|
|
Home
| Databases
| WorldLII
| Search
| Feedback
Law, Technology and Humans |
Contraception, Fertility Tracking, and the Limits of Medical Devices Regulation
Catriona McMillan
University of Edinburgh, United Kingdom
Abstract
Keywords: Femtech; digital contraception; period trackers; medical devices regulation.
Introduction
There is an increasing amount of health- and wellness-related software available for private use via download onto mobile devices, and much of this software may be described as personal health tracking technologies (PHTTs). Alongside this, there has been a notable boom in recent years in the availability of PHTTs aimed specifically at women’s health—known as ‘femtech’. The functions of this group of technologies range from smart breast pumps to software that aids in conception. Indeed, software targeted at tracking and controlling fertility makes up a substantial proportion of the femtech market. Femtech in general has been widely lauded as giving women, girls and people with wombs[1] power, knowledge and control over their bodies, but its rise has also been set against a concerning backdrop of a series of critiques and scandals regarding its evidence base (or lack thereof) and data sharing practices. The specific focus of this article is period trackers and digital contraception, both of which require the input of user data to calculate a user’s menstrual cycle via an algorithm, which may be used by some apps to determine a user’s ‘fertile window’. It is estimated that 50 million women use period tracker apps worldwide,[2] and they are particularly popular amongst younger smartphone users. Of particular concern is the growing evidence that menstrual cycle–tracking apps are being used as contraceptives because they indicate users’ ‘fertile window’.
In this paper, fertility-related femtech (FRF) (i.e., software that can be used to track one’s menstrual cycle, fertile window and day of ovulation) is distinguished from ‘digital contraceptives’ (i.e., software intended to be used as contraception by the manufacturer, such as Natural Cycles). This is primarily because the regulatory threshold of manufacturer intent is so important for capture by the relevant regulatory framework in the United Kingdom (UK): the Medical Devices Regulations 2002 (UK MDR 2002[3]). As discussed in further detail below, where a particular piece of software is placed on the market in Great Britain (GB),[4] it is only captured by the UK MDR 2002 if it is ‘intended by the manufacturer’ to be used for a particular medical purpose. The UK MDR 2002 is distinctly focused on whether medical devices function per their ‘intended’ use, something that I will argue is no longer suitable in today’s context where medical devices include not only physical products but also software that can have multiple uses. In this paper, it is asked, therefore, what if a device that is not explicitly intended for use as a medical device by the manufacturer might be reasonably used as one in practice? It is argued here that mHealth software has clear potential to do just that, and FRF is a key example of why that is the case. More granularly, it is argued here that FRF is a clear example of the fact that software has the potential to harm its users in the same way that physical medical devices can. Despite this potential for harm (i.e., unplanned pregnancy), the ambiguity surrounding what does and does not fall within the UK MDR 2002 calls into question the rigour that the current regulatory framework provides.
The core problem here is framed, therefore, as one of regulatory inadequacy.[5] It is important to briefly explore the meaning of this term before using it further in the analysis below. This work uses this term here to describe the scenario where regulatory subjects and/or objects fall outwith regulatory frameworks (i.e., the regulatory framework in question does not encompass or capture the subjects or objects it was intended to, or [in the case of frameworks like the UK MDR 2002, which arguably have been superseded by technological advancement], normatively, ought to).
This article is structured as follows. First, the category of FRF software is explored as a means for controlling conception. It is argued here that FRF that indicates users’ fertile windows may be reasonably used as contraception and are not mere ‘fitness’ or ‘wellness’ apps (which would mean they are not medical devices). It is underlined that this is of grave concern due to strong evidence that the performance of these apps often renders their predictions inaccurate. Next, the reach of the UK MDR 2002 in the field of digital contraception and FRF is articulated. The argument is made that the intention of the manufacturer is an ill-conceived threshold for regulatory capture of mHealth software, which is increasingly a consumer product as well as a medical device. In the final section of this article, it is argued that a false regulatory dichotomy has been drawn between fitness or wellness software and medical devices in the UK MDR 2002 and that this dichotomy is ill suited to software such as FRF, which increasingly acts as both.
Period Trackers: Mere Wellness Apps, or Contraceptives?
In the femtech market, there is a significant variation available in the types of apps relating to fertility, ranging from simple menstrual cycle–tracking calendars to complex self-learning algorithms to determine key events in the menstrual cycle (i.e., ovulation, fertile window and the user’s next period). It is important to note, however, that while the complexity of the software used varies, the information displayed to digital contraception and FRF users, in the end, is very similar.
Digital contraceptives such as Natural Cycles and Clue are an algorithmically enhanced form of the fertility-awareness or ‘rhythm-based’ method. Through digital contraceptive software, users can track menstrual cycle–related symptoms (e.g., cervical mucus, spotting, headaches), sometimes with the aid of a device such as a Bluetooth-linked thermometer or cervical mucus reader. Generally speaking, after a few months of data input,[6] software companies claim to be able to accurately predict ovulation and/or when a user is fertile, and this information is relayed to the user so that she can decide to abstain from intercourse to avoid getting pregnant. FRF operates in the same way to predict the same key events in users’ menstrual cycles, except FRF almost always operates without the use of an additional device to measure temperature or cervical mucus. FRF predicts similar events, such as the start and end of the menstrual cycle, ovulation date and ‘fertile window’.[7] Women have used fertility awareness–based methods to track their cycles and when they are likely to be fertile for centuries.[8] Fertility awareness–based methods, or ‘natural family planning’, can be up to 99% effective according to the National Health Service (NHS),[9] yet there is evidence to suggest that in ‘real-life’ terms, there is huge variability in these methods’ success due to the large role human error can play,[10] which is arguably relatively more of a variable in success than in other forms of contraception.[11] While fertility awareness–based methods are not new, the technological aspect of them certainly is. Users of digital contraception and FRF are leaving their health in the metaphorical hands of an algorithm.[12]
Fertility-Related Femtech and the ‘Fertile Window’: Performance Evidence
The menstrual cycle is traditionally characterised as being 28 days in length, with bleeding beginning on day 1 and ovulation on day 14. The fertile window lasts for around six days, which is the day of ovulation plus five days previous (the egg is only viable for 24 hours, but sperm can last for up to five days in the genital tract).[13] However, in the past few years, studies have expanded on that characterisation,[14] and we now understand that cycles vary from 23 to 35 days.[15] The day of ovulation therefore also varies widely; for example, one study of 2.7 million cycles found that only 24% of ovulations occurred on day 14 or 15 of their cycle.[16] As discussed in this section, there is strong evidence to suggest that FRF app design integrates these traditional assumptions about ‘normal’ cycles, which can not only be exclusionary but also lead to poor advice and inaccurate results.
With both digital contraception and FRF, users input data (regarding, for example, bleeding, mood, cervical mucus) and receive an algorithmic prediction of the start of their future menstrual cycles. The majority of both kinds of apps provides predictions about the user’s fertile window and day of ovulation, too.[17] Some (but, crucially, not all) apps indicate in their instructions or advertising material that they make these predictions using a self-learning algorithm, which means that the longer users track their data, the more ‘accurate’ predictions get.[18] And evidence suggests that these algorithms tend to be based on the ‘average’ cycle.[19] Therefore, menstrual cycle dates alone cannot be used to identify the fertile window accurately, at least for the first few months.[20] However, unfortunately, a majority of software relating to fertility tracking does just that. A cross-sectional audit study of apps that track fertility[21] found that the majority of apps used calendar dates to predict ovulation, rather than other more reliable markers such as basal body temperature, luteinising hormone surge or cervical mucus.
