The increasing popularity of FemTech, comprising digital technologies aimed at women’s health and well-being, has raised significant security, privacy, and safety concerns. Researchers from various prestigious institutions have highlighted the potential threats posed by FemTech apps and IoT devices, which have been found to access users’ personal data, including contacts, cameras, microphones, and location. These devices collect a wide range of sensitive information about users and their environments, posing risks to their security and privacy.
The study conducted by experts revealed that the existing regulations related to FemTech in the UK, EU, and Switzerland are inadequate in addressing the risks associated with these technologies. While the GDPR and Swiss FADP have references to sensitive data that overlap with FemTech data, the medical devices regulations in the EU and UK lack specific provisions for FemTech data and user protection. The compliance practices of the FemTech industry were also found to include many non-compliant practices in data collection and sharing.
The research team identified a range of inappropriate security and privacy practices in a subset of FemTech systems, which do not brand themselves as medical devices, fail to obtain valid consent, and track users without their consent. Moreover, the study revealed that the intimate data collected by FemTech systems is processed and sold to third parties, highlighting the lack of guidelines for developing cyber-secure, privacy-preserving, and safe products in the industry.
Dr. Maryam Mehrnezhad, the lead author of the research, emphasized the presence of multiple threat actors interested in FemTech data, such as fertility and sex information. The researchers have been conducting security and privacy research in this area since 2019, advocating for better collaborative efforts across stakeholders to ensure that FemTech solutions can be used by citizens to improve their lives without risking their privacy and security. Professor Mike Catt of Newcastle University echoed the need for regulatory bodies to update and strengthen guidelines to ensure the development and use of secure, private, and safe FemTech products.
The critical analysis of the risks associated with FemTech underscores the necessity of enhanced regulatory frameworks and industry compliance practices to safeguard users’ privacy and security. The revelations regarding the inadequate regulations and industry non-compliance call for urgent action to address the vulnerabilities in FemTech systems and protect users from potential threats. By prioritizing cyber security, privacy preservation, and safety in the development and use of FemTech products, stakeholders can promote trust and confidence among users, enabling them to benefit from these technological innovations without fear.
Leave a Reply