Attorney General Tong urges Apple to protect consumers’ reproductive health information

Press releases

11/23/2022

Attorney General Tong urges Apple to protect consumers’ reproductive health information through the App Store in wake of US Supreme Court’s Dobbs ruling

Letter to Apple CEO highlights security gaps that pose risk to privacy and security of app users

(Hartford, CT) – Attorney General William Tong joined a coalition of ten attorneys general urging Apple to protect consumers’ private reproductive health information on apps available through its App Store, which the U.S. Supreme Court Following the decision of K. Dobbs in Roe v. Wade overturned.

In a letter sent to Apple CEO Tim Cook this week, Attorney General Tong joined the coalition in calling for privacy-enhancing measures to protect private reproductive health data for apps hosted on Apple’s App Store. may be collected from users in order to prevent individuals from seeking or providing abortion care. From potential action and harassment by law enforcement, private entities, or individuals.

“From basic health and wellness apps to period tracking, fertility and pregnancy tracking apps, we have enabled our phones to collect, maintain and sometimes share some of our most personal and private reproductive health information. Apple says it has strong privacy and security measures in place for its devices, yet those protections don’t extend to the apps hosted on their store. Apple could do better to demand stronger privacy protections and ensure that private reproductive health information is not used to criminalize and harass those who seek and provide abortion care. Attorney General Tong said.

While Apple has adopted privacy and security measures consistent with its stated goals of protecting consumer privacy, the attorney general noted that apps hosted on Apple’s App Store often do not meet these same standards and protections for this sensitive data. fail to do. According to the letter, this gap in Apple’s security puts the privacy and security of App Store users at risk, and is contrary to Apple’s publicly stated commitment to protecting user data.

Given the demonstrated risk that location history, search history, and sedentary health data pose to individuals seeking or providing abortion or other reproductive health care, the coalition calls on Apple to require app developers to either authenticate or comply with their privacy policies. hereby affirms to represent that they will take the following security measures:

, delete data necessary for the use of the Application, including location history, search history, and any other related data of consumers who may be seeking, accessing, or providing assistance to reproductive health care;

, Provide clear and specific notice about the ability of App Store applications to disclose user data related to reproductive health care, and require applications to do so only when served by a valid subpoena, search warrant, or court order need; And

, Require App Store apps that collect consumers’ reproductive health data or that store user health on Apple devices to implement at least the same privacy and security standards as Apple with respect to that data sync with data.
The proposed measures would protect reproductive health information from being misused by those who would use it to harm pregnant women or providers and are consistent with Apple’s stated promises of privacy protections on the App Store, the letter explained. .
Today’s letter details a number of reasons why it is necessary for Apple to pursue each of these data-protection measures in the wake of the Dobbs decision.

The letter states that deleting data related to reproductive health care is the first line of defense to protect consumers who, often unwittingly, leave digital traces of their actions to obtain or provide reproductive health care. Plus, the letter highlights how what data apps retain and share is often obscured by vague and unclear privacy policies — making it impossible for consumers to protect their sensitive reproductive health data. Make an informed decision about trusting. This makes it important for Apple to ensure that apps provide clear and specific notices regarding third-party access to reproductive health data, the letter explains.

Finally, the letter makes it clear that it is not enough that Apple collects and stores reproductive health data. Apple’s stated commitment to privacy and consumer protection demands that the company apply the same vigilance to third-party apps that sync with Apple Health, as well as apps that collect reproductive health data from consumers.

Specifically, the letter urges Apple to implement a clear process for auditing third-party apps’ compliance with Apple’s privacy and security standards. At a minimum, Apple should require apps on the App Store to meet certain security requirements, such as encryption of biometric and other sensitive health data stored on applications, requiring end-to-end encryption when transmitting said data. use, and compliance with Apple’s user opt-out controls. Compliance with these measures should be reflected in the privacy policies of the App Store apps. In the long run, Apple should conduct periodic audits and remove or refuse to list third-party apps that violate these standards.

In signing the letter, Attorney General Tong was joined by attorneys general from New Jersey, California, Oregon, Massachusetts, Washington, North Carolina, Illinois, Vermont and Washington, DC.

A copy of the letter is available here.

Twitter: @AGWilliamTong
Facebook: CT Attorney General
media Contact:

Elizabeth Benton
[email protected]

Consumer Enquiries:

860-808-5318
[email protected]

Leave a Comment