This is reinforced by there being strong evidence to suggest that many fertility tracking apps fail to predict the fertile window with accuracy.[22] Worsfold and colleagues, for example, found in their study of 10 period-tracking apps that conflicting information was given regarding ovulation day, user fertile window and period dates, and where their participants’ cycles fell outwith the ‘traditional’ length, errors in algorithmic predictions were far more likely.[23] Moreover, Zwingerman found that while there are some quality FRFs available, ‘many more are of low quality, and users should be wary of relying on their predictions to avoid pregnancy or to maximize chances of conception’.[24] For example, one review of 73 calendar-method tracking apps found that none could accurately predict ovulation.[25] Duane and colleagues studied 40 fertility tracking apps across various stores (e.g., Google Play, Apple Store)- the apps specifically omitted a warning against the apps being used as contraception but did claim that the apps were an evidence-based fertility-awareness method. Of those, one-quarter did not accurately predict the user fertile window, and only six of the apps reviewed had ‘perfect’ accuracy. Duane and colleagues found that most ‘fertility apps are neither designed for avoiding pregnancy nor founded on evidence-based [fertility awareness–based methods]. Several popular apps use their own algorithms, which are difficult to assess because they have not been evaluated in peer-reviewed literature’.[26]
Algorithmic efficacy aside, another key issue with any femtech software, be it digital contraception or FRF, is that they are only as accurate as the data input by the user. Unless users put in detailed information on a regular (usually daily) basis, the performance of the algorithm, if the software even uses one, is likely to be reduced if not ineffective. As one digital contraceptive user wrote of their experience:
I now know that the ideal Cycler is a narrow, rather old-fashioned category of person. She’s in a stable relationship with a stable lifestyle. (Shift-workers, world-travellers, the sickly, the stressed, insomniacs and sluts be advised.) She’s about 29, and rarely experiences fevers or hangovers. She is savvy about fertility and committed to the effort required to track hers. I could add that her phone is never lost or broken and she’s never late to work. She wakes up at the same time every day, with a charged phone and a thermometer within reach.[27]
Contraceptive effectiveness is often framed in terms of ‘perfect’ and ‘typical’ use, indicating that contraceptive manufacturers and healthcare providers expect human errors to be made—for example, for one dose of oral contraceptive to be forgotten. However, the complexities of daily self-monitoring required by FRF, as exemplified by the above quotation, are arguably more cumbersome than other contraceptives. These complexities, combined with the large margin of algorithmic error evidenced above, mean there is a clear and acute risk to FRF users.
Interim Conclusion I
While with some digital contraception, there are paired devices that can assist with accuracy, with FRF, for the reasons outlined above, not all apps can accurately predict users’ fertile window, and studies suggest that women may be using FRF apps for the prevention of pregnancy even though they are not explicitly marketed as contraception.[28] Of note, a popular fertility and period-tracking app, ‘Clue’, recently acknowledged this issue. In 2021, the company released on their website the following statement indicating that it will be removing the ‘fertile window’ from their app:
The fertile window in the Clue app was an approximation that didn’t account for the variability of each person’s cycle. Because there is too much variation from one person to another, and from cycle to cycle, we determined that it could be misleading to those who wish to use the fertile window to avoid pregnancy.[29]
The fertile window has since returned to the app, but now Clue have included a disclaimer when users first download the app indicating that it has different ‘modes’ depending on the way in which the user intends to use it: ‘Clue Period Tracking’, ‘Clue Conceive’ and ‘Clue Pregnancy’. The information section for the software explicitly states that it is for these uses only, as it states: ‘Clue should *not* be used as a contraceptive’.[30] The company has begun rolling out its own birth control app in the United States (US),[31] but it does not appear to be available elsewhere. While Clue has led the way in providing some clarity and care for their users and is a good example of corporate responsibility and good practice, many other FRF apps still indicate users’ ‘fertile window’ without any such caveats or warnings.[32]
It is clear from the evidence cited above and the actions of Clue that FRF may reasonably be used for contraceptive purposes by its users. It seems that the indication of the ‘fertile window’ is crucial here, and one might reasonably assume that having intercourse outwith this window means that they cannot get pregnant at that time. This is true (as above, with up to 99% effectiveness) when the window is predicted accurately.[33] Yet it is clear, in many cases, that FRF is not accurate for a myriad of reasons, from lack of use of a self-learning algorithm (calendar-only apps) to basing algorithms on the 28-day cycle ‘norm’.
While it is important to note that the issues highlighted above only affect those with the means to download FRF and are, therefore, limited to the relatively socio-economically advantaged, smartphone use worldwide is increasing at a rapid pace.[34] Smartphones, and the popular mHealth technologies that are readily available to use with them, are here to stay. Indeed, one survey has indicated that 80% of women intend to use a fertility tracking app at some point in the future. It is therefore crucial that all mHealth is regulated in a sufficiently stringent way to protect its users, and given the devastating consequences that unintended pregnancy can have for some, it is crucial that this is the case for FRF. However, as mentioned above, only digital contraception is caught by the relevant regulatory regime for safety and performance in GB, and despite the clear dangers it poses, FRF is not captured by the UK MDR 2002.
Fertility-Related Femtech as Contraception and the ‘Fertile Window’: A Clear Regulatory Gap
Aside from the UK and the European Union (EU) (from whence the UK’s regulation is derived), the US is the other world leader in terms of medical devices regulation, and work has already been done to highlight the difficulties presented by the regulation of femtech and contraceptive software there.[35] This analysis focuses on the framework currently operating in GB (Scotland, Wales and England). This framework, despite GB’s exit from the EU, is still derived from EU law (i.e., the UK MDR 2002).
As some brief context on the regulatory environment for medical devices, Regulation (EU) 2017/745 (EU MDR), which governs medical devices in the EU Member States and Northern Ireland, came into force on 26 May 2021. Before this, medical devices in the EU were regulated by the Medical Devices Directive (EU MDD),[36] which is now obsolete due to the EU MDR. The EU MDR does not apply to GB, however, because these regulations came into effect after the Brexit transition period and were therefore not automatically retained under the EU (Withdrawal Agreement) Act 2020.[37] Notably, the Medicines and Medical Devices Act 2021 confers power on the Secretary of State to amend or supplement the existing UK MDR 2002 framework. In 2021, the UK Government’s ‘Consultation on the future regulation of medical devices in the United Kingdom’[38] concluded, and any new regulations will be made using the delegated powers provided in the 2021 Act. This consultation focused on updating the UK MDR 2002 to align with international standards and address emerging challenges. Key aspects addressed include the definition of software as a medical device (SaMD), its categories of risk and the concept of ‘intended’ purpose. These proposed definitions and amendments are not expected to come into force until 1 July 2025,[39] however, and therefore do not presently affect the definition of ‘medical device’ or any related concepts in this discussion.
The UK MDR 2002 is enforced by the Medicines and Healthcare products Regulatory Agency (MHRA), which performs surveillance of all medical devices placed on the UK market. All medical devices need to be registered by the manufacturer with the MHRA before the devices can be placed on the market. Where the manufacturer is not based in the UK, this registration needs to be carried out by a ‘UK Responsible Person’.[40] Medical devices placed on the market must have either a CE or UK Conformity Assessed (UKCA) mark, which in short means that the manufacturer has checked that their device satisfies the legislative requirements for the EU or GB market, respectively.[41] A recent extension to transitional arrangements means that medical devices with a valid CE mark can continue to be placed on the GB market until 30 June 2028 (30 June 2030 for in vitro diagnostic devices) if they comply with the older EU MDD, but measures have been put in place so various types of medical devices can be placed on the market as long as they are compliant with newer EU MDR rules up until 2030. UKCA marking will be used in GB post-June 2023, but these are not recognised in the EU, the European Economic Area or Northern Ireland (although the UK Government recently guaranteed Northern Ireland businesses ‘unfettered access’ to the GB market).[42] The task of conformity assessment is carried out by third-party bodies known as UK Approved Bodies[43] (previously Notified Bodies).[44] These are companies that are given the competence by the MHRA to assess whether medical devices meet the UK MDR 2002.
