Readability and Accessibility of Terms of Service and Privacy Policies for Menstruation-Tracking Smartphone Applications

Abstract

Over 100 million women track their menstruation using mobile applications (apps). In addition to comparatively unremarkable personal information such as height and weight, these apps collect intimate data like characteristics of vaginal discharge and cervical position. In exchange, many apps claim to predict the timing and duration of menstruation and windows of fertility. From this information, users may modify their sexual behavior based on their reproductive intentions. Though these apps are popular, news reports and prior studies reveal that user expectations about privacy and accuracy often do not align with the content of terms of service and privacy policies. In this article, we analyzed the readability and accessibility of terms of service and privacy policies for 15 popular menstruation-tracking apps. We found that information about data-sharing practices and accuracy is often neither easily accessible nor understandable. As a result, terms of service and privacy policies likely obscure material information about privacy and accuracy, posing safety and reproductive health risks to users. To date, no regulatory body oversees or approves the vast majority of menstruation trackers, leaving the market open to apps that vary widely in quality, accuracy, and levels of protection. We encourage health care professionals to ask their patients and clients about app use and understanding, encourage them to review relevant app-specific information, and discourage use as contraception when indicated. We conclude with recommendations for future research to establish the appropriate standards of disclosure that should govern these and similar types of smartphone-based consumer health technologies.

Keywords

women’s health consumer health public health laws/policies reproductive health sexual health internet/electronic interventions technology

Introduction

Over 100 million women track their menstruation using mobile applications (apps; Kresge et al., 2019). These apps are part of a booming industry for female-focused health technology expected to be worth $50 billion by 2025 (Tiffany, 2018). In addition to comparatively unremarkable personal information such as height and weight, these apps collect intimate data like frequency of sexual activity, condom usage, and whether the user reached climax during intercourse; characteristics of vaginal discharge; and cervical position and firmness. In exchange, many apps claim to predict the timing and duration of menstruation and windows of fertility. From this information, users may modify their sexual behavior based on estimated chances of conception and reproductive intentions (Gambier-Ross et al., 2018).

Like all apps, terms of service and privacy policies communicate disclaimers. For example, these documents often include language indicating that women use these apps “at their own risk” and that the app is provided “as is” without any warranties. Terms of service also caution users against using these apps for contraceptive or medical purposes. These terms, in addition to privacy policies, also outline how the data are used, stored, and shared. However, research suggests these documents are cumbersome and unlikely to be read by most users (Tesfay et al., 2018). Moreover, app developers may reserve the right to unilaterally change the terms at any time.

Unlike many other apps, menstruation-tracking apps are uniquely intimate. As a result, a failure to communicate relevant terms can create a misalignment between actual and intended use. For example, users often choose apps over other tracking methods because they perceive them to be more private (Karlsson, 2019). This assumption, however, may be erroneous. For example, a 2016 Consumer Reports investigation found surprising vulnerabilities in one app, Glow, allowing individuals with the user’s email address alone to link accounts without the primary user’s explicit authorization (Beilinson, 2016). Another app, Flo, was revealed by the Wall Street Journal to share user data with Facebook secretly. Moreover, the fertility and menstrual cycle predictions generated by many of these apps may be inaccurate or misleading (Moglia et al., 2016). This finding is concerning given that at least some women may use the fertility predictions generated by menstruation-tracking apps for contraceptive purposes (Gambier-Ross et al., 2018).

While shortcomings in the communication of relevant privacy and security information and accuracy of predictions are concerning in the context of any smartphone app, the data collected by menstruation-tracking apps make these shortfalls distinctively problematic. Specifically, the sensitive nature of the data collected and their potential uses create diverse risks, ranging from enabling stalking via lax data-sharing standards to unintended pregnancy due to reliance on inaccurate fertility predictions. Given misperceptions about privacy and accuracy, it is critical for users to understand how menstruation-tracking apps use, analyze, and share their data and the limitations of any health-related predictions generated.

