Skip to content
Pulsyn
Abstract digital privacy visualization representing encrypted health data that never leaves your device

Your Fertility Data Is Evidence Now

James Hoffmann James Hoffmann
May 27, 2026 · 13 min read
PrivacyReproductive HealthData OwnershipLocal FirstOura

TL;DR

Your wearable knows when you ovulate, when you sleep worse before your period, and when your baseline temperature shifts by 0.3 degrees. That data lives on Oura's AWS servers, Whoop's personal servers, or Fitbit's cloud. In a post-Dobbs United States, fertility data has been subpoenaed in criminal prosecutions. Pulsyn keeps that data on your phone, encrypted, with no cloud account. That is not a marketing feature. It is an architectural choice made because the alternative is unsafe.

The Nebraska case that changed how I think about wearables

I did not think I would be writing about menstrual cycles on the Pulsyn blog. Then I read the Nebraska case.

In 2022, Jessica Burgess and her seventeen-year-old daughter were prosecuted for allegedly inducing an abortion after the state's gestational limit. The evidence that led to their arrest was not a witness. It was not a medical record. It was Facebook messages obtained via search warrant. Messages about a miscarriage. Private conversations between a mother and daughter, handed to law enforcement by a platform they trusted.

The warrant was specific. Norfolk Police in Nebraska requested "all messages, photos, and videos" between the two accounts from April to June 2022. Meta complied. The messages included discussion of obtaining abortion pills and disposing of fetal remains. A detective obtained the warrant on June 20, 2022. By June 26, he had the full chat history. That turnaround time, six days from warrant to full disclosure, is the relevant metric. It is faster than most users could even find the privacy setting to download their own data.

The Burgess case is not an edge case. It is a template. In 2024, a Texas man sued his ex-wife's friends for allegedly helping her obtain abortion medication, citing text messages and internet search history as evidence. In 2023, law enforcement in multiple states began explicitly requesting period-tracking app data during investigations. The signal is clear: fertility data has entered the discovery process. If it is stored digitally, if it is synced to a server, if a company holds the keys, it can be subpoenaed. And wearables are now one of the richest sources of that data.

How a ring figures out your cycle

You do not need to tap "period started" in an app for a wearable to know your cycle. The sensors collect enough secondary data to infer it with high accuracy.

Skin temperature is the obvious one. Basal body temperature rises by roughly 0.3 to 0.5 degrees Fahrenheit after ovulation and stays elevated until menstruation. Oura measures this continuously with an infrared LED sensor. They call it "Cycle Insights." It is accurate enough that Oura partnered with Natural Cycles, an FDA-cleared birth control app that relies on temperature data to predict fertility windows. The ring measures, the algorithm predicts, the cloud stores.

Heart rate variability drops in the luteal phase for many women. Sleep architecture changes: REM latency shortens, deep sleep fragments, total sleep time drops by 20 to 40 minutes in the days before menstruation. Respiratory rate ticks up slightly. Activity tolerance drops. None of these signals, taken alone, says "this user is menstruating." Taken together, across ninety days of continuous monitoring, a model can predict cycle phase with accuracy above 85%. Whoop published research in 2023 showing their system could detect pregnancy from user data before the user had taken a test, simply by spotting the convergence of HRV suppression, temperature elevation, and respiratory rate changes.

This is the point. The ring does not need a "cycle tracking" toggle to build a fertility profile. The raw biometric stream is enough.

A woman checking her phone in private. The exact moment where health data crosses from personal to uploaded, and from uploaded to subpoenable

Where that data lives

Oura stores user data on Amazon Web Services. Whoop uses its own server infrastructure. Fitbit, Garmin, and Apple store health data in their respective clouds. The exact server location, encryption standard, and access log policy varies by company, but the architecture is the same: data leaves the device, transits to a server you do not control, and sits in a database that responds to legal process.

Consumer Reports tested eighteen popular reproductive health apps in 2022. Fifteen of them shared user data with third parties for advertising. Three of them stored fertility logs without encryption at rest. None of them offered a meaningful legal guarantee against compelled disclosure. Privacy policies are not contracts with law enforcement. They are contracts with you, and you can be overruled by a warrant.