All medical devices are subject to a classification system within the MDR: I, IIa, IIb and III.[45] These classes are to be interpreted in accordance with Annex IX of the EU MDD,[46] which sets out that all non-invasive[47] devices are Class I unless one of the rules for categorisation within Classes IIa, IIb or III applies.[48] In short, as the Class categorisation increases, so does the risk posed by the medical device: Class III being the highest risk (e.g., implantable long-term invasive devices such as intra-uterine devices tend to be Class III), and Class I being the lowest (devices that may be internally used, but only transiently, such as a scalpel, are Class I). Class II devices are generally regarded as medium risk, and this category is split into two sub-categories, IIa and IIb, reflecting lower and higher risk, respectively. Class IIa includes surgically invasive devices intended for short-term use and non-invasive devices intended for channelling or storing bodily fluids, for example.[49] Class IIb generally includes some invasive devices for longer-term use,[50] but it also includes other devices such as condoms,[51] blood bags[52] and devices intended for disinfecting contact lenses.[53] Digital contraception falls within Class IIb,[54] and while risk categorisation is not the specific focus of this analysis, notably, this Class arguably does not adequately protect users of digital contraception.[55] As I have argued elsewhere, placement in Class IIb (alongside condoms) does not reflect the long-term nature and high degree of user input required for digital contraception to work: this type of contraception is arguably more akin to other forms of long-term contraception that are in Class III.[56] In short, this system of categorisation is ill equipped to deal with the new challenges that SaMD presents,[57] and as such, placing digital contraception in the same regulatory category as a condom ignores the long-term nature of its use and the acute impact that it can have on users should it fail to work.[58]
Generally speaking, most mHealth software if captured by the UK MDR 2002, qualify as Class I devices, which means that they can self-certify (i.e., they do not need to be certified by a UK Approved Body). ‘Fitness’ or ‘wellness’ apps, as further discussed below, are explicitly excluded by MHRA guidance.[59] Yet, FRF is arguably not a mere ‘wellness’ app, and as outlined next, there is a distinct issue of regulatory inadequacy relating to FRF when this software can be reasonably used for the same medical purpose (i.e., control of conception) as digital contraception.
Fertility-Related Femtech: A Case of Regulatory Inadequacy
The issue of regulatory inadequacy in the case of FRF (and, arguably, other types of mHealth and PHTTs) lies with the ambiguity surrounding key definitions within the UK MDR 2002. In other words, to be captured by the regime, products must fall within the rather limiting definition set out below. To quote extensively from the UK MDR 2002, section 2(1) defines a ‘medical device’ as follows:
‘medical device’ means any instrument, apparatus, appliance, software, material or other article, whether used alone or in combination, together with any accessories, including the software intended by its manufacturer to be used specifically for diagnosis or therapeutic purposes or both and necessary for its proper application, which—
(a) is intended by the manufacturer to be used for human beings for the purpose of-
(i) diagnosis, prevention, monitoring, treatment or alleviation of disease,
(ii) diagnosis, monitoring, treatment, alleviation of or compensation for an injury or handicap,
(iii) investigation, replacement or modification of the anatomy or of a physiological process, or
(iv) control of conception; and
(b) does not achieve its principal intended action in or on the human body by pharmacological, immunological or metabolic means, even if it is assisted in its function by such means,
and includes devices intended to administer a medicinal product or which incorporate as an integral part a substance which, if used separately, would be a medicinal product and which is liable to act upon the body with action ancillary to that of the device.[60]
There are several elements that contraceptive software must satisfy if they are to be captured by the regulations as a medical device. The most straightforward and objective is the medical purpose of the device; for digital contraceptive software, this clearly engages point (iv) above. However, as Sheppard highlights, the other elements required to meet the definition of ‘medical device’ are far more subjective, and if both elements are not satisfied, the software would be a ‘mere consumer product’, not a medical device.[61] In the realm of PHTTs, including FRF, however, the line between medical device and consumer product is somewhat blurred. On the matter of ‘consumer product’, it should be noted that physical medical devices are also captured by product liability law but only ex post any adverse event,[62] as opposed to ex ante as with the UK MDR 2002. Moreover, software is not covered by product liability legislation. This looks to be changing in the EU,[63] and in the future, perhaps it would be helpful for GB to follow suit. While complexities surrounding the relation between consumer protection and medical devices regulation undoubtedly exist, reference to ‘consumer products’ in this article refers to the broader, general meaning of the term rather than product liability law specifically. In what follows, each of the core definitions of the terms emphasised in the quotation above (i.e., ‘control of conception’, ‘software’ and ‘intended by the manufacturer’; the definitions that specifically affect the capture of contraceptive software) are expanded upon.
‘Control of Conception’
‘Control of conception’ is not defined within the framework, yet, of the key thresholds for regulatory capture of FRF by the UK MDR 2002, this one is the plainest of the three. The term was expanded upon in the MHRA’s core guidance Medical Device Stand-Alone Software Including Apps (Including IVDMDs),[64] which has a page dedicated to SaMD for the control of conception. This guidance states that control of conception ‘includes devices that claim to be directly able to make pregnancies more likely or to be able to prevent pregnancy’.[65] The guidance also provides guidelines on medical devices’ classification and states that ‘all devices used for contraception or the prevention of the transmission of sexually transmitted diseases are in class IIb’.[66] This reflects a clarification made in 2019 by the EU Medical Device Coordination Group[67] that software used for contraception is governed by Rule 15 of Regulation (EU) 2017/745, meaning that this software should be classified Class IIb.
According to the MHRA guidance, ‘the monitoring of general fitness, general health and general wellbeing is not usually considered to be a medical purpose’.[68] It expands that examples of monitoring may include:
apps and software that monitor a patient and collects information entered by the user, measured automatically by the app or collected by a point of care device may qualify as a medical device if the output is intended to affect the treatment of an individual.[69]
Taking the first threshold for capture by the UK MDR 2002, which is having a ‘medical purpose’, it is arguable that period trackers fall within the remit of the UK MDR 2002 if we accept their potential for use for control of conception. However, they are currently easily categorised by manufacturers as software that ‘monitors fitness/health/wellbeing’,[70] and thus are treated only as a consumer product.
‘Software’
‘Software’ is not defined anywhere in the UK MDR 2002, and the only place this term is specifically mentioned is under the definition of ‘medical device’ above. In fact, the word ‘software’ was not included in the original iteration of the UK MDR 2002, but it was added to section 2 of the UK MDR 2002 by the Medical Devices (Amendment) Regulations 2008 section 2(h).[71] The MHRA guidelines on software, however, now quote the European Commission (EC) guidelines, which describe software as ‘a set of instructions that processes input data and creates output data’.[72] In many cases, software can be paired with a device (e.g., a thermometer), but even stand-alone software must be classified according to the rules set out above. As mentioned above, the MHRA’s guidelines specifically mention digital contraception as SaMD, so the issue of the meaning of ‘software’ itself as contraceptive software is also caught by the regime. Save for this guidance, software is not distinguished from physical medical devices and thus has the same requirements as physical medical devices under the regulations. As will be discussed in the final section of this paper, this lack of differentiation is becoming increasingly problematic due to the grey area between a medical device and a ‘fitness/health/wellbeing’ consumer product that health software can sometimes occupy.[73] Moreover, as others have highlighted, the incorporeal nature of software is increasing ambiguity surrounding what is and is not captured by the UK MDR 2002.[74] This ambiguity broadly revolves around the ‘intent’ of the manufacturer, which is discussed next.
‘Intended by the Manufacturer’
Notably, the definition of ‘intention’ has come before the Court of Justice of the European Union, to somewhat unsatisfactory outcomes,[75] but it has yet to be discussed in British courts. In section 2(1) of the UK MDR 2002, ‘intended purpose’ is defined as follows:
(a) in relation to an active implantable medical device, the use for which it is intended and for which it is suited according to the data supplied by the manufacturer in the instructions relating to it;
(b) in relation to any other medical device, the use to which the device is intended according to the data supplied by the manufacturer on the labelling, the instructions for use and/or the promotional materials;[76]
The MHRA guidance on SaMD expands that promotional materials may include ‘app store description and category, the landing page, the manufacturer’s social media channels.’[77] Beyond that, there is little detail or available examples, which has left much room for interpretation. This ambiguity has a crucial influence on the capture (or lack thereof) of medical devices by the UK MDR 2002, and as Ludvigsen and colleagues point out,[78] the requirement that intent be found on labelling, instructions and so on is a ‘gatekeeper’ as to whether the UK MDR 2002 applies at all.
