State Attorneys General Call on Apple to Beef up Privacy Protections for Reproductive Health Information

Apple is being called ‘to implement stronger privacy controls for third-party apps that collect consumers’ reproductive health data’ by ten state attorneys general in the US.

In a detailed letter sent to Tim Cook on 21 November, the group has raised privacy concerns regarding third-party apps available on Apple's App Store such as period tracking apps and pregnancy and fertility apps that collect consumers’ private reproductive health data. They feel the data can be “"weaponized against consumers by law enforcement, private entities, or individuals.”

This comes in the wake of the U.S. Supreme Court’s Dobbs ruling overturning Roe v. Wade.

The letter states “This gap in Apple’s protections threatens the privacy and safety of App Store consumers and runs directly counter to Apple’s publicly expressed commitment to protect user data.”

The state AGs have argued that Apple hasn’t done enough to protect the reproductive health data of an individual, especially significant information that relates to the ‘past, present or future reproductive or sexual health of an individual'. This poses a significant risk to individuals seeking or providing abortions, birth control or other reproductive health care, according to the letter. They have suggested that ‘app developers should be required to delete data not essential for the use of the application, including location history, search history and any other related data of consumers who may be seeking, accessing or helping provide reproductive health care’.

The letter further states that ‘app makers should also be required to clarify what reproductive health information is shared with third parties, including law enforcement. Apple also should require apps to do so only when required by a valid subpoena, search warrant or court order’.

Third-party apps that collect consumers’ reproductive health data or that sync with user health data stored on Apple devices also should be required to implement at least the same privacy and security standards as Apple does with regards to the data. For example, Apple ensures that Apple Health data—including reproductive data—are automatically encrypted. 

"At a minimum, Apple should require apps on the App Store to meet certain threshold security requirements, such as encryption of biometric and other sensitive health data stored on applications, use of end-to-end encryption when transmitting said data, and compliance with Apple’s user opt-out controls," the AGs wrote in the letter.

Elaborating further, the group wrote that Apple also should ‘conduct periodic audits and remove or refuse to list third-party apps in violation of these standards. Apps that fail to certify compliance with these measures should be removed from the App Store. These actions will safeguard reproductive health information from being wrongfully exploited by those who would use it to harm patients or providers.'

Join our Masterclass on ‘The New Reimbursement Pathway in France’ on 30th November. Click here to Request to Join.