The Premom Ovulation Tracking App, developed by Easy Healthcare, has been accused of violating FTC Law and Health Breach Notification Rules related to ovulation date sharing. The company has agreed to resolve the FTC complaint which alleged that sensitive health information of app users was provided to third-party advertisers without their consent.
The app allows users to track their periods and ovulation cycles, and users can upload photos of ovulation test strips that the app analyzes to predict the user’s next ovulation cycle. It also allows users to upload health data from other devices and apps.
Between 2017 and 2020, the terms of service stated that the user’s health data could be shared for promotional purposes. However, the FTC alleged that the Premom app sent app users’ sensitive health information to third-party advertisers without their consent.
Easy Healthcare shared Premom user data with Google LLC and marketing company AppsFlyer Inc since 2018, and from 2018 to 2020, user data was shared with two Chinese mobile analytics companies, Jiguang (aka Aurora Mobile). Ltd and Umeng.
The FTC has determined that Easy Healthcare has violated FTC laws and has not taken reasonable privacy and data security measures. This disclosure meant Easy Healthcare had to notify app users, the FTC, and the media. The company must pay a civil penalty of $100,000 to the US Treasury Secretary if the court approves the order. It has also agreed to a $100,000 settlement with Connecticut, Oregon, and the District of Columbia, who helped the FTC investigate.
Easy Healthcare must adopt strict privacy requirements to ensure user information is adequately protected. The company has also agreed to improve its privacy and security practices and conduct regular privacy and security audits. Easy Healthcare said it settled with the FTC to avoid the time and cost of litigation, and the settlement decision does not admit wrongdoing.