The updated MHRA guidelines on SaMD also now point to the document Crafting an Intended Purpose in the Context of Software as a Medical Device (SaMD), which states that ‘creating a clear intended purpose is essential for successfully navigating the regulatory requirements for medical devices. In addition, the MHRA encourage manufacturers to maximise the benefits of a clear intended purpose by making this information publicly available’.[79] Section 3 of the document states that:
intended purpose must be construed objectively from the standpoint of an objective observer. This is considering the information supplied by the manufacturer on the labelling, the instructions for use and/or promotional materials and technical documentation including the clinical evaluation report.[80]
The document also includes key elements of an intended purpose, which include a description of the device’s structure and function; the population the device is intended for; the people by whom the device is to be used; and the environment in which the device is intended to be used.[81] The document also addresses the scenario in which vague intended purposes are supplied by the manufacturer, noting that this may lead to less than robust evidence trials of the device. This is somewhat promising and seemingly encourages companies like Clue to promote a clear indication of their software’s intended purpose. Yet it is not clear in this document whether the issue of clear statements of intention will be enforceable going forward. Vague intended purposes are not discouraged in any other way by the medical devices regime, it seems, and notably, UK Approved Bodies do not assess the intention of the manufacturer.
The ambiguous regulatory threshold of ‘intention’ is not a suitable test for capture by the medical devices regime, where user expectations and outcomes of FRF (i.e., control of conception and/or pregnancy) are exactly the same as digital contraception, which is caught by the regime. The meaning and scope of ‘intended by the manufacturer’ have been widely criticised.[82] This criticism has been addressed to some extent in a recent ‘Consultation on the Future of Medical Devices Regulation in the United Kingdom’, which suggests that intention should be clarified so that it is ‘assessed at the standpoint of an objective observer and is not a question of what the subjective intention of the manufacturer might be’.[83] Yet it remains to be seen when such a clarification will take place (the consultation points to 2024) and, further, whether any test set out for the ‘objective observer’ might include ‘reasonably foreseeable’ use of the device in question. Notably the UK MDR 2002, which is the focus of this discussion, does not contain any reference to ‘foreseeability’; however, it is worth noting that the EU MDR and the In Vitro Diagnostic Regulation (IVDR)[84] do reference ‘foreseeable hazards’[85] and ‘reasonably foreseeable misuse’,[86] and minimisation of ‘all known and foreseeable risks’[87] within Annex I General Safety and Performance Requirements. As Quigley and Downey note, taking an expansive interpretation of this could be reasonably interpreted as capturing ‘(mis)uses of medical devices which are foreseeable’, including period trackers that could be used for contraceptive purposes or as an aid to conception.[88] They point out that the EC Blue Guide[89] supports this interpretation of Annex I, which states that manufacturers should consider uses of the product that may be reasonably foreseen before being placed on the market.[90] The Blue Guide also states that manufacturers should look beyond the intended use of their product and ‘place themselves in the position of the average user ... and envisage in what way they would reasonably consider to use the product’.[91] EU regulations and guidance clearly underline, then, the arguments offered here regarding law and regulation in GB (as it currently stands). It may not be enough, even, for FRF to explicitly state that the products are not intended to be used as such[92] (as Clue has done), according to the above.
Foreseeable use is important for multi-use software like FRF, where manufacturers can evade responsibility by declaring their intention in a vague or evasive manner. There is evidence to support the broader concern that manufacturers may well be purposefully evading such responsibility. For example, a cross-sectional audit study of 90 fertility tracking applications found that only 10% of apps surveyed mentioned their app was not to be used as a medical device, and the study concluded that ‘inaccurate and unreliable calendar apps remain the most commonly available apps on the market but give women inaccurate information about their fertile window’.[93] And this is not just an issue for digital contraceptives or femtech, but for mHealth software more broadly. Mantovani and Bocos observe (in the context of the EU medical devices regime) that the thorough certification process is rarely applied to mHealth apps because of the ambiguity surrounding ‘intended purpose’. They explain:
This concept allows app developers to create apps that analogous to medical devices (i.e., having similar functions), but, because they have not been intended by their manufacturers to attain a medical purpose, they do not need to satisfy the stringent safety checks foreseen in the [Medical Devices Directive].[94]
One might argue that ‘reasonably foreseeable use’ has no utility here due to the fact that all objects and software have the potential for misuse in one way or another. In this case, however (and in many other examples where reasonable foreseeability is used as a test), there is a clear case and utility for using this as a legal threshold. The following provides a stark example: there is a clear difference between i) the degree of foreseeability of people using FRF to predict fertility when terms such as ‘fertile window’ are used (notwithstanding the strong evidence to suggest users use it for this)[95] and ii) less predictable types of misuse such as someone using their smartphone as a blunt weapon.
While not the core mechanism for ‘capture’ by the UK MDR 2002 (at least in the case of FRF), it is of note that there is some ambiguity regarding ‘manufacturer’, too. It seems that the manufacturer, irrespective of their location, must comply with the UK MDR 2002 because placing on the market is defined in section 2(1) as follows:
‘placing on the market’ means, in relation to a medical device, the first making available in return for payment or free of charge of a new or fully refurbished device, other than a device intended for clinical investigation, with a view to distribution, use, or both, on the Great Britain market and related expressions must be construed accordingly;[96]
In section 2(1) of the UK MDR 2002, ‘manufacturer’ is defined as:
(a) the person with responsibility for the design, manufacture, packaging and labelling of a device before it is placed on the market under his own name, regardless of whether these operations are carried out by that person himself or on his behalf by a third party; or
(b) any other person who assembles, packages, processes, fully refurbishes or labels one or more ready-made products or assigns to them their intended purpose as a device with a view to their being placed on the market under his own name, apart from a person who assembles or adapts devices already on the market to their intended purpose for an individual patient;[97]
As Quigley and Downey highlight, software can be collaborative in nature and tends to be developed, updated and maintained by multiple people across the globe.[98] These days, it is relatively easy to set up and develop software, which, they add, means that there are new types of ‘manufacturers’ at play here—for example, amateurs who might be unaware that their software might fall under the UK MDR 2002. They also note that for some projects, there may be no legally recognisable body or company behind the software.[99] While it appears that the majority of digital contraception and FRF apps are created by companies rather than individuals, the veracity and extent of this are not easy to discern from the information available on app stores. Some of the more basic forms of FRF, such as simple calendars (without an algorithm), are relatively easy to create and could reasonably be created by DIY app enthusiasts or ‘hobbyists’.[100] If that is the case, it is not clear whether some FRF falls within the remit of ‘manufacturer’ per the UK MDR 2002, which, as Quigley and Downey rightly note, is unsatisfactory given contexts like this in which software hobbyists’ activities could potentially cause significant harms and, as such, ought arguably to be captured by regulation in this area.[101]
Interim Conclusion II
FRF, as a case study, makes clear that ‘intention’ is an inappropriate regulatory threshold for the capture of mHealth software by the UK MDR 2002. FRF, namely period trackers, clearly indicates messages of ‘control’ over one’s body[102] but almost always indicates core events in the menstrual timeline such as ‘ovulation day’ and ‘fertile window’, the implication of which for many users would be that they cannot get pregnant outwith that window. As discussed above, for this very reason, the femtech company Clue changed its warnings and advertising to reflect this danger. The fact that the UK MDR 2002 focuses on manufacturer intention rather than user safety (in a market where medical devices are increasingly available for private use, not just via medical professionals) reveals a clear gap in the regime.[103] Software is increasingly being developed in ways that mean it is multipurpose, and as it stands, the UK MDR 2002 leaves medical device users (as private consumers) open to serious health risks because any reasonably foreseeable dangers can be expressly denied by the manufacturer. In fact, it is arguably rare that regulatory frameworks focus so directly on manufacturer intention, and as FRF demonstrates, there is a case to be made for more emphasis to be put on the effects and reasonable uses of a particular device. For this reason, the next and final section of this paper argues that the UK MDR 2002, as it is currently constituted, fundamentally fails to recognise the increasingly blurred distinction between i) ‘fitness’ and ‘wellbeing’ software and ii) medical devices before going on to briefly discuss potential solutions for future iterations of the medical devices regime.
