People who worry that app data cannot be de-anonymized and used for nefarious purposes should consider the recent case of a high-ranking priest on the staff of the US Conference of Catholic Bishops.

He was using the Grindr gay hookup app from his Washington DC office to meet men for sex. He was jetting around the country doing the same at high priced gay clubs.

I don't like the guy, because he was a notorious homophobe promoting egregious anti-LGBTQ beliefs and practices while he got his gay rocks off, but ...

There's still a lesson here. Grindr had provided anonymized geo-tagged data to advertisers, like most apps do, assured that nothing nefarious could happen.

But all it took was some conservative activists and journalists buying publicly available data sets and combining them with data from ISPs to identify the priest.

I'm not unhappy he got outted, because he deserved it, but his outing is a frightening object lesson in how insecure our data is, and how people with ill intent can use supposedly private data to harm people.

Could that happen with period apps? Why not? The method those activists use to identify the priest supposedly doesn't work anymore. But then, it wasn't supposed to work when they used it in the first place.

People are clever. They find ways around privacy protections all the time.