The digital era has brought about numerous innovations in the field of technology, including FemTech – a term used to describe digital technologies focusing on women’s health and well-being. Recent research conducted by experts at Royal Holloway, University of London, Newcastle University, University of London, and ETH Zurich has shed light on significant security, privacy, and safety issues surrounding FemTech. These concerns stem from the apps and IoT devices collecting a wide range of data about users, their relatives, and their environments through embedded sensors, exposing sensitive and intimate information to third parties.
The study also highlighted the inadequacy of regulations related to FemTech in the UK, EU, and Switzerland. Current medical devices regulations in the EU and UK do not specifically address FemTech data and user protection, leaving a gap in safeguarding sensitive information. Although the GDPR and Swiss FADP mention special category data that overlaps with FemTech data, industry practices often involve non-compliant data collection and sharing techniques. This lack of oversight and enforcement poses a serious threat to user privacy.
The research team identified industry non-compliance with regards to security and privacy practices in a subset of FemTech systems. These systems do not identify themselves as medical devices, fail to obtain valid consent for data collection, and track users without their explicit permission. Furthermore, the study revealed that intimate data collected by FemTech systems is not only processed but also sold to third parties, raising serious privacy concerns. The findings underscore a pressing need for research and guidelines to ensure the development of cyber-secure, privacy-preserving, and safe products in the FemTech industry.
Dr. Maryam Mehrnezhad, the lead author of the research and Senior Lecturer at Royal Holloway, emphasized the importance of addressing the threat actors interested in FemTech data, such as fertility and sex information. She stressed the need for collaborative efforts among stakeholders to protect users’ sensitive data and enable the use of FemTech solutions without fear. Professor Mike Catt of Newcastle University echoed this sentiment, urging regulatory bodies to update and strengthen guidelines to ensure the development and use of secure, private, and safe FemTech products. Many apps accessing mobile and device resources without proper consent pose a risk to user privacy, exposing personal data to potential breaches.
The findings of the research conducted by the aforementioned institutions underscore the pressing need for enhanced regulations, compliance practices, and industry standards in the FemTech sector. Addressing the security, privacy, and safety concerns surrounding FemTech is paramount to safeguarding user data and promoting trust in digital health technologies. Collaborative efforts among researchers, industry stakeholders, and regulators are essential to mitigate risks and protect users’ sensitive information in an increasingly connected world.
Leave a Reply