‘Fitness’ and ‘Wellbeing’ Versus Control of Conception: A False Regulatory Dichotomy
As the UK MDR 2002 currently stands, in terms of regulatory inadequacy, there are clear patient safety concerns for mHealth users in general,[104] for two reasons: i) much of this software tends to be categorised as a ‘lifestyle/wellness’ app, a stated purpose that evades medical devices regulation altogether; and ii) even if an app is classified as a medical device, the complexities of factors including ‘medical purpose’, ‘intent’ and risk group analysis strongly bear on the safety and performance checks that take place. On the other hand, there is a case to be made for reconfiguring the classification system so that the assessment of risk is less focused on the potential danger posed by physical devices (i.e., the regulatory focus on the risk posed by the long-term internal placement of a foreign object such as an intra-uterine device) and instead focused more broadly capturing the real risk that software, despite having no physical presence, can have.[105] In this paper, however, a slightly different case is being made—that it is concerning that the UK MDR 2002 continues to focus on the manufacturer’s intended use of software when, increasingly, software may be reasonably interpreted as offering information that may be used to make a diagnosis or inform treatment decisions (rather than mere presentation of information),[106] as this case study of FRF exemplifies. While there is scope to infer intention when it comes to the marketing of particular medical devices, there is clearly room for evasion of the regime where that intention is not clear. Further, as this analysis has shown, it is not the intention of the manufacturer that matters from the perspective of medical devices user protection; rather, it is the ways in which the software might be reasonably used. In other words, FRF and other forms of mHealth software available on app stores can be both ‘fitness/wellbeing’ software and a medical device, depending on how it is used. In terms of next steps, then, how might any future iterations of the UK MDR 2002 better capture software that seems to defy this dichotomy?
The distinct focus of the UK MDR 2002 on the performance of the device itself (i.e., ‘Does it work?’) rather than on the people who use it is a curious artefact of a regime that once applied to physical products only, and this must be addressed. In other words, the experience of SaMD users highlights that the latter question requires expansion: ‘Does it work for all the ways in which it might be reasonably used?’ There are two ways in which this question might be addressed through law and regulation: through i) pre-market and ii) post-market mechanisms.
Regarding the first way, a clear consequence of the analysis offered here is that any future iterations of the UK MDR 2002 should address the ambiguity of ‘intent’ within the current regime. As Ludvigsen and colleagues sensibly propose, one option is to assess both direct intention (i.e., stated) and indirect intention (i.e., the device’s capability) of the software.[107] Practically speaking, clearer rules regarding intent should in turn require companies to have clearer labelling regarding the intended use of their software, and therefore, disclaimers such as those issued by Clue (mentioned above) could be encouraged to be put into wider practice. Another complementary step may be to align the framework in GB (if not the UK) with an expansive interpretation of the EU framework given in the Blue Guide (discussed above), although this does not seem likely at present. That being said, some promising moves have been made towards addressing the issues discussed here recently. As mentioned above, a recent UK Government Consultation on the Future of Medical Devices Regulation in the United Kingdom has recognised that the applications of SaMD (including AI) have grown well beyond what was envisioned when the existing UK MDR 2002 was developed and that the applications of SaMD will only continue to grow in the coming years. The government’s response commits promising steps towards the concerns highlighted here[108]—for example, the consultation indicates plans to align the UK MDR 2002 with the International Medical Device Regulators Forum’s (IMDRF) more expansive software classification system.[109]
In terms of the second way, the analysis offered here is underlined by Yu’s analysis of the current EU medical devices framework, regarding which she argues that information on the ‘actual use’ of devices should be made available by manufacturers to provide better regulatory oversight of consumer devices that are used to make personal decisions on health.[110] As Yu points out, there is scope to continually adapt to new uses of digital health technology by tracking actual use through post-market surveillance.[111] Post-market surveillance is, of course, difficult to enforce in the case of FRF, where the software is not caught by the UK MDR 2002, and in any case, it is quite likely that many manufacturers already have enough data available to determine the actual use of their products. Moreover, while the UK Government’s consultation on medical devices proposes to improve PMS activities,[112] it is not clear from the consultation whether assessment of the ‘actual use’ of devices is part of their plan.
As mHealth use continues to rise, it is important that law and regulation respond to the uncertainty that arises every time society rapidly takes up new technologies. The nature and contours of the issues surrounding the ability of law and regulation to ‘keep up’ with technological advancement have been explored in depth elsewhere[113] and are under constant debate. Femtech may in the future present new challenges for law and regulation not foreseen here, yet regardless of this, the inadequacy of the UK MDR 2002 as a framework for FRF and other times of SaMD has left stark the inadequacy of the assumptions, values (or lack of) and norms[114] embedded within the regulatory structure and provides an opportunity to think more holistically about what we want and need from this system as users of SaMD. It is not claimed here that regulatory adequacy (i.e., better capturing what law, normatively speaking, ought to) completely dispenses with all the issues highlighted here (e.g., human error will always be a big variable in success, as with the contraceptive pill); nonetheless, regulatory adequacy would be a meaningful and necessary step towards better regulating a technology that has a severe and increasing impact on women’s health. Should such an exercise in rethinking and reframing this field take place, future iterations of law and regulation will be better placed to deal with any unforeseen developments in these technologies. Indeed, this is the optimal time for such a rethinking to take place, as GB is in a period of transition in this area.[115]
As Sheppard puts it, ‘laws and regulations ... do play a part in enhancing certainty and predictability both as regards the security and safety of technology’.[116] FRF demonstrates a need, going forward, for not only a principled shift towards clarity on the core mechanism for capture by the regulatory system, ‘intent’, but also a shift of focus to the fact that the rise of PHTTs and SaMD has fundamentally changed the way in which we access, and sometimes now privately purchase, medical devices. Whether any future regulation will, in practice, address the issues outlined here remains to be seen, and notably, the abovementioned consultation does not specifically mention or address the issue of digital contraception despite its unique risk to women’s health. Unless companies, of their own accord, take steps to make clear that devices should not be used for purposes other than their intended use with a suitable disclaimer, users are left at risk and should not be left to the whim of private companies’ sense of responsibility.
Conclusion
The focus of the UK MDR 2002, as it stands, misses a vital point about the clear impact mHealth and PHTTs can have on users’ health and wellbeing, and FRF provides a clear example of this. Put simply, pregnancy (whether intended or not) is uniquely and acutely impactful on women’s health. Objectively, FRF (where it indicates a fertile window) is a ‘digital contraceptive’, but as the above has shown, this software is not treated as such by the medical devices regime. FRF is not merely ‘fitness’ or ‘wellbeing’ software, and nor should it be understood as such by law and regulation. To achieve an adequate regulatory response, any future iterations of the UK MDR 2002 must take a wider view of what is at stake here and properly capture mHealth, such as FRF, where there are clear and reasonably foreseeable risks to users at stake. As argued elsewhere, this lack of capture is symptomatic of a broader systemic ignorance of the attention to equality, diversity and feminist perspectives that the regulation of reproductive health requires.[117] Indeed, it would be remiss to go without noting that the development of any technology in the sphere of women’s reproductive health, while painted with messages of freedom of empowerment, sits against a darker backdrop of control and stigma surrounding our bodies. Digital contraception and FRF, and mHealth more generally, also raise security and privacy concerns, which have come to the fore in recent times due to the overturning of Roe v Wade in the US.[118] As the environments in which health and self-care change—by moving away from the clinic and into the home via smartphones and other technologies—law and regulation must protect people’s health and wellbeing. There is a clear false dichotomy in the medical devices regime between ‘fitness/wellness’ software and ‘medical device’ in a market in which device users are increasingly also consumers. This means that the UK MDR 2002 is suffering from regulatory inadequacy (i.e., it is not capturing what, normatively, ought to be captured). More stringent regulation is a clearer way of preventing FRF from leading to unintended pregnancy; from a public health perspective, it is not only in the better interest of users but also a more efficient way of reducing associated long- and short-term costs.[119]
Acknowledgements
My thanks are owed to Muireann Quigley, Laura Downey and the two anonymous reviewers for their helpful comments on this paper. The conceptual stage of the work for this article was funded by the British Academy, grant no. [PF20/100019].
Bibliography
Ali, Roshonara, Zeynep B. Gürtin, and Joyce C. Harper. “Do Fertility Tracking Applications Offer Women Useful Information about Their Fertile Window?” Reproductive BioMedicine Online 42, no 1 (2021): 273–281. https://doi.org/10.1016/j.rbmo.2020.09.005.
Apple Store. “Clue.” Updated November, 2023. https://apps.apple.com/us/app/clue-period-cycle-tracker/.
Bennett Moses, Lyria. “Recurring Dilemmas: The Law’s Race to Keep Up with Technological Change.” UNSW Law Research Paper No. 2007-21, 2007.