The Health Insurance Portability and Accountability Act (HIPAA) does not cover data collected by consumer wearables. HIPAA applies to healthcare providers, insurers, and their business associates. Oura is not your doctor. Fitbit is not your hospital. The data they collect falls under the Federal Trade Commission's consumer protection mandate, which is weaker, slower, and does not create a physician-patient privilege. In plain terms: your fertility data in a wearable app has fewer legal protections than your data in a doctor's file.

Some states have passed shield laws. California, Washington, and New York have statutes limiting out-of-state subpoenas for reproductive health data. They are good laws. They are also incomplete. A user in Arizona, where Pulsyn is headquartered, has no such shield. A user in Texas or Idaho is actively exposed. The legal patchwork means that the same Oura account, holding the same data, is legally vulnerable or protected based on which state border the user slept inside last night. That is not a privacy model. It is a lottery.

Clinical data on a laptop screen. The interface where medical information meets institutional access, and where privacy policies end and warrants begin

The predictive modeling problem

Even if you never enable menstrual tracking, even if you delete the cycle-tracking app from your phone, your wearable data can still be used to infer your reproductive state.

In September 2025, a bioethics team at the University of Texas published a paper titled "The Dark Side of Wearables: A Potential Fertility Surveillance Network." Their finding was unambiguous. Non-fertility data from wearables, including heart rate variability, sleep patterns, age, activity levels, and respiratory rates, can predict pregnancy with high confidence. Models trained on individual baselines rather than population averages need less data and return higher accuracy. The paper noted that young women are more likely than men or older individuals to own wearables, which makes the dataset even more precise for fertility-related predictions.

This means the risk is not limited to users who actively track their cycles. Any woman wearing a continuous biometric monitor is generating a dataset that can be mined for reproductive inference after the fact. The data does not need to be labeled "fertility" to be fertility data. It just needs to be complete, longitudinal, and stored somewhere a prosecutor can reach it.

I want to be precise about what I am claiming. I am not saying that Oura or Whoop are actively selling fertility profiles to law enforcement. I am saying that law enforcement has obtained warrants for health app data in criminal prosecutions. I am saying that the data architecture of these companies makes compliance with such warrants technically trivial. The server holds the data. The company holds the keys. The warrant compels disclosure. That is the chain. It has already happened with Facebook messages, search histories, and period-tracking apps. Wearables are next in line.

Why the cloud is the default

There is a reason every major wearable uses cloud sync, and it is not just user convenience. Cloud aggregation enables the business models that venture capital funds. Oura's $900 million valuation depends on recurring subscription revenue and the long-term value of a biometric dataset that improves with scale. Whoop's $30 monthly fee requires a persistent account. Fitbit's integration with Google's ad platform requires data centralization. The cloud is not a technical accident. It is the structural foundation of the subscription and data-economy models that dominate consumer health tech.

Local-first storage breaks that model. If the data never aggregates, you cannot sell subscriptions to "insights" that require server-side computation. You cannot train population-level models on user data without explicit opt-in. You cannot pivot to advertising or insurance partnerships based on aggregated health trends. Pulsyn's choice to go local-first is partly ethical, but it is also a rejection of the data-economy business model that wearable incumbents depend on. We charge $160 for the ring once. That is the entire transaction. There is no recurring revenue stream that requires keeping your data hostage on our servers.

What Pulsyn does differently

Pulsyn does not store your health data on AWS, on Google Cloud, or on any server we control. The ring transmits data to your phone over Bluetooth Low Energy in 16-byte packets. The phone stores it in a SQLCipher database encrypted with AES-256-GCM. The key derivation uses 600,000 PBKDF2 iterations, which is the OWASP 2023 recommendation for HMAC-SHA256. We do not know your PIN. We cannot decrypt your database. There is no "Pulsyn account" to subpoena because there is no Pulsyn server holding your data.

Fertility tracking, if you choose to use it, runs entirely on-device. Temperature trends, HRV baselines, and sleep pattern changes are computed locally. The model that infers cycle phase runs on your phone, not in a data center. If you delete the app, the data is gone. If you sell the ring, the data does not travel with it because the data was never on our infrastructure. If law enforcement serves Pulsyn with a warrant for your health records, we have nothing to hand over. The data does not exist in a place we can access.