Methods

Because the Apple iOS store does not provide data on the most downloaded apps per search term, we identified well-known menstruation-tracking apps by conducting an internet search to approximate the way a user might search for suggestions about which app to download. To identify recommended menstruation-tracking apps, we conducted a Google search for relevant articles in the popular press reporting on recommended trackers. We reviewed all articles listed on the first page of the search results and tabulated the number of mentions to each app. We selected the 15 apps that had at least three mentions. Data reflect publicly available policies from July 3 to 13, 2019.

We obtained these privacy policies and terms of service agreements via the respective apps, company websites, or available links through the App Store. Where documents were undiscoverable or when two inconsistent documents were made available, we attempted to contact the app’s customer service via email for clarification. Documents were saved as PDFs and converted to Word documents. Where possible, we preserved formatting to reflect how the information was displayed online or in the app.

Readability metrics were based upon guidelines from the California Attorney General (California Guidelines) to support companies in crafting statements that are meaningful to consumers. Relevant recommendations include (1) use plain, straightforward language that avoids jargon; (2) use short sentences and active voice; and (3) use a format that makes the policy readable on mobile devices. To assess the first two criteria, we used Microsoft Word (MacOS Mojave 10.14.5; Word 16.26) readability statistics to determine the language level using the Flesch–Kincaid reading scale, which assigns a score on the basis of the minimum grade level required to read and understand English text, as well as the average number of words per sentence and the percentage passive voice. To assess the third criterion, we measured the number of scrolls needed to review the policy in full (iPhone 8). Accessibility is assessed based on whether the app required viewing of the terms of service or privacy policy in whole before the app was used for the first time.

Results

We obtained 15 terms of service and 15 privacy policies for menstruation-tracking apps.

Flesch–Kincaid Readability

The mean Flesch–Kincaid grade levels for terms of service and privacy policies were 14.5 (range: 11-19.4) and 13.8 (range: 9.4-19.1), respectively (Table 1).

Table 1

Readability and Accessibility of ToS and PP for 15 Menstruation-Tracking Apps

App Name	Flesch–Kincaid Reading Level		Words per Sentence (Average)		Passive Voice (%)		No. of Scrolls (iPhone 8)		Required In-App Viewing for Use
App Name	ToS	PP	ToS	PP	ToS	PP	ToS	PP	ToS	PP
Clue	12.4	12.8	19.8	23.3	23	29	17	34	No	No
Flo	15.1	13.7	28.4	24	20	10	29.5	42	No	No
Period Tracker	17.7	14	31	23.8	23	19	17.5	7.5	No	No
Ovia	14.2	13.6	25.3	23.6	16	17	42	17.5	No	No
Eve	15.2	15.3	28.7	29.5	15	14	57.5	62.5	No	No
Glow	15.2	15.3	28.7	29.5	15	14	59.5	60	No	No
Fertility Friend	14.1	12.1	22.8	17.3	33	29	4.5	9.5	No	No
Spot On	15.8	14.9	28.8	25.1	18	16	37	27	No	No
Kindara	15.5	13.1	28.9	20.3	23	17	84.5	16.5	No	No
Life	19.4	19.1	36.7	37	18	22	18.5	4	No	No
Cycles	12	12.5	19.9	22.4	27	19	13.5	24	No	No
Period Diary	15	14.7	29.4	25.6	14	17	27.5	25	No	No
Period Calendar	11	12.3	18.4	23.5	16.2	29	16.5	2.5	No	No
Dot	13.5	9.4	23.5	16.2	26	13	5	4	No	No
Natural Cycles	11.7	13.6	19.2	23.6	22	22.2	38.5	24.5	No	No

NOTE: ToS = Terms of Service; PP = Privacy Policies.