Brownsword, Roger. “In the Year 2061: From Law to Technological Management.” Law, Innovation and Technology 7, no 1 (2015): 1-51. https://doi.org/10.1080/17579961.2015.1052642.
Bull, Jonathan R., Simon P. Rowland, Elina Berglund Scherwitzl, Raoul Scherwitzl, Kristina Gemzell Danielsson, and Joyce Harper. “Real-World Menstrual Cycle Characteristics of More than 600,000 Menstrual Cycles.” npj Digital Medicine 2, no 1 (2019): 83. https://doi.org/10.1038/s41746-019-0152-7.
Burt-D’Agnillo, Madelin. “FemTech: A Feminist Technoscience Analysis.” The iJournal: Student Journal of the Faculty of Information 8, no 1 (2022): 13-23. https://doi.org/10.33137/ijournal.v8i1.39909.
Clue. “One Year of Clue Birth Control.” Accessed November 3rd, 2023. https://helloclue.com/articles/about-clue/one-year-of-clue-birth-control.
Clue. “Why We Are Removing the Fertile Window.” Accessed November 3rd, 2023. https://helloclue.com/articles/how-to-use-clue/why-we-are-removing-the-fertile-window.
Corbin, Bethany A. “Digital Micro-Aggressions and Discrimination: Femtech and the ‘Othering’ of Women.” Nova Law Review 44 (2019): 337-364.
Cox, David. “How Overturning Roe v Wade Has Eroded Privacy of Personal Data.” BMJ 378 (2022): 1-2. https://doi.org/10.1136/bmj.o2075.
Creinin, Mitchell D., Sharon Keverline, and Leslie A. Meyn. “How Regular Is Regular? An Analysis of Menstrual Cycle Regularity.” Contraception 70, no 4 (2004): 289–292. https://doi.org/10.1016/j.contraception.2004.04.012.
Downey, Laura and Muireann Quigley. “Software as a Medical Device: A Bad Regulatory Fit?” Everyday Cyborgs 2.0 (blog), March 15, 2021. https://blog.bham.ac.uk/everydaycyborgs/2021/03/15/software-as-a-medical-device-a-bad-regulatory-fit/.
Drucker, Donna. Conception: A Concise History. Cambridge, MA: MIT Press, 2020.
Duane, Marguerite, Alison Contreras, Elizabeth T. Jensen, and Amina White. “The Performance of Fertility Awareness-Based Method Apps Marketed to Avoid Pregnancy.” The Journal of the American Board of Family Medicine 29, no 4 (2016): 508–511. https://doi.org/10.3122/jabfm.2016.04.160022.
Earle, Sarah, Hannah R. Marston, Robin Hadley, and Duncan Banks. “Use of Menstruation and Fertility App Trackers: A Scoping Review of the Evidence.” BMJ Sexual & Reproductive Health 47, no 2 (2021): 90–101. https://doi.org/10.1136/bmjsrh-2019-200488.
European Commission. Commission Notice—The ‘Blue Guide’ on the Implementation of EU Product Rules 2022 (2022/C 247/01). (Official Journal of the European Union, 2022).
European Commission. Guidelines on the Qualification and Classification of Stand Alone Software Used in Healthcare within the Regulatory Framework of Medical Devices (MEDDEV 2.1/6). (European Commission, 2016).
Fehring, Richard J., Mary Schneider, and Kathleen Raviele. “Variability in the Phases of the Menstrual Cycle.” Journal of Obstetric, Gynecologic & Neonatal Nursing 35, no 3 (2006): 376–384. https://doi.org/10.1111/j.1552-6909.2006.00051.x.
Gilman, Michele Estrin. “Periods for Profit and the Rise of Menstrual Surveillance.” Columbia Journal of Gender & Law 41, no 1 (2021): 100–113. https://doi.org/10.52214/cjgl.v41i1.8824.
Grieger, J. A. and R. J. Norman. “Menstrual Cycle Length and Patterns in a Global Cohort of Women Using a Mobile Phone App: Retrospective Cohort Study.” Journal of Medical Internet Research 22 (2020): e17109. https://doi.org/10.2196/17109.
Hendl, Tereza and Bianca Jansky. “Tales of Self-Empowerment through Digital Health Technologies: A Closer Look at ‘Femtech’.” Review of Social Economy 80, no 1 (2022): 29–57. https://doi.org/10.1080/00346764.2021.2018027.
IMDRF Software as a Medical Device (SaMD) Working Group. “Software as a Medical Device”: Possible Framework for Risk Categorization and Corresponding Considerations. (International Medical Device Regulators Forum, September 2014).
Johnson, Sarah, Lorrae Marriott, and Michael Zinaman. “Can Apps and Calendar Methods Predict Ovulation with Accuracy?” Current Medical Research and Opinion 34, no 9 (2018): 1587–1594. https://doi.org/10.1080/03007995.2018.1475348.
Kressbach, Mikki. “Period Hacks: Menstruating in the Big Data Paradigm.” Television & New Media 22 (2021): 241–261. https://doi.org/10.1177/1527476419886389.
Ludvigsen, Kaspar, Shishir Nagaraja, and Angela Daly. “When Is Software a Medical Device? Understanding and Determining the ‘Intention’ and Requirements for Software as a Medical Device in European Union Law.” European Journal of Risk Regulation 13, no 1 (2022): 78–93. https://doi.org/10.1017/err.2021.45.
Mantovani, Eugenio, and Pedro Cristobal Bocos. “Are mHealth Apps Safe? The Intended Purpose Rule, Its Shortcomings and the Regulatory Options under the EU Medical Device Framework.” In Mobile e-Health, edited by Hannah R. Marston, Shannon Freeman, and Charles Musselwhite, 251–275. Springer Cham, 2017.
McMillan, Catriona. “Monitoring Female Fertility through ‘Femtech’: The Need for a Whole-System Approach to Regulation.” Medical Law Review 30, no 3 (2022): 410–433. https://doi.org/10.1093/medlaw/fwac006.
McMillan, Catriona. “Rethinking the Regulation of Digital Contraception under the Medical Devices Regime.” Medical Law International 23, no1 (2023): 3–25. https://doi.org/10.1177/09685332231154581.
Medical Device Coordination Group. Guidance on Qualification and Classification of Software in Regulation (EU) 2017/745 – MDR and Regulation (EU) 2017/746 – IVDR. (MDCG, October 2019).
Medicines and Healthcare Products Regulatory Agency. “Guidance: Medical Device Stand-Alone Software Including Apps (Including IVDMDs) v1.10e.” Updated May 2023. https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/1168485/Medical_device_stand-alone_software_including_apps__including_IVDMDs_.pdf.
Natural Cycles. “How Long Will It Take the App to Get to Know My Cycle?” Accessed November 3rd, 2023. https://help.naturalcycles.com/hc/en-us/articles/360003313193-How-long-will-it-take-the-app-to-get-to-know-my-cycle-.
National Health Service. “Natural Family Planning.” Accessed November 3rd, 2023. https://www.nhs.uk/conditions/contraception/natural-family-planning/.
National Health Service. “Periods and Fertility In the Menstrual Cycle.” Accessed November 3rd, 2023. https://www.nhs.uk/conditions/periods/fertility-in-the-menstrual-cycle/.
Olson, J. A., D. A. Sandra, É. S. Colucci, A. Al Bikaii, D. Chmoulevitch, J. Nahas, A. Raz, and S. P. Veissière. “Smartphone Addiction Is Increasing across the World: A Meta-Analysis of 24 Countries.” Computers in Human Behavior 129 (2022): 107138. https://doi.org/10.1016/j.chb.2021.107138.
Quigley, Muireann and Laura Downey. “The Unbearable Lightness of Being Intangible Software as a Medical Device and the Materiality of Law.” Working paper.
Rosato, Donna. “What Your Period Tracker App Knows about You.” Consumer Reports. January 28, 2020. https://www.consumerreports.org/health-privacy/what-your-period-tracker-appknows-about-you/.
Sheppard, Maria K. “mHealth Apps: Disruptive Innovation, Regulation, and Trust—A Need for Balance.” Medical Law Review 28, no 3 (2020): 549–572. https://doi.org/10.1093/medlaw/fwaa019.
Sudjic, Olivia. “ ‘I Felt Colossally Naïve’: The Backlash against the Birth Control App.” Guardian, July 21, 2018. https://www.theguardian.com/society/2018/jul/21/colossally-naive-backlash-birth-control-app.
