Threat Analysis: Ruby by Glow

Health services on smartphones are a tricky business. Glow, a data science startup company, has recently released a new mobile app called Ruby. Ruby is a resource centered on women’s health issues such as sexual health and well-being. The app, available for iPhone and Android powered devices, provides information designed around the data that is shared with the app by users. Data points include current mood, overall health, sleep cycles, sex habits and more. With this information, Ruby provides updated and detailed information about various health related topics, such as about different birth control methods. 

They also offer text, graphics, images, advice, recommendations, and information provided by medical partners such as Bedsider and Huru International. Ruby is intended to give women the ability to recognize correlations and patterns, as well as anticipate certain symptoms, during their menstrual cycle. Ruby also includes a community forum so users can ask questions and gather feedback from other women. While this app does fulfill a real need, the security of the app with this sensitive information is questionable.

Profiles in Glow follow a similar format to Twitter and Facebook

Profiles in Glow follow a similar format to Twitter and Facebook

As with all information that is stored on networked devices, there are questions about security. For instance, there are questions about the services they provide conflicting with their legal language. They provide “trusted information” so that the user can “know the real deal about birth control, sex, and all things down there.” Yet, in their terms of service, they explicitly mention that they do not offer medical advice and that users should not rely on them as such. They further take no responsibility for its accuracy or applicability to the user’s situation and should review the underlying source before making any decisions based on it.

This is an important distinction because if a user were to talk to a doctor, they would have legal protection and recourse with the Health Insurance Portability and Accountability Act of 1996 against disclosure and notification of data breaches thanks to the Health Information Technology for Economic and Clinical Health Act. None of that can be guaranteed by Glow. In their terms of service, any material transmitted are treated as non-confidential and non-proprietary.

Also, copyrights to “any comments, feedback, suggestions, ideas, forum posts and other submissions” on their services are retained by Glow. Furthermore, Glow is allowed to “sell, exploit and disclose any materials in any manner, without restriction and without compensation.” For example, they may display those materials on the Internet, incorporate it into other works, create derivative works from it, promote, distributive, and allow others to do the same in connection with their own websites and media platforms.

One of the discussion boards encourages the disclosure of sexual habits and experiences

They state in their privacy notice that Glow is not responsible for breaches in their security and are not responsible for other websites that are linked to their services. Glow also does not guarantee the security of private transmissions against unauthorized interception or access. They take the stance that each user of Glow products is responsible for taking all precautions to ensure against unauthorized access. This release from responsibility is important because the sensitive information that they can collect from registered users includes:

  • Forum participation information.
  • Demographics (Gender, Age, Birthdate, Occupation, etc)
  • Health Information (Menstrual cycle, Weight, Temperature, etc)
  • Billing info (Zip code, Credit Card Number, CV Number, Paypal)
  • Contact info (E-mail, Phone number)
  • Stored media (Photos, videos)
  • Geolocation
  • Personal Information stored by third parties (Facebook, Twitter, GoogleFit, etc)
  • Social security number
  • Infertility clinics visited and proof of medical claims
  • Activity information (Transactions, content viewed, click stream information, cookies)
  • Technical information (IP address, browser history, etc).

They state (in all caps) that

WE DON’T SELL OR RENT YOUR PERSONAL INFORMATION TO THIRD PARTIES. WE DON’T SHARE YOUR INFORMATION (OTHER THAN FORUM POSTS) TO SOCIAL NETWORKS OR OTHER PUBLIC OR SEMI-PUBLIC PLACES UNLESS INSTRUCTED BY YOU TO DO SO.

However, they then back track by stating that they can share personal information with third parties in an “aggregate and anonymous” format combined with the information they collect from other users. This method has been critiqued as being practically impossible with any large data set. They may also share personal information with employees, affiliates, vendors, partners and third parties as required to offer services. They may also decide to share your information for joint marketing purposes with other companies.

Users agree to terms of service despite not being able to read them before hand.

Users can delete their account but Glow is allowed to keep information that is on its system following termination. They claim that by using the service the user “consents to our retaining all the above-described information indefinitely.” Not that the user would know it. At the time of this posting, new users could not access the privacy notice or the terms of service from the app even though it claimed you could. To find this information, one must leave the app and search for it on google and then read the long legal document.

Again, it should be stated Ruby fulfills a real need for many women in terms of information for women’s health that can help those who cannot visit a doctor for every question they may have about their health. Users also do not have to register to use the basic functions of the app. However users should be aware of risks to personal health information when stored on an app with little legal protection from its dissemination. Information retained by Ruby and other similar devices are vulnerable and they take no responsibility for its possible loss.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s