privacy-in-practice

Period Tracking Apps and Stalking: How Cycle Data Gets

Stalkers use location and behavioral data to track victims. Period app data — shared accounts, compromised credentials, or visible notifications — can expose

Stalking increasingly relies on digital surveillance tools — and period tracking apps, as a category of technology that reveals intimate details about schedule, health, and location, are a meaningful target. The threat model has several distinct layers, each with different technical access requirements and different mitigations. Threat Vector 1: Shared or Accessible Cloud Accounts The highest risk scenario is straightforward: a cloud based period app account that an abusive partner, ex partner, or stalker has access to. How this happens: The account was set up with the stalker's email address or under their name The account uses a shared or family Apple ID or Google account The period app is on a family sharing plan that the stalker set up The stalker knows the account password from a time when the relationship was healthy The stalker observed the password being entered What this exposes: Current period predictions (reveals expected dates and cycle length) Historical cycle data (can reveal patterns about home location, routine, work schedule) Logged symptoms and health information Sexual activity if logged Fertile window predictions Notes or health details entered Mitigation: Move