June 22, 2025
06
Minute
The Fine Print Flies

The Hidden Risks in Health App Privacy Policies

Health and wellness apps have surged in popularity, but their privacy practices are often murky. An analysis of 10 top apps — from fitness trackers to meditation and period-tracking apps — reveals that most collect far more data than necessary and reserve the right to share it with advertisers or data brokers.

For example, a 2023 report by the Mozilla Foundation found that several period-tracking apps shared sensitive information — like cycle dates and mood logs — with third-party marketing firms. Few apps provide meaningful options to opt out of such data sharing.

The policies themselves are often difficult to understand, written at a high reading level and buried under layers of legalese. This leaves users unaware of how their intimate health data is used.

Experts advise choosing apps that:

  • Clearly state they don’t share data with third parties.
  • Offer end-to-end encryption.
  • Have transparent, plain-language privacy policies.

More importantly, advocates are pushing for stronger legal protections for health data not covered by HIPAA.

Latest Articles

Why Data Brokers Are Still Thriving
Joy Buolamwini’s Fight to Unmask AI Bias
The Deceptive Design of Cookie Consent Banners
Why “Consent” in Big Tech Agreements May Not Mean What You Think
The Hidden Risks in Health App Privacy Policies
What TikTok’s New Data Sharing Terms Mean for You

Similar Articles

Terms of Confusion
June 22, 2025

The Deceptive Design of Cookie Consent Banners

Almost every website now greets visitors with a cookie consent banner, claiming to offer a choice over tracking. But privacy advocates warn that many of these pop-ups are designed not to inform, but to manipulate. Known as dark patterns, these interfaces use visual tricks to steer users toward accepting all cookies, often burying “reject all” options behind extra clicks, small text, or confusing layouts.
Continue Reading
Terms of Confusion
June 22, 2025

Why “Consent” in Big Tech Agreements May Not Mean What You Think

When you sign up for a new app or platform, you’re often asked to “agree” to the terms of service and privacy policies. But what does that consent mean, and is it meaningful?
Continue Reading
Cybersecurity Threat of the Month
June 22, 2025

Rise of AI-Driven Phishing Attacks

Phishing is the practice of tricking people into revealing sensitive information, and has long been a top cyber threat. But in 2025, phishing has entered a new era: attackers are now using AI tools to generate highly convincing and customized phishing messages at scale.
Continue Reading