Symul Laura, Katarzyna Wac, Paula Hillard, and Marcel Salathé. “Assessment of Menstrual Health Status and Evolution through Mobile Apps for Fertility Awareness.” npj Digital Medicine 2 (2019): 64. https://doi.org/10.1038/s41746-019-0139-4.
UK Government. Consultation on the Future of Medical Devices Regulation in the United Kingdom. (UK Government, September 2021).
UK Government. Crafting an Intended Purpose in the Context of Software as a Medical Device. (UK Government, March 2023).
UK Government. “Implementation of the Future Regulations.” Updated June 16, 2023. https://www.gov.uk/government/publications/implementation-of-the-future-regulation-of-medical-devices-and-extension-of-standstill-period/implementation-of-the-future-regulations.
UK Government. “Regulating Medical Devices in the UK.” Updated June 16, 2023. https://www.gov.uk/guidance/regulating-medical-devices-in-the-uk.
Urrutia, Rachel Peragallo, Chelsea B. Polis, Elizabeth T. Jensen, Margaret E. Greene, Emily Kennedy, and Joseph B. Stanford. “Effectiveness of Fertility Awareness–Based Methods for Pregnancy Prevention: A Systematic Review.” Obstetrics & Gynecology 132, no 3 (2018): 591–604. https://doi.org/10.1097/aog.0000000000002784.
Wheeler, Marija V., Vedrana H. Tabor, Kayleigh Teel, and Mike LaVigne. “The Science of Your Cycle: Evidence-Based App Design.” Clue. October 12, 2015. https://helloclue.com/articles/about-clue/science-your-cycle-evidence-based-app-design.
Wilcox, Allen J. “The Timing of the ‘Fertile Window’ in the Menstrual Cycle: Day Specific Estimates from a Prospective Study.” BMJ 321 (2000): 1259–1262. https://doi.org/10.1136/bmj.321.7271.1259.
Worsfold, Lauren, Lorrae Marriott, Sarah Johnson, and Joyce C. Harper. “Period Tracker Applications: What Menstrual Cycle Information Are They Giving Women?” Women’s Health 17 (2021): 17455065211049905. https://doi.org/10.1177%2F17455065211049905.
Yu, Helen. “Regulation of Digital Health Technologies in the European Union: Intended versus Actual Use.” In The Future of Medical Device Regulation: Innovation and Protection, edited by I. Glenn Cohen, Timo Minssen, W. Nicholson Price II, Christopher Robertson, and Carmel Shachar, 103–114. Cambridge: Cambridge University Press, 2022.
Zwingerman, Rhonda, Michael Chaikof, and Claire Jones. “A Critical Appraisal of Fertility and Menstrual Tracking Apps for the iPhone.” Journal of Obstetrics and Gynaecology Canada 42, no 5 (2020): 583–590. https://doi.org/10.1016/j.jogc.2019.09.023.
Primary Legal Material
European Union
Brain Products GmbH v. BioSemi VOF and Others, Case C-219/11 (ECJ 2012/11).
Council Directive 85/374/EEC of 25 July 1985 on the Approximation of the Laws, Regulations and Administrative Provisions of the Member States Concerning Liability for Defective Products.
Council Directive 90/385/EEC of 20 June 1990 on the Approximation of the Laws of the Member States Relating to Active Implantable Medical Devices.
Council Directive 93/42/EEC of 14 June 1993 concerning Medical Devices.
Directive 98/79/EC of the European Parliament and of the Council of 27 October 1998 on In Vitro Diagnostic Medical Devices.
Directive 2007/47/EC of the European Parliament and of the Council of 5 September 2007 amending Council Directive 90/385/EEC on the approximation of the laws of the Member States relating to active implantable medical devices, Council Directive 93/42/EEC concerning medical devices and Directive 98/8/EC concerning the placing of biocidal products on the market.
Regulation (EU) 2017/745 of the European Parliament and of the Council of 5 April 2017 on Medical Devices, Amending Directive 2001/83/EC, Regulation (EC) No 178/2002 and Regulation (EC) No 1223/2009 and Repealing Council Directives 90/385/EEC and 93/42/EEC.
Regulation (EU) 2017/746 of the European Parliament and of the Council of 5 April 2017 on In Vitro Diagnostic Medical Devices and Repealing Directive 98/79/EC and Commission Decision 2010/227/EU.
Syndicat national de l’industrie des technologies médicales (SNITEM) and Philips France v. Premier ministre and Ministre des Affaires sociales et de la Sante´, EU:C:2017:947, Case C-329/16 (CJEU 2017).
United Kingdom
Consumer Protection Act 1987.
Medical Devices (Amendment) Regulations 2008 (SI 20082936).
Medical Devices Regulations 2002.
[1] Unless specific reference to gender is required, hereon in this analysis, ‘women, girls and people with wombs’ are generally referred to as software ‘users’ as a shorthand for the diversity of people that use femtech.
[2] Rosato, “What Your Period Tracker App Knows.”
[3] The initialism ‘UK MDR’ is used because parts of the Medical Devices Regulations 2002 apply to Northern Ireland (NI). It incorporated the following directives into UK law: Council Directive 90/385/EEC of 20 June 1990 on the Approximation of the Laws of the Member States Relating to Active Implantable Medical Devices, Council Directive 93/42/EEC of 14 June 1993 concerning Medical Devices and Directive 98/79/EC of the European Parliament and of the Council of 27 October 1998 on In Vitro Diagnostic Medical Devices.
[4] NI continues to follow the European Union’s medical devices rules post-Brexit, and thus, while there is much cross-over with the discussions here, NI has a slightly different medical devices regime, which is beyond the scope of this article. Due to the similarities between Great Britain, NI and other international regimes, the lessons from this paper translate beyond the specific regulatory framework discussed here.
[5] In a previous paper, I referred to this issue as ‘regulatory capture’; however, here while I discuss the same issue, I use the term ‘inadequacy’ to avoid confusion with regulatory capture theory. See McMillan, “Monitoring Female Fertility.”
[6] See, for example, Natural Cycles, “How Long Will It Take?”
[7] See Duane, “Fertility Awareness-Based Method Apps.”
[8] See Drucker, Contraception.
[9] National Health Service (NHS), “Natural Family Planning.”
[10] Urrutia, “A Systematic Review.”
[11] For discussion of this point, see McMillan, “Rethinking the Regulation,” 21–22.
[12] See McMillan, “Monitoring Female Fertility.”
[13] Wilcox, “ ‘Fertile Window’,” 1259.
[14] For example, Creinin, “How Regular Is Regular?”; Fehring, “Menstrual Cycle”; Bull, “Menstrual Cycle Characteristics.”
[15] NHS, “The Menstrual Cycle.”
[16] Symul, “Fertility Awareness.” For other similar studies, see Johnson “Apps and Calendar Methods,” and Greiger, “Menstrual Cycle Length.”
[17] Worsfold, “Period Tracker Applications,” 1.
[18] Kressbach, “Period Hacks”; Wheeler, “The Science of Your Cycle.”
[19] Worsfold, “Period Tracker Applications,” 2.
[20] Ali, “Fertile Window,” 274.
[21] Broadly construed, as the authors state, ‘Inclusion criteria consisted of apps that attempted to predict ovulation, the fertile window, or both, apps that could be used for conception (whether stated or inferred from app use’. Ali, “Fertile Window,” 274.
[22] See Duane, “Fertility Awareness-Based Method Apps,” 508.
[23] Worsfold, “Period Tracker Applications,” 5.
[24] Zwingerman, “A Critical Appraisal,” 583.
[25] Johnson, “Apps and Calendar Methods,” 1587.
[26] Duane, “Fertility Awareness-Based Method Apps,” 508.
[27] Sudjic, “I Felt Colossally Naïve.”
[28] Earle, “Fertility App Trackers,” 90.
[29] Clue, “Removing the Fertile Window.”
[30] Apple Store, “Clue.”
[31] Clue, “One Year of Clue Birth Control.”
[32] See, for example, the collection of ‘period-tracking apps’ in the Apple app store.
[33] National Health Service, “Natural Family Planning.”
[34] See Olson, “Smartphone Addiction.”
