Recent news has been warning that women’s data is at risk of being collected by private companies. Certain smartphone apps, such as those that track menstrual cycles, often contain a vast array of personal information that can be used for consumer profiling, collecting data on everything from exercise and diet to medication, hormone levels, and contraception use. In this editorial, Christoph C. Cemper, founder of AIPRM, sheds light on the issue.
The data collected by cycle tracking apps poses a threat to privacy and safety, as this personal information can be commodified and sold to third parties for financial gain, which these parties then exploit for marketing purposes. There may also be more dangerous consequences if this data is misused, such as health insurance discrimination and cyberstalking. As a result, there have been calls for improved governance of the femtech industry to protect user data, with an emphasis on providing clear and transparent consent options.
Christoph C. Cemper, founder of AIPRM, provides expert insight into the potential security risks involved in apps holding personal user data, as well as how to find out how much personal data our apps are collecting:
“There are inherent risks involved in having apps that collect and use our personal data. Cyberattacks and hacks are becoming more widespread and sophisticated as hackers are consistently advancing their methods. Rapid digitalisation and AI growth are just some of the factors contributing to a more complex global cyber threat landscape.
“Consequently, these apps are perpetually vulnerable, making robust and up-to-date security protocols and encryption absolutely vital. Failure to maintain these safeguards could allow malicious actors to succeed in accessing vast amounts of user data, potentially exposing individuals to fraud or identity theft.
“Beyond external threats, apps may also violate privacy terms, often collecting more data than truly necessary and failing to fully disclose how it is being used. Meta, for example, has been fined on various occasions for privacy violations concerning user data. A very small number of app users actually take the time to read privacy policies, leaving the majority totally unaware of how much personal data these apps collect and how it is used.”
“If you want to know more about app data collection, a good place to start is by reviewing the privacy information on app store pages for both iOS and Android. This typically outlines the type of data collected by the app, as well as how it is used.”
“Most Android devices offer a privacy dashboard, which allows you to view the data apps have access to and allows you to manage your preferences. On Apple and iOS devices, the Privacy and Security section in your settings provides insight into which apps have access to data and are tracking it, with options to manage these permissions. Additionally, third-party services such as AppCensus can analyse your apps to reveal what data they collect and how it’s used, offering another layer of insight.”
Which smartphone apps are collecting your personal data for their benefit?
Social media giant Meta takes the top two spots, with Facebook and Instagram being the apps which collect the most personal data for their own benefit, using 86% of user data to market their products and show you relevant ads. A staggering 3.43 billion people used at least one of Meta’s products daily in the first quarter of 2025.
Klarna comes third, collecting 64% of consumer data for marketing benefits. Last year, Sweden’s Administrative Court of Appeal fined Klarna over £570,000 for violating the EU’s General Data Protection Regulation (GDPR) rules.
GDPR is a European Union law which aims to protect the personal data of individuals. It provides individuals with greater control over their data and ensures that organisations are held accountable for how they collect, use, and store personal information.
Uber and Uber Eats both collect 57% of personal data for their own marketing benefits. In 2024, 156 million people used Uber, with approximately 95 million of those using Uber Eats. In 2024, Uber was hit with one of the largest GDPR fines ever issued by the Dutch Data Protection Authority at €290 million for illegally transferring European taxi drivers’ personal data to the U.S.
The apps that are sharing your data with third parties
Once again, Instagram and Facebook come out on top, as the apps share the highest amount of consumer data with third parties, 79% and 57%, respectively.
LinkedIn and Uber Eats are third, sharing 50% of personal data with third parties. Last year, LinkedIn was hit with a €310 million fine from the Irish Data Protection Commission (DPC), which found that the company’s processing of personal data for analysis and targeted advertising was violating several aspects of the General Data Protection Regulation.
In addition, the DPC found that LinkedIn’s information provided to users on data processing activities was not clear or comprehensive, meaning it also failed to comply with transparency regulations, violating articles 13 and 14 of the General Data Protection Regulation.
Travel app Trainline and popular online video-sharing app YouTube both share over two-fifths (43%) of personal data with third parties.
Methodology:
AIPRM sought to reveal the apps that know the most about their users and offer insight to users on how to find out how much personal data these apps are collecting.
To do this, they used pCloud’s study on the most invasive apps and added insight into how these popular apps use personal data.
Expert insight was provided by Christoph C. Cemper, founder of AIPRM, who provided tips for app users on how to find out how much personal data apps collect and the risks involved in this.
You must be logged in to post a comment.