Jury Determines Meta Violated California Privacy Laws by Secretly Collecting Menstrual Health Data from Flo Users

A California jury has determined that Meta breached state privacy laws in a class-action lawsuit filed by users of the menstrual tracking app, Flo. These users alleged that Meta collected sensitive menstrual health data without their permission for advertising purposes.

The plaintiffs, representing millions of Flo users, accused both Flo and Meta of obtaining private health information, such as menstrual cycles and fertility goals, without consent, which they argue violates the California Invasion of Privacy Act.

The lawsuit was initiated in 2021 against Flo, with Meta, Google, and advertising analytics firms AppFlyers and Flurry listed as defendants. Google reached a settlement in July, while Flo finalized its settlement earlier this month.

“This ruling sends a powerful message about the protection of digital health data and the responsibility of major tech firms,” noted lead attorneys Michael P. Canty and Carol C. Villegas.

“Companies like Meta that exploit users’ most private information without their consent must be held accountable. Today’s decision emphasizes the fundamental right to privacy, particularly concerning sensitive health data,” they added.

Meta contested the ruling, claiming that the company has never tracked Flo users.

“We firmly contest this ruling and are exploring all legal options. The allegations against Meta are completely false. Protecting user privacy is a primary concern for Meta, which is why we do not collect health or sensitive information, and our terms explicitly forbid developers from sharing any,” stated a spokesperson for the company.

Last year, Flo raised $200 million in Series C funding from General Atlantic, achieving a valuation exceeding $1 billion.