Jury Determines Meta Violated California Privacy Laws by Secretly Collecting Flo Users’ Menstrual Health Data

A California jury has found that Meta infringed on state user privacy laws in a class-action lawsuit brought by users of the period tracking app, Flo. These users alleged that Meta collected sensitive menstrual health data without their consent for advertising purposes.

The plaintiffs, representing millions of Flo users, claimed that Flo and Meta had obtained private health information, including period dates and fertility goals, from the app without permission, thus violating the California Invasion of Privacy Act.

The lawsuit was filed in 2021 against Flo and included Meta, Google, and ad analytics companies AppFlyers and Flurry as defendants. Google reached a settlement in July, while Flo finalized a settlement earlier this month.

“This verdict sends a powerful message about the protection of digital health data and the responsibility of Big Tech,” commented Michael P. Canty and Carol C. Villegas, the lead attorneys in the case.

“Firms like Meta that exploit users’ most personal information without consent must be held accountable. Today’s ruling reinforces the fundamental right to privacy, particularly concerning sensitive health data,” they added.

Meta disagreed with the judgment, stating that the company has never tracked Flo users.

“We strongly contest this decision and are exploring all legal options. The plaintiffs’ claims against Meta are simply false. Protecting user privacy is a priority for Meta, which is why we refrain from collecting health or other sensitive information, and why our terms explicitly prevent developers from sharing any,” a spokesperson for the company asserted.

Last year, Flo raised $200 million in Series C funding from General Atlantic, achieving a valuation of over $1 billion.