Another data breach has hit Facebook in India. Period calendering app Maya has been accused of sharing women’s menstrual, emotional and sexual health data with the tech giant. The app, which was acquired by Sheroes earlier this year, was founded in 2012 and has a presence in over 20 countries.
The report, ‘No Body’s Business But Mine: How Menstruation Apps Are Sharing Your Data’ published by advocacy group Privacy International, has accused Maya, along with Cyprus-based MIA, of sharing the personal details.
What Is Maya Allegedly Sharing?
Maya, owned by New Delhi-based Sheroes, has been accused of informing Facebook when a user opens the app. The app also allegedly shares information about any unprotected sex and contraception used. Moreover, the app has also been accused of sharing the data it collected about women’s mood and feelings.
John Paul, founder and CEO of Maya, told Inc42 , “We have in the past used tools from Facebook, strictly to improve our product experience. We have proactively removed these tools from all versions of the app due to concerns about privacy.”
The researchers also examined some of the other popular period-tracking apps such as Period Tracker by Leap Fitness Group, Period Tracker Flo by Flo Health, Period Tracker by Simple Design and Clue Period Tracker by Biowink. They confirmed that these apps did not share any data with Facebook.
How Is The Data Being Shared With Facebook?
In December 2018, Privacy International has also exposed such practices of various other popular apps. The research alleged that 61% of the apps it tested automatically transferred users’ data to Facebook, from the moment the user opened the application.
The report also mentioned that this happened through Facebook Software Development Kit (SDK). SDK is a software development tool, which is used to develop apps for specific operating systems.
Facebook, in a subsequent email to Privacy International, said, “Developers can receive analytics that allows them to understand what the audience of their app enjoys and improve their apps over time. Developers may also use Facebook services to monetise their apps through Facebook Audience Network. Subject to that Facebook user’s prior consent, Facebook may also use this data to provide that user with more personalised ads”
The advocacy group confirmed, in March this year, that two-thirds of the companies it exposed last year had updated their privacy policies. These apps included music streaming platform Spotify and travel fare aggregators Skyscanner and Kayak.
Update: September 11, 2019 3:02 PM
The article has been updated to reflect the company’s statement on the issue.