Flo app controversy: Are women’s most private details at risk?

Woman holding phone with glowing uterus icon; shadowy figures in background
Most of us have done it—used an app to track our periods, monitor our reproductive health, and even log intimate moments, trusting that this deeply personal information stays private. But what happens when that trust is broken?
Flo, one of the most widely used period and fertility tracking apps in the world, is facing serious allegations of sharing sensitive user data without consent. Launched in 2015, the app claims to empower over 50 million women globally with insights into their cycles, symptoms, pregnancy, and menopause.
Its promise? To put control back in the hands of women. Its reality, however, is now under intense scrutiny.
Data Shared Without Consent?
Legal actions in both Canada and the United States claim that Flo shared users’ private health information—including period tracking, pregnancy details and sexual activity—with third parties such as Meta (formerly Facebook), raising urgent concerns around consent and data ethics.
In British Columbia, a class action filed in the Supreme Court alleges that Flo knowingly disclosed private data without informing users or securing their permission. Similarly, a class action filed in California seeks $13 billion in damages, accusing Flo of transmitting personal health details through software tools like Meta’s SDKs, allegedly for advertising purposes.
Flo and Meta have denied these claims. In a statement to CBC News, Flo stated it has “never sold user information or shared user information with third parties for the purposes of advertising” and said it would “vigorously defend” itself against the allegations.
Not the First Time
While the current lawsuits remain unresolved, they follow a familiar pattern. Back in 2021, Flo settled with the US Federal Trade Commission over similar concerns. Although the company did not admit any wrongdoing, it agreed to improve transparency and data practices.
A spokesperson told Sifted: “Flo is committed to protecting the privacy of its users, and any allegation otherwise has no merit. Flo has never sold user data and never will.”
However, in an era where reproductive rights are under increasing threat—particularly following the US Supreme Court’s overturning of Roe v. Wade—the consequences of data misuse in femtech could be far-reaching and, in some regions, dangerous.
What’s at Stake?
For many women, femtech apps like Flo are more than just handy tools—they are lifelines. These platforms offer support in managing fertility, navigating menopause, or tracking symptoms of endometriosis. But they also collect an astonishing amount of private information.
If mishandled, this data doesn’t just breach privacy; it could lead to discrimination or legal consequences in countries where reproductive freedom is restricted.
This is not merely a legal battle; it’s a deeply personal one. When we entrust our most private health information to technology, we expect that trust to be honoured, not exploited.
A Global Wake-Up Call
Although the lawsuits are currently focused in North America, the ripples are being felt across the globe. Flo, which became Europe’s first femtech unicorn after raising over $200 million, operates in jurisdictions governed by stricter regulations such as the EU’s General Data Protection Regulation (GDPR).
If found liable, the outcome of these cases could set a powerful precedent for how femtech companies worldwide handle user data.
Protecting Yourself in the Meantime
Until the courts deliver their verdicts, users can take steps to better safeguard their information:
- Scrutinise privacy policies: Understand what data an app collects and whether it’s shared.
- Limit the data you provide: Only input what you’re comfortable disclosing. Be cautious with highly sensitive information.
- Choose privacy-focused apps: Seek out platforms that are transparent about their data practices and compliant with international privacy laws.
- Stay informed: Follow developments in cases like this, as they may reshape the standards for all health apps.
Interestingly, as part of related legal proceedings, Google has already settled similar claims earlier this month, though the terms remain confidential.
Beyond Legalities: This Is About Respect
This isn’t just about compliance or corporate responsibility—it’s about respect for our bodily autonomy. The digital tools designed to support our health must do so with integrity. As consumers, we must demand higher standards and call out companies that fall short.
In a digital age where personal data is currency, protecting reproductive health information goes beyond privacy. It speaks to our right to dignity, agency and trust in the technologies we choose to use.