Sentence Length and Passive Voice

The mean number of words per sentence for terms of service and privacy policies was 25.8 (range: 18.4-36.7) and 24.3 (range: 16.2-37), respectively. The mean percentage passive voice was 20.6% (range: 14%-33%) for terms of service and 19.1% for privacy policies (10%-29%).

Formatting for Mobile Devices

The number of scrolls to read the policies in full ranged from 5 to 84.5 for terms of service (M = 31.2) and 4 to 62.5 for privacy policies (M = 24).

Required Viewing Prior to Use

No apps required that the terms of service or privacy policies be viewed prior to use.

Availability of Terms of Service and Privacy Policies

In all, 13 of 15 (87%) terms of service and 100% of privacy policies were identifiable. Two of 15 (13%) terms of service required email correspondence with company representatives.

Discussion

Both terms of service and privacy policies for popular menstruation-tracking apps generally fall short of recommendations to promote readability. On average, a college-level education was required to read both types of agreements. Given reports that nearly half of American adults read at or below the eighth-grade level (Weiss, 1998)—and that users may be pubescent teens—it is likely that many users do not comprehend how their data are used and shared or the limitations of the information generated. We found similar shortcomings concerning recommendations to use short sentences, use active voice, present information in a readable format for small screens, and require viewing of the policies before use. For example, the mean number of scrolls to read the terms of service was 31.2, with one app requiring 84.5—an implausible length for even a highly motivated prospective user to review and comprehend. No apps required that users view the terms of service and privacy policies before using the app, making it likely that most users will agree to the terms without ever reviewing them. In some apps, users would have to navigate through several screens to find these documents if made available at all. Others would need to access the developer’s website or the app store to locate them. Others still were unavailable, requiring communication directly with the company. Furthermore, terms of service language in all 15 apps indicate that companies reserve the right to change their terms unilaterally at any time with sole discretion as to if and how to notify users of those changes. This may require users to check the terms of service at regular intervals to remain fully apprised of the terms.

When properly designed, smartphone applications have great potential as an educational resource for reproductive health information that is accessible and interactive (Lunde et al., 2017). However, this study demonstrates a gap between the optimal design as described by the California Guidelines and the actual design of 15 popular menstruation-tracking apps. Moreover, prior research suggests that user expectations and actual use do not align with the intended use and limitations of these apps outlined in terms of service and privacy policies (Gambier-Ross et al., 2018). Developers and owners may contribute to this misperception by obscuring information about privacy protections, data-sharing practices, and accuracy in electronic documents that are hard to find and read, and with the unrealistic expectation that they will be periodically reread by users. While these concerns are present in many smartphone apps, menstruation-tracking apps pose unique potential harms for users and merit additional consideration.

Menstruation-tracking apps track highly intimate and personal data. Our findings show that the terms of service and privacy policies that govern these apps are generally neither easily accessible nor comprehensible to most users. Simple, established standards can improve the usability of these policies. At a minimum, users should be able to clearly identify the relevant documents and understand the terms—especially those about data sharing, accuracy, and warnings about use for medical or contraceptive decision making. That at least one app was able to present this information at a high school reading level and with five or fewer scrolls suggests these changes are feasible. Until consensus is reached as to the appropriate mechanism to ensure that material terms are communicated effectively to users, health care professionals should be cognizant of the prevalence and limitations of these apps, and discuss their use with patients and clients.

Limitations

Limitations of this analysis include that Flesch–Kincaid scores do not account for complexity introduced by legal jargon, which may underestimate the actual reading level. Availability of terms of service also posed a barrier to our research, creating uncertainty that the terms of service and privacy policies reviewed for each company were the most current documents intended for users. One company was recently purchased during our data collection, resulting in a change of terms. Accessing the applicable terms of service and privacy policy took multiple emails from the study team, and company representatives acknowledged they did not even know which terms would apply. Another company had two distinct terms of service available—one through the app and one through the App Store. After several attempts at email communications for a month, the company provided no answer as to which terms applied, though the customer service representative thanked the study team for drawing attention to the issue. Notably, users could access and use both apps during the relevant time despite a lack of clarity regarding which terms would govern.

Implications for Practice, Policy, and Research

Menstruation-tracking apps are widely used and show great promise to empower users with information about their bodies. Research shows that patients use these apps to recall relevant gynecological information and communicate with health care professionals about their menstrual cycles and overall health (Gambier-Ross et al., 2018). Health professionals should be aware of the benefits and limitations of these and other health-related apps. When appropriate, health professionals should ask their patients and clients about app use and understanding, encourage them to review relevant app-specific information about privacy and accuracy, and discourage use as contraception when indicated.

Our results are consistent with prior research for other types of health apps, suggesting there has been little improvement in electronic terms of service and privacy policies despite long-noted deficiencies in readability and accessibility (Sunyaev et al., 2015). In light of the unique harms noted above, policy makers and industry leaders should consider action that balances innovation with reasonable consumer protections. Further research is required to establish what actions may best facilitate this goal. To date, no regulatory body oversees or approves the vast majority of menstruation trackers, leaving the market open to apps that vary widely in quality, accuracy, and levels of protection provided to users made by developers looking to capitalize on a lucrative and growing market for female health technology. Future consideration should be given regarding the appropriate standards of disclosure that should govern these and similar types of smartphone-based consumer health technologies.

Footnotes

ORCID iDs

Leah R. Fowler

Stephanie R. Morain

References

Beilinson

(2016). Glow pregnancy app exposed women to privacy threats, consumer reports finds. Consumer Reports. https://www.consumerreports.org/mobile-security-software/glow-pregnancy-app-exposed-women-to-privacy-threats/

Gambier-Ross

McLernon

D. J.

Morgan

H. M.

(2018). A mixed methods exploratory study of women’s relationships with and uses of fertility tracking apps. Digital Health, 4, 2055207618785077. https://doi.org/10.1177/2055207618785077

Karlsson

(2019). A room of one’s own? Using period trackers to escape menstrual stigma. Nordicom Review, 40(Suppl. 1), 111-123. https://doi.org/10.2478/nor-2019-0017

Kresge

Ilya

Ramli

(2019). Period-tracking apps are monetizing women’s extremely personal data. Bloomberg Businessweek. https://www.bloomberg.com/news/articles/2019-01-24/how-period-tracking-apps-are-monetizing-women-s-extremely-personal-data

Lunde

Perry

Sridhar

Chen

K. T.

(2017). An evaluation of contraception education and health promotion applications for patients. Women’s Health Issues, 27(1), 29-35. https://doi.org/10.1016/j.whi.2016.09.012

Moglia

M. L.

Nguyen

H. V.

Chyjek

Chen

K. T.

Castaño

P. M.

(2016). Evaluation of smartphone menstrual cycle tracking applications using an adapted APPLICATIONS scoring system. Obstetrics & Gynecology, 127(6), 1153-1160. https://doi.org/10.1097/AOG.0000000000001444

Sunyaev

Dehling

Taylor

P. L.

Mandl

K. D.

(2015). Availability and quality of mobile health app privacy policies. Journal of the American Medical Informatics Association, 22(e1), e28-e33. https://doi.org/10.1136/amiajnl-2013-002605

Tesfay

W. B.

Hofmann

Nakamura

Kiyomoto

Serna

(2018, April). I Read but don’t agree: Privacy Policy benchmarking using machine learning and the EU GDPR. Paper presented at the Companion Proceedings of the The Web Conference, Lyon, France.

Tiffany

(2018, November 16). Period-tracking apps are not for women. Vox. https://www.vox.com/the-goods/2018/11/13/18079458/menstrual-tracking-surveillance-glow-clue-apple-health

10.

Weiss

B. D.

(1998). Communicating with patients who have limited literacy skills: Report of the National Work Group on Literacy and Health. Journal of Family Practice, 46(2), 168-176.