Privacy News

Flo app controversy: Jury rules Meta stole users' menstrual data.

Millions of women entrusted their menstrual data in the period cycle app, Flo. Now the court ruled Meta was eavesdropping on users' in-app communications. But why would Meta want your menstrual data, and what does it mean for your privacy?

Flo app controversy, Jury rules that Meta collected women's intimate Flo app data illegally.

Meta wants it all – creepily, this greed for data even includes your menstrual cycle! In Early August the tech giant was found guilty of illegally collecting the health data of Flo period-tracking app users by a Californian jury. This verdict concludes a four year lawsuit against Google, Meta, Flo and analytics firm Flurry, by Flo users who blamed the companies of collecting their private data from the app without their consent for targeted advertising. While Meta has objected to the verdict, the other companies resolved the cases against them through settlements.

To many women, Flo seemed like the perfect way to monitor their menstrual cycles privately with a smartphone. The app developers had promised to keep women’s private data regarding their reproductive health private. But in the background, Big Tech – as well as the Flo app itself – were watching. According to the lawsuit, the Flo app allowed Meta and Google to eavesdrop on users’ in-app communications between November 2016 and February 2019, which violates California’s Invasion of Privacy Act.

On August 4th 2025 the verdict was concluded and found that Meta had “intentionally eavesdropped on and/or recorded conversations using an electronic device,” without users of the Flo app knowing. For now, the financial damages have not been decided, and Meta has objected to the verdict.

Turn ON Privacy in one click.

This conclusion by the court finalizes the lawsuit filed in 2021 against Google, Meta, Flo, and Flurry, the app analytics company, where Flo users blamed the companies of collecting their private data from the Flo app without their consent for targeted advertising. This verdict made by the court in California against Meta highlights how greedy the tech giant is for your data. And the reason? To sell you more stuff through targeted advertising.

Screenshot aus Flo.Health: Was können Sie mit der Flo-App tun? Verfolgen Sie Ihre Zyklen und Symptome, verstehen Sie Ihre Fruchtbarkeit besser, verfolgen Sie Ihre Schwangerschaft Woche für Woche, teilen Sie Flo mit Ihrem Partner, wechseln Sie in den anonymen Modus. Screenshot aus Flo.Health: Was können Sie mit der Flo-App tun? Verfolgen Sie Ihre Zyklen und Symptome, verstehen Sie Ihre Fruchtbarkeit besser, verfolgen Sie Ihre Schwangerschaft Woche für Woche, teilen Sie Flo mit Ihrem Partner, wechseln Sie in den anonymen Modus.

The Flo app has many features that are useful for females to track their menstruation and fertility, but in order to use these features, a lot of intimate data needs to be shared with the app. Screenshot: Flo.Health

How the Flo app controversy started

In 2021, Erica Frasco filed a class action lawsuit against Flo Health after The Wall Street Journal reported on its privacy issues in 2019. Like millions of other women who believed they were using the menstrual app privately, she answered extremely intimate questions. The questions varied, from preferred birth control methods, to the level of satisfaction with their sex life, to whether they were trying to get pregnant.

The problem according to the complaint is that the Flo app had promised its users that it wouldn’t share this private data with third parties, except if it was necessary for the provision of its services – but even in this case, it said it would not include “information regarding your marked cycles, pregnancy, symptoms, notes and other information entered by [users]”. But as it turns out this was not true. Instead, it was another prime example of privacy washing – a marketing tactic that has become as popular in the tech industry as green washing in the automotive industry.

Between 2016 and 2019, users’ confidential and intimate data was shared with companies like Facebook, Google, and Flurry. This included when its users opened the app and their interactions in the app. According to the complaint, Flo Health also didn’t regulate how the third parties could use its users’ intimate data.

Nutzerinnen auf Reddit teilten ihre Meinung über die Nachricht, dass Meta illegal die intimen Daten von Frauen gesammelt hat, die die Flo-App nutzen. Nutzerinnen auf Reddit teilten ihre Meinung über die Nachricht, dass Meta illegal die intimen Daten von Frauen gesammelt hat, die die Flo-App nutzen.

Users on Reddit shared their opinion over the news that Meta had illegally collected the intimate data of women using the Flo app. Screenshots: Reddit

Why would Meta want your Flo app menstrual data?

We’ve done a lot of reporting on Meta’s companies like Facebook and Instagram, and one thing is clear: All Meta apps track us and watch our every move online so that the tech giant can collect our data, target us with ads, and make a huge profit. This is why Meta services are free to use. Only if you’re in the EU, you can pay to go ad-free. If you want to be really scared, check how much Facebook knows about you.

But even though we know Meta profits from user data, it still feels like such a far push that Meta would illegally collect women’s intimate data from the Flo app for targeted advertising. And for the millions of people who entrusted the Flo period app with their reproductive data, it’s worrying that this data was collected by Meta and the other companies involved.

Loss of trust

As we spend more time online, we are encouraged to install apps, buy things, and share our information. But something we need to be aware of is that even though these apps and services can be helpful, they often come with risks such as how they process and share our data. Of course, these risks are disclosed in terms of use, which many don’t read, but even if they do, it can be pointless. In the case with the Flo app, the developers and tech giants were outright lying to the users and abusing their data without asking for consent.

What do we learn? With the current digital landscape, and our digital identities containing more personal data than ever, the case of the Flo app controversy should be a reminder to be cautious online and think twice, especially when sharing intimate or confidential information. Also remember that sometimes it’s better to have fewer apps; because most free apps make money by tracking you.

Illustration of a phone with Tuta logo on its screen, next to the phone is an enlarged shield with a check mark in it symbolizing the high level of security due to Tuta's encryption.