As Meta faces potential billions in damages from a California jury verdict over privacy violations, Flo Health’s strategic settlement in the same case offers a stark contrast in how companies can navigate data privacy challenges while maintaining their mission and reputation.
A California jury ruled in August 2025 that Meta violated the California Invasion of Privacy Act by collecting sensitive data from Flo app users without proper consent. The verdict came after Meta chose to fight the allegations in court, while Flo Health, Google, and analytics firm Flurry opted to settle before or during trial.
The settlement came after Federal Judge James Donato described the lack of evidence supporting allegations against Flo Health as an “insurmountable problem” for the plaintiffs’ case. The judge’s skepticism about the claims became increasingly apparent as the trial progressed, with Flo maintaining that the allegations lacked merit throughout.
“We have always maintained that the claims lacked merit, and as the case progressed, the lack of evidence to support these allegations became increasingly clear in court,” a Flo spokesperson confirmed. “Importantly, this settlement includes no admission of wrongdoing. We can now put the matter behind us so we can continue to focus on serving our customers and delivering our mission to advance the future of women’s health.”
The lawsuit, filed in 2021 and consolidated as Frasco v. Flo Health, alleged that Flo had shared users’ intimate health data with third parties through software development kits (SDKs) incorporated into the app between November 2016 and February 2019. The case involved 38 million women in the class action settlement.
The contrast with Meta’s situation is striking. While Flo settled strategically, Meta fought on and lost, with the jury finding it had violated California privacy law. Lead trial attorneys Michael Canty and Carol Villegas stated: “This verdict sends a clear message about the protection of digital health data and the responsibilities of Big Tech. Companies like Meta that covertly profit from users’ most intimate information must be held accountable.”
The case originated from a 2019 Wall Street Journal report about data-sharing practices. Flo had previously settled with the Federal Trade Commission in 2021, agreeing to obtain affirmative consent before sharing users’ data in the future. The company emphasized it was avoiding “the time and cost associated with litigation” rather than admitting fault.
Judge Donato’s comments during the trial were particularly revealing. On July 30, he stated: “It’s going to potentially be confusing and highly unproductive to let a claim for which I see virtually no evidence—in fact, probably zero evidence—to go forward.” Flo even filed a motion to dismiss that day, arguing that the plaintiffs had no evidence to support their accusations.
Meta’s potential exposure is enormous. With 38 million women in the class and each violation of the California Invasion of Privacy Act carrying statutory damages, FemTech Insider reported Meta could face up to $190 billion in damages. Meta has indicated it “vigorously disagrees” with the verdict and is exploring all legal options, maintaining that “the plaintiffs’ claims against Meta are simply false.”
The divergent outcomes highlight the importance of strategic decision-making in privacy litigation. While Meta’s decision to fight may have been principled, it resulted in a public verdict that could reshape how courts view tech companies’ data practices. Flo’s settlement, by contrast, allowed the company to move forward without admitting wrongdoing, preserving its resources and reputation while avoiding the uncertainty of a jury trial. This pragmatic approach has enabled Flo to continue focusing on innovation, including launching new features for perimenopause support, while the Meta verdict continues to reverberate through the tech industry.