Document Name: “Menstrual tracking app data is a ‘gold mine’ for advertisers that risks women’s safety” Source / Link: Cambridge Research News – Minderoo Centre, 2025 Document Type: External Design Input / Market & Safety Evidence Purpose: Provide evidence of privacy, safety, and commercial risks associated with menstrual tracking apps. Used to inform requirements and risk management in the Red Witch project.
Based on the report, Red Witch shall implement the following design inputs / requirements:
| Requirement / Design Input | Description | Linked RMF Risk |
|---|---|---|
| DI-001: Local-only storage | All user data must remain on the device; no cloud storage by default | R-Ext-001 |
| DI-002: End-to-end encryption | User-controlled encryption key; app cannot access PHI | R-Ext-001, R-Ext-002 |
| DI-003: User-controlled export/import | Only encrypted exports allowed; no automatic sharing | R-Ext-001 |
| DI-004: Minimal data collection | Collect only data strictly necessary for functionality | R-Ext-001, R-Ext-002 |
| DI-005: Transparency & consent | Clear, granular consent options for any data use | R-Ext-001 |
| DI-006: Privacy education | User guidance in app/manual about risks and safe use | R-Ext-003 |
External risks identified from the Cambridge report have been added to the RMF:
| RMF Risk ID | Source | Risk Description | Mitigation / Control |
|---|---|---|---|
| R-Ext-001 | Cambridge Report (2025) | Commercial exploitation of menstrual data leading to privacy/safety harms | Local-only storage, encryption, user-controlled export, minimal data collection, consent |
| R-Ext-002 | Cambridge Report (2025) | Data misuse could lead to discrimination, cyberstalking, or limitation of reproductive rights | Legal compliance (HIPAA, PHIPA, PIPEDA, GDPR), offline operation, minimal data collection |
| R-Ext-003 | Cambridge Report (2025) | Users unaware of risks due to lack of education | User Manual, Privacy Policy, digital literacy guidance |
This external design input informs: