Period tracking app, Flo, found to be selling user data to Meta
Period tracking app, Flo, found to be selling user data to Meta
经期追踪应用 Flo 被曝向 Meta 出售用户数据
Your period tracking app has been yapping about your flow to Meta. What does this vagueness by-design mean for how we choose to self-monitor our biological markers? 你的经期追踪应用一直在向 Meta “泄露”你的生理周期信息。这种刻意设计的模糊性,对于我们选择如何自我监测生物指标意味着什么?
A few years back, I had a running joke with the guy I was seeing about adding him to my period tracker. Being a women’s health expert, I enjoy weaving nerdy anecdotes about cycles and attraction and desires into my flirtations and marveling at my own wit and woo-woo mastery of my cyclical body. This ruse seemed like a harmless jab at my digitally tracked self-awareness – a very late millennial feminist living in the Bay Area version of coquetry. It maybe wasn’t all that harmless, after all. Turns out, the matter of sharing the data around my cycle, and potentially the even more private information about my intimate experiences, wasn’t as much of a matter of choice as I might have expected. Worse, it might have been used to sell me stretchmark creme or dental dams. 几年前,我和当时交往的男友开过一个玩笑,说要把他加进我的经期追踪应用里。作为一名女性健康专家,我喜欢在调情时穿插一些关于生理周期、吸引力和欲望的硬核轶事,并为自己对身体周期性的掌控力感到自豪。这种把戏看起来只是对我数字化自我意识的一种无伤大雅的调侃——这是一种典型的生活在湾区的千禧一代女权主义者的调情方式。然而,事实证明这并非完全无害。原来,分享我的生理周期数据,甚至可能包括更私密的亲密经历信息,并不像我预想的那样由我自主选择。更糟糕的是,这些数据可能被用来向我推销妊娠纹霜或牙科橡胶障。
That period tracking app, Flo, has been found liable in connection with selling user data to Meta all the while promising their users they were protecting their privacy. The class action suit had 13 million Flo users included as plaintiffs, which is a sizeable chunk of pissed off users amongst their reported 75 million-strong user base. 经期追踪应用 Flo 已被裁定在向 Meta 出售用户数据的同时,却向用户承诺保护其隐私,这一行为构成侵权。该集体诉讼将 1300 万名 Flo 用户列为原告,在其宣称的 7500 万用户群中,这是一个相当庞大的愤怒群体。
Those lawsuits against Meta and Flo, first filed in 2021 with more in the US and Canada, reveal a bigger issue in non-medical health tracking software – there’s too much gray area around consent when it comes to selling your health information to advertisers. 针对 Meta 和 Flo 的诉讼最早于 2021 年在美国和加拿大提起,这些诉讼揭示了非医疗健康追踪软件中一个更大的问题:在将个人健康信息出售给广告商时,关于“知情同意”的界定存在太多的灰色地带。
What’s important about the legal precedent being set is in highlighting how the current guidelines around health data privacy (like HIPAA) are woefully lagging behind the health tracking tech already available directly to users. It raises a number of critical questions: What does this legal vagueness mean for how we choose to self-monitor our biological markers? 这一法律先例的重要性在于,它凸显了现有的健康数据隐私准则(如 HIPAA)在面对用户直接使用的健康追踪技术时,显得严重滞后。这引发了一系列关键问题:这种法律上的模糊性,对于我们选择如何自我监测生物指标意味着什么?
In a post-Dobbs environment, how do concerns around digital privacy impact our consumer choices in sexual health and period tracking apps? Why is it still up to the consumer to run safety checks when it should be the role of product teams and healthtech brands to build less creepy tech? Do we really need to be tracking every possible symptom and mood and cramp and letting private tech companies decide what to do with that data? 在“多布斯案”(Dobbs,指推翻罗诉韦德案)后的环境下,对数字隐私的担忧如何影响我们在性健康和经期追踪应用方面的消费选择?为什么本应由产品团队和健康科技品牌负责构建更安全、不那么“令人毛骨悚然”的技术,却依然要由消费者自己去进行安全检查?我们真的需要追踪每一个可能的症状、情绪和痉挛,并任由私营科技公司决定如何处理这些数据吗?
Turns out, Flo had embedded a secret “eavesdropping” tool which passed along information like menstruation cycle, ovulation, and if a user was trying to get pregnant to Meta, even while explicitly claiming not to in their privacy policy. 事实证明,Flo 植入了一个秘密的“窃听”工具,将用户的月经周期、排卵期以及是否正在备孕等信息传递给了 Meta,尽管其隐私政策中明确声称不会这样做。
The guilty verdict in the August 2025 Frasco v. Flo lawsuit proved otherwise: “Flo, through the Flo App, unlawfully shared users’ sensitive health data – including menstrual cycle, ovulation, and pregnancy-related information – with third parties such as Meta, Google, and Flurry for their own commercial use (Burr & Forman, 2025).” 2025 年 8 月 Frasco 诉 Flo 一案的判决结果证明了这一点:“Flo 通过其应用程序,非法将用户的敏感健康数据(包括月经周期、排卵期和怀孕相关信息)共享给 Meta、Google 和 Flurry 等第三方,用于其商业用途 (Burr & Forman, 2025)。”
It’s important to call out that these third-party platforms didn’t hack into the Flo app. The folks in charge of making privacy decisions at Flo handed them our sensitive data on a silver platter. It was simple track-and-sell data sharing and we maybe should have seen it coming. 必须指出的是,这些第三方平台并没有黑进 Flo 应用。Flo 负责隐私决策的人员是将我们的敏感数据拱手相送。这只是一种简单的“追踪并出售”的数据共享模式,我们或许早该预料到这一点。
I’ve written before about how ‘pinkwashing’ femtech can disguise a whole host of unethical product decisions. Prior to heading for greener and more private pastures with my period tracking app selection, Flo was already starting to give me the ick. The UX design was getting more convoluted, more cluttered, more cartoonish with every update. 我之前写过关于“粉红洗白”(pinkwashing)的女性科技如何掩盖一系列不道德产品决策的文章。在我选择更换更安全、更私密的经期追踪应用之前,Flo 就已经让我感到不适了。随着每一次更新,其用户体验设计变得越来越复杂、混乱且卡通化。
In the context of the Flo-Meta filings, this makes sense – focusing on the “problems” of periods can help drive sales of items purporting to alleviate symptoms. There isn’t much to monetize from a simple period calendar, is there? It’s dystopian to realize the emphasis on symptomology was helping to drive advertising on sites even more recently found liable for personal harm on par with tobacco companies. 在 Flo 与 Meta 的诉讼背景下,这一切就说得通了——专注于经期的“问题”有助于推动那些声称能缓解症状的产品的销售。毕竟,一个简单的经期日历并没有太大的商业变现价值,不是吗?意识到这种对症状学的强调,竟然是在为那些被发现造成人身伤害(程度堪比烟草公司)的网站提供广告驱动力,这简直是反乌托邦式的现实。