This is not a privacy setting you toggle. It is the only mode the system operates in. You cannot accidentally opt into cloud sync because cloud sync is not a feature.

Hands holding a smartphone. The single device where Pulsyn stores, processes, and encrypts every biometric reading, with no server in between

The architecture is the policy

Privacy policies are written by lawyers and broken by warrants. Architecture is written by engineers and enforced by physics. A company can promise not to share your data. A server cannot resist a court order. The only reliable protection is data that was never collected in a centralized location to begin with.

I am not claiming that local-first storage makes Pulsyn immune to all legal risk. If law enforcement seizes your phone and compels you to unlock it, the data is accessible. A state-level adversary with physical access to your device and unlimited time can eventually extract most information. I would be lying if I said our encryption was proof against every threat model. What I am claiming is that Pulsyn removes the single easiest vector for mass surveillance and compelled disclosure: the centralized cloud database that holds millions of users' health records under one company's control.

Oura has sold roughly 2.5 million rings. Fitbit has over 100 million registered users. Apple Watch has hundreds of millions. The concentration of fertility-inferrable biometric data in five or six cloud silos is a systemic risk that no individual privacy setting can fix. Pulsyn's answer is architectural distribution: one user, one phone, one encrypted database, zero company access.

What I do not know

I am not sure how the legal environment will evolve. The Dobbs decision in 2022 shifted reproductive health privacy from a constitutional right to a state-by-state patchwork. Some states are adding protections. Others are adding penalties. The federal government has not passed broad consumer health data privacy legislation, and I do not have a confident prediction about when or if it will. That uncertainty is exactly why I designed Pulsyn to need no legal protection. The system is built to be safe even if the law fails.

I am also uncertain about how menstrual and fertility tracking will be regulated in wearable devices specifically. The FDA cleared Natural Cycles as a Class II medical device for birth control. They have not, to my knowledge, issued guidance on fertility inference from secondary biometric data in general wellness devices. That gap between medical device regulation and consumer wearable regulation is a gray area that larger companies will exploit until someone forces clarity.

What you can do now

If you currently use a wearable with cloud sync and you are concerned about reproductive health privacy, you have three options. First, disable menstrual tracking features and cycle app integrations in your wearable app. This reduces explicit fertility data but does not eliminate the inference risk from secondary biometrics. Second, request a full data export and deletion from your wearable provider. Under California's CCPA and similar state laws, you have a right to deletion, though the company may retain aggregated or de-identified copies. Third, switch to a local-first device that stores data on your phone with no cloud account.

Pulsyn is building that device. We are shipping in Q3 2026. The ring measures skin temperature, heart rate, HRV, SpO2, respiratory rate, and sleep stages. All of it stays on your phone. All of it is encrypted with a PIN only you know. We do not have a menstrual tracking toggle because we do not need one. The data is yours by default, not by setting.

If you want to be notified when pre-orders open, there is an email form on getpulsyn.com. We do not store those emails in a marketing automation platform. They go into a plain SQLite database on our own server, and I read them manually. That is a whole other blog post.

About the author

James Hoffmann is the founder of Pulsyn. He has been reverse-engineering BLE health devices for two years and believes that health data architecture should be designed for the worst-case legal scenario, not the best-case privacy policy.

References

  1. Laretto, P.S., Zimmerman, A., and Bowers, O. "The Dark Side of Wearables: A Potential Fertility Surveillance Network." Bioethics Today, 2 Sep 2025.
  2. Gross, P. "Data privacy after Dobbs: Is period tracking safe?" Stateline, 26 Jul 2024.
  3. Masunaga, S. "How data from period-tracking and pregnancy apps could be used to prosecute pregnant people." Los Angeles Times, 18 Aug 2022.
  4. Roberts, C. "These Period Tracker Apps Say They Put Privacy First. Here's What We Found." Consumer Reports, 30 Aug 2022.
  5. McCallum, S. "Period tracking apps warning over Roe v Wade case in US." BBC, 6 May 2022.
  6. Lyons, J. "Mozilla: 18 top reproductive health apps share your info." The Register, 17 Aug 2022.
  7. "Nebraska mother and daughter charged after police obtain Facebook messages." NBC News, Aug 2022.

Related Articles