"“My sex-related data is more sensitive than my financial data and I want the same level of security and privacy\": User Risk Perceptions and Protective Actions in Female-oriented Technologies"

Mehrnezhad, Maryam; Almeida, Teresa

doi:10.1145/3617072.3617100

Cited by 8 publications

(2 citation statements)

References 47 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These data types are presented in Table 3. For these experiments, we followed the same structure of recent papers (Mehrnezhad et al, 2022b;Almeida et al, 2022;Mehrnezhad et al, 2022a). Two of the authors repeated this process for each app independently (on two Google Pixel 6 phones) and logged their observations.…”

Section: Data Collectionmentioning

confidence: 99%

“…In Mehrnezhad et al (2022b), we discuss that not only is such intimate data collected by FemTech systems, but also this data is processed and sold to third parties 23 . In Mehrnezhad and Almeida (2021), Mehrnezhad and Almeida (2023), we have discussed at length that complex harms and risks such as the re-identification of individuals based on health data (Goldacre et al 2022) can differentially impact the users.…”

Section: Non-compliant Practicesmentioning

confidence: 99%

See 1 more Smart Citation

Mind the FemTech gap: regulation failings and exploitative systems

Mehrnezhad,

Van Der Merwe,

Catt

2024

Front. Internet Things

View full text Add to dashboard Cite

The security, privacy, and safety issues around Female-oriented technologies (FemTech) and data can lead to differential harms. These complex risks and harms are enabled by many factors including inadequate regulations, the non-compliant practices of the industry, and the lack of research and guidelines for cyber-secure, privacy-preserving, and safe products. In this paper, we review the existing regulations related to FemTech in the United Kingdom, EU, and Switzerland and identify the gaps. We run experiments on a range of FemTech devices and apps and identify several exploitative practices. We advocate for the policymakers to explicitly acknowledge and accommodate the risks of these technologies in the relevant regulations.

show abstract

Section: Data Collectionmentioning

confidence: 99%

Section: Non-compliant Practicesmentioning

confidence: 99%

Mind the FemTech gap: regulation failings and exploitative systems

Mehrnezhad,

Van Der Merwe,

Catt

2024

Front. Internet Things

View full text Add to dashboard Cite

show abstract

Bluetooth security analysis of general and intimate health IoT devices and apps: the case of FemTech

Cook,

Mehrnezhad,

Toreini

2024

Int. J. Inf. Secur.

View full text Add to dashboard Cite

The number of digital health products is increasing faster than ever. These technologies (e.g. mobile apps and connected devices) collect massive amounts of data about their users, including health, medical, sex life, and other intimate data. In this paper, we study a set of 21 Internet of Things (IoT) devices advertised for general and intimate health purposes of female bodies (aka female-oriented technologies or FemTech). We focus on the security of the Bluetooth connection and communications between the IoT device and the mobile app. Our results highlight serious security issues in the current off-the-shelf FemTech devices. These include unencrypted Bluetooth traffic, unknown Bluetooth services and insecure Bluetooth authentication when connecting to the app. We implement Bluetooth attacks on the communication between these devices and apps, resulting in malfunctioning of the device and app. We discuss our results and provide recommendations for different stakeholders to improve the security practices of Bluetooth-enabled IoT devices in such a sensitive and intimate domain.

show abstract