take it seriously.

Protect Your Health Information

I believe you should do everything you can to control who has access to your personal data, whether you have the ability to bear children or not. Read app privacy policies carefully before using them on your devices. That advice is doubly important when it comes to your health data. While the information you share with your doctor or other healthcare provider is protected by the Health Insurance Portability and Accountability Act (HIPAA), those rules do not apply to any health-related data you enter into an app. That information can be sold to data brokers, who can then hand it over to anyone.

Flo is a top-rated app with a host of helpful features such as colorful calendars, a symptoms log, and informative articles about menstruation, fertility, and pregnancy. It also has an extremely detailed and easy-to-read privacy policy that lays out the app's data retention policy and data sharing policy in explicit detail. Flo does not sell your personal data to third parties such as data brokers, which is great. It does, however, comply with law enforcement requests for personal data, which is not ideal. Also, if the app is ever sold to another company (which happens pretty often) all the information Flo has stored about you will be sold as well.

Even Planned Parenthood's own Spot On period-tracking app states in its privacy policy that it may share your personal information with third-party affiliates and law enforcement. Some of your information on the Spot On app may also be handed over to researchers. 

Trust No One

I advise readers not to divulge any information to a third-party app that they don't want anyone else to access. Data breaches happen constantly, and the health information you thought was secure today could be in the hands of a hacker tomorrow. Keep your health data offline or encrypted to keep it safe.

How to Track Your Period Privately

The three methods listed below aren't as straightforward and easy to use as the popular period-tracking apps, but they're more private.

1. Use the Health app on your iPhone, and disable two settings

Apple has a period-tracking option built into its Health app for mobile devices. You can enter in all kinds of information about your body, as well as log sexual activity, period symptoms, and pregnancy test results.

The data collected is encrypted, and as long as you turn off access to iCloud and opt out of syncing your data with any third-party apps, your information is only stored on your device. 

Keep a close eye on your Apple device's sharing settings! If you've previously shared any health data with someone, they still have access to your information until you turn off sharing in the Health app. I know because my husband received alerts on his iPhone about my fertility schedule even after I switched to an offline tracking method.

Apple will turn over data to law enforcement unless you have multi-factor authentication turned on for your Apple ID—so make sure you do it!

Google does not have a privacy-focused health app built into Android.

2. Track dates surreptitiously on your calendar

Entering detailed reproductive health information into the calendar app on your smartphone or computer isn't the most secure option on our list, but it is very easy to obscure the information a little bit. Simply enter an emoji or character on the calendar to designate your cycle's beginning and end dates. There's no need to write out what it means.

Keep your devices close at hand if you use this method and secure them and any logins for digital calendars with multi-factor authentication. Computer and mobile device calendars usually allow for syncing, which means your data could be seen by someone else if they gain physical access to any of your devices.

Of course, tracking your period using a pen and paper calendar is also an option, though it leaves physical evidence of your health data that may be easy for law enforcement to access.

3. Use a spreadsheet

You can store a spreadsheet containing your health data on your device without linking it to the cloud. You can download attractive templates from various sources online, but it's easy to make a simple tracking spreadsheet. Aliza Aufrichtig, a graphics and multimedia editor at The New York Times, wrote this guide for creating a private period tracker using Google Sheets. You can even set up email and calendar integrations, though I recommend against this option since it leaves an online digital trail. Google Sheets stores your data in the cloud, which is not ideal, but you can use the instructions Aufrichtig provides to make a similar offline spreadsheet using Excel.

Keep in mind that any data stored on your phone could be used against you if law enforcement gets their hands on your device. Always lock your phone with some form of multi-factor authentication such as a passcode, in addition to using a fingerprint or Face ID.

Get this email from a friend? Get it delivered to your inbox weekly. Sign up for the SecurityWatch newsletter.

What Else Is Happening in the Security World This Week?

Ransomware Gang Offers Bug Bounty, Promises Payouts Up to $1 Million. The biggest payout is reserved for anyone who can uncover details about the LockBit ransomware gang's leader.

Roe v. Wade Overturn Sparks Push for Stronger Privacy Protections. A group of Democratic senators is concerned that prosecutors will try and obtain warrants for data on anyone who visits an abortion provider. 

CISA: Hackers Continue to Exploit Log4Shell in Unpatched VMware Servers. It's been six months, folks. It's time to update your servers.

Blockchain Provider Open to Negotiating With Hacker Who Looted $100 Million. Blockchain provider Harmony has also called in the FBI and cybersecurity firms to help it investigate the theft of $100 million in Ethereum.

Ransomware Hacker Used Zero-Day Exploit on Business Phone VoIP Device. The incident underscores how ransomware hackers now seem to have more resources to uncover previously unknown software vulnerabilities to attack targets.

Save $50 on IPVanish VPN
If you buy something from our links, we may get a commission from the sale. Learn more here.
Never forget your passwords again! Get 40% off Keeper Unlimited and Keeper Family Plans

How to Lock Down Your Phone for a Protest
In the wake of the Roe v. Wade reversal, many Americans are hitting the streets to demonstrate their displeasure with the ruling. For some people, it's their first time making their voices heard in public, and it also may be their first negative encounter with law enforcement. Know your rights before you go out, and also take steps to protect your phone from surveillance.

The safest bet is to bring a burner phone with you to the protest and don't connect it to any of your cloud services. Your phone may be confiscated by law enforcement if you are detained.

Below is an excerpt from a guide for locking down your phone for a protest written by PCMag senior security analyst Max Eddy.

How to Cop-Proof Your Phone

    Avoid using biometrics. Instead, lock your phone with a secure passcode. If you must use biometrics, use the fingerprint scanner rather than facial recognition and learn how to enable your device's lockdown mode. This prevents biometric authentication and requires your passcode to be used to unlock the device. On Android, hold the power button and select lockdown. On an iPhone, hold the power button and volume buttons for a few seconds until you see the power off, medical ID, and Emergency SOS screen. Tap cancel and the phone will require your passcode to unlock instead of biometric authentication.
    Enable disk encryption. Most Android and Apple devices will do this automatically when you enable a passcode or biometrics but double-check.
    Remove unnecessary apps and reinstall them later. Even when not in use, some apps can send and receive data. This can slow down an already spotty connection, and could be used to monitor your activity.
    Log out of any apps you won't need. By default, you usually only need to log in to an app once to use it. That's a problem if you're not in control of your phone.
    If you back up your phone (and you should), make sure that your backups are secure with a complex, unique password and multi-factor authentication. This may require making changes to your Apple or Google accounts. To help you get started here are our guides to backing up iPhones and Androids.
    Use encrypted communications whenever possible. If possible, set your messages to expire after a certain period of time. Note that this will likely require you to have a working data connection. If you cannot use encrypted messaging, send prearranged signals via unsecured means.
    Shut off your Wi-Fi.
    Disable location services until you absolutely need them.
    Disable Bluetooth, unless you absolutely need it.
    If you don't need to use your data connection, switch it off, too. Note that this may hamper your ability to use encrypted communications.

How to Get Google to Quit Tracking Your Location

PCMag Picks the Best VPN Services

Google Details Spyware Targeting Phones in Italy, Kazakhstan

US Agency Looks at Creating a '311' Call Line for Cybersecurity Incidents

Microsoft: Russia Increasing Efforts to Hack Ukraine's Allies

Want more deals like these delivered to your inbox?
Dell Inspiron 15 (5510) Intel Core i7-11390H 15.6" 1080p Laptop w/ 512GB SSD, NVIDIA GeForce MX450 Graphics, use code: 50OFF699
$829.99 $649.99  

55" Amazon Fire TV Omni Series 4K HDR 10 Smart TV w/ 3x HDMI Inputs
*Prime Exclusive
$559.99 $299.99  

Acopower LiONCooler 42Qt 173Wh Battery-Powered Portable Freezer (Solar/AC/Car Charging), use code: 207FXZS2
*Also clip $200 off coupon
$659.00 $327.20  

NVIDIA RTX 3080 Alienware Aurora R10 AMD Ryzen 9 5900 Gaming Desktop w/ 1TB SSD, 16GB RAM, use code: 100OFF1499
$2,649.99 $1,899.99  

All product and deal information such as discount, price and availability are believed to be accurate as of the time of publication. Please verify these details with the merchant site and check the merchant's terms and conditions before you buy. Publisher is not responsible for errors or omissions.



Popular posts from this blog

SecurityWeek Briefing.

Cyber War Newswire

SecurityWeek Briefing.