[35] See Corbin, “Digital Micro-Aggressions”; Gilman, “Periods for Profit”; Burt-D’Agnillo, “FemTech.”
[36] Council Directive 93/42/EEC of 14 June 1993 concerning Medical Devices.
[37] There has been a complex to and fro in this area of regulation post-Brexit (i.e., changes to the EU regulations were adopted and then withdrawn during this period).
[38] UK Government, “Consultation.”
[39] UK Government, “Implementation.”
[40] UK MDR 2002, s 7A.
[41] See UK MDR 2002, ss 11–13.
[42] UK Government, “Regulating Medical Devices.”
[43] Notably, the delay in changeover in conformity marking may be put down to the lack of UK Approved Bodies. At the time of writing, there are only four UK Approved Bodies based in the UK with a legislative area of ‘medical devices.’
[44] See UK MDR 2002, s 18, Part V.
[45] UK MDR 2002, s 7(1).
[46] Council Directive 93/42/EEC, s 3 Annex IX.
[47] Council Directive 93/42/EEC, s 1.1.2 Annex IX states that invasive devices are ‘A device which, in whole or in part, penetrates inside the body, either through a body orifice or through the surface of the body’.
[48] Council Directive 93/42/EEC, s 3 Annex IX.
[49] See, generally, Council Directive 93/42/EEC, s 3 Annex IX.
[50] See, generally, Council Directive 93/42/EEC, s 3 Annex IX.
[51] Council Directive 93/42/EEC, Rule 14 s 3 Annex IX.
[52] Council Directive 93/42/EEC, Rule 18 s 3 Annex IX.
[53] Council Directive 93/42/EEC, Rule 15 s 3 Annex IX.
[54] Council Directive 93/42/EEC, Rule 14 s 3 Annex IX.
[55] See McMillan, “Monitoring Female Fertility.”
[56] See McMillan, “Monitoring Female Fertility.”
[57] For more on this, see Ludvigsen, “When Is Software a Medical Device?”; UK Government, “Consultation,” chap. 10.
[58] See McMillan, “Monitoring Female Fertility.”
[59] Medicines and Healthcare products Regulatory Agency, “Guidance,” 12.
[60] Emphasis added.
[61] Sheppard, “mHealth Apps,” 559.
[62] Consumer Protection Act 1987 (which implemented Council Directive 85/374/EEC).
[63] See the EU’s proposal for a new Product Liability Directive, accessed July 6, 2023, https://eur-lex.europa.eu/resource.html?uri=cellar:b9a6a6fe-3ff4-11ed-92ed-01aa75ed71a1.0001.02/DOC_1&format=PDF. It is also worth noting the recent Court of Justice of the European Union judgment in Computer Associates UK Ltd v. The Software Incubator UK Ltd (C-410/19, September 16, 2021), para. 36. Albeit concerned with the ‘sale of goods’ under Council Directive 86/653/EEC of 18 December 1986 on the Coordination of the Laws of the Member States Relating to Self-Employed Commercial Agents (the Commercial Agents Directive) rather than product liability, the Court took a definitive step in stating that ‘software can be classified as “goods” irrespective of whether it is supplied on a tangible medium or, as in the present case, by electronic download’.
[64] Medicines and Health Regulatory Agency (MHRA), “Guidance.” At the time of writing, this guidance was last updated on 16 May 2023.
[65] MHRA, “Guidance,” 25.
[66] MHRA, “Guidance,” 27.
[67] See Medical Device Coordination Group, “Guidance.”
[68] MHRA, “Guidance,” 12.
[69] MHRA, “Guidance,” 21.
[70] MHRA, “Guidance,” 10.
[71] SI 20082936. This instrument implemented Directive 2007/47/EC.
[72] European Commission, Guidelines (MEDDEV 2.1/6), 7. These guidelines apply to stand-alone software only. Interestingly, as Sheppard points out, the judgment in SNITEM relied on MEDDEV 2.1/6 for their interpretation of the Council Directive 93/42/EEC, which elevates these guidelines to legal principles. See Sheppard, “mHealth Apps,” 562.
[73] Although, as noted above, software is generally treated as a ‘service’, not a ‘product’, by law and regulation.
[74] See Ludvigsen, “When Is Software a Medical Device?”; Downey, “Software as a Medical Device.”
[75] See SNITEM; Brain Products GmbH Vv. BioSemi VOF and Others, Case C-219/11 (ECJ 2012/11). For discussion, see Sheppard, “mHealth Apps.”
[76] Emphasis added.
[77] MHRA, “Guidance,” 11.
[78] Discussing in the context of the 2021 MDR, see Ludvigsen, “When Is Software a Medical Device?” 83.
[79] UK Government, “Crafting an Intended Purpose,” s 5.5.
[80] UK Government, “Crafting an Intended Purpose,” s 3.
[81] UK Government, “Crafting an Intended Purpose,” s 5.1.
[82] See, for example, Yu, “Regulation of Digital Health Technologies”; Ludvigsen, “When Is Software a Medical Device?”; Sheppard, “mHealth Apps”; McMillan, “Monitoring Female Fertility.”
[83] See UK Government, “Consultation,” chap. 1.
[84] Regulation (EU) 2017/746 (IVDR).
[85] Regulation (EU) 2017/745 (EU MDR), s 3(b) Annex I; IVDR, s 3(b) Annex I.
[86] EU MDR, s 3(c) Annex I; IVDR, s 3(c) Annex I.
[87] EU MDR, s 8 Annex I; IVDR, s 8 Annex I.
[88] Quigley, “Unbearable Lightness,” 13.
[89] This guide includes medical devices.
[90] European Commission, The “Blue Guide,” 2.8
[91] European Commission, The “Blue Guide,” 2.8
[92] Quigley, “Unbearable Lightness,” 13.
[93] Ali, “Fertile Window,” 277.
[94] Mantovani, “Are mHealth Apps Safe?” 251.
[95] See, for example, Clue, “Removing the Fertile Window.”
[96] UK MDR 2002, s 2(1).
[97] Emphasis added.
[98] Quigley, “Unbearable Lightness,” 19; Downey, “Software as a Medical Device.”
[99] Quigley, “Unbearable Lightness,” 17–18. Their discussion focuses on open-source automated insulin delivery systems in this respect.
[100] The Blue Guide states that DIY projects should not be considered taking place in a ‘business-related context’. European Commission, The “Blue Guide,” para 2.2.
[101] Quigley, “Unbearable Lightness,” 24.
[102] See Hendl, “Tales of Self-Empowerment.”
[103] See McMillan, “Rethinking the Regulation,” 12.
[104] See Sheppard “mHealth Apps,” 564; Yu, “Regulation of Digital Health.”
[105] See McMillan, “Monitoring Female Fertility.”
[106] See UK MDR 2002, s 2; MHRA, “Guidance,” 12.
[107] See Ludvigsen, “When Is Software a Medical Device?” 89–92.
[108] UK Government, “Consultation,” s 1.1.
[109] UK Government, “Consultation,” s 62. See also IMDRF, “Software as a Medical Device.”
[110] Yu, “Regulation of Digital Health,” 110.
[111] Yu, “Regulation of Digital Health,” 111.
[112] UK Government, “Consultation,” s 48.
[113] See, for example, Bennett Moses, “Recurring Dilemmas”; Brownsword, “In the Year 2061.”
[114] A core value may be a recognition of the interests and needs of women as users of femtech; this is discussed in depth in McMillan, “Monitoring Female Fertility.”
[115] Recent government consultations on the topic have indicated a potential move towards soft law mechanisms such as guidance, which could be an effective way of capturing and dealing with the issues highlighted here in the transition to a new framework.
[116] Sheppard, “mHealth Apps,” 569.
[117] See McMillan, “Monitoring Female Fertility.”
[118] For discussion, see Cox, “Roe v Wade.”
[119] To explain, short-term costs for the user include, for example, the process of pregnancy and/or termination of pregnancy and any associated health problems and in turn, any long-term physical and mental health problems and/or the financial cost of raising a child. There are also broader financial costs associated with this, including but not limited to funding health care for the latter.
AustLII:
Copyright Policy
|
Disclaimers
|
Privacy Policy
|
Feedback
URL: http://www.austlii.edu.au/au/journals/LawTechHum/2023/22.html