There is precedent for this, and privacy advocates say the data collection could become a major liability for people seeking secret abortions. Phones can record communications, search histories, body health data, and other information. As recently as Tuesday, new evidence showed that commercial data brokers were selling location information collected from the phones of people visiting abortion clinics.
“It’s absolutely something to worry about – and something to hopefully learn before you get into crisis mode, where learning on the fly might be more difficult,” said Cynthia Conti-Cook. , a technology research fellow at the Ford Foundation.
It is now common for law enforcement to use content from people’s phones, including location and navigation information. A case against an alleged January 6 insurgent sourced from thousands of data pages of the suspect’s phone as well as Facebook records, prosecutors said.
A major data source is our economics of digital surveillance – Facebook, Google and apps galore – in which companies track consumers to learn how to sell to them. Data can change hands multiple times or seep into a larger market run by data brokers. These brokers can accumulate huge collections of information.
This data is an easy target for subpoenas or court orders, and many tech companies don’t give clear answers about what information they would be willing to hand over. Google, for its part, reports that he received more than 40,000 subpoenas and search warrants in the United States in the first half of 2021.
Police and private citizens could buy data and use it to investigate suspected abortions. Phone location information has been used by activist groups to target ads to people in abortion clinics to try to dissuade them.
Analyzing all that data isn’t easy, and law enforcement agencies have a lot of “low fruit” to pursue, says Alan Butler, executive director and president of the Electronic Privacy Information Center. These more traditional methods include checking credit card statements, collecting data from cell phone towers, and talking to friends and family.
But it’s hard to predict how restrictive state abortion laws would become so Roe vs. Wade were overthrown. “Even a search for information about a clinic could become illegal under certain state laws, or an effort to go to a clinic with the intent of obtaining an abortion,” Butler said.
Whatever happens, the possibility of massive data collection to enforce abortion bans will hang over the heads of people seeking abortions or helping others get them, said Nikolas Guggenberger, executive director from the Yale Information Society Project. “People want to be on the safe side, so even if the law doesn’t apply to what they’re doing, it has a chilling effect,” he said.
A number of groups have published citizen guides for avoiding surveillance when seeking abortion or reproductive health care. These groups include the Digital Defense Fundthe Repro Legal Helpline and the Electronic Frontier Foundation.
Here are three potential contributors to the data trail on people seeking abortions — and how they could be used.
Phones can collect precise information about your location – down to the building – to power maps and other services. Sometimes, however, the fine print of app privacy policies gives companies the right to sell this information to other companies who can make it available to advertisers or anyone who wants to pay for it.
Tuesday, The Vice Motherboard Blog reported that for $160 he bought a week’s worth of data from a company called SafeGraph showing where people who visited more than 600 Planned Parenthood clinics came from and where they went afterward.
This type of data could be used, for example, to identify clinics that offer abortions to out-of-state people in places where it is illegal.
SafeGraph CEO Auren Hoffman told The Washington Post on Tuesday that his company is discussing whether to stop offering aggregate physical traffic data to abortion providers. SafeGraph and companies like it generally do not sell location information related to names or phone numbers, although the company has previously come under fire from privacy advocates and has changed some of its practices to make it more difficult the link of the data with specific persons.
“You can find someone to say they can anonymize the data, but if it could be done, someone would have already written a paper,” Hoffman said.
But privacy watchdogs say you can learn a lot by connecting the dots about multiple places that a single person has visited. For example, last year a Catholic blog obtained location information originally generated by the dating app Grindr to label a priest as gay. The blog’s authors were able to deduce that a person in a church-related location was also visiting gay bars.
Both Apple and Android phones offer settings to disable location services for individual apps or entirely for the phone. But it might prevent some functions from working, such as transport apps.
Search and chat history
Searching for clinic and drug information can leave a trail of records with Google, which in some cases logs queries in a user’s profile.
In 2017, prosecutors used internet searches to find abortion drugs as evidence in the trial of a Mississippi woman for the death of her fetus. A grand jury ultimately decided not to pursue the charges, according to National Advocates for Pregnant Women. And last year, the Wisconsin Supreme Court ruled that detectives did not violate the rights of convicted murderer George Burch when, operating without a warrant, they accessed data downloaded from his phone, including his internet search history.
Private messages can also become evidence. In 2015, text messages on abortion helped convict a woman child neglect and feticide.
A 2020 report by Upturn, a tech and justice-focused nonprofit, has found that law enforcement is using “mobile device forensic tools” – which can give them access to internet logs as well as to unencrypted emails and text messages – when investigating issues as varied as possession of marijuana and graffiti.
There are steps people can take to keep their search and chat histories private. The Ford Foundation’s Conti-Cook said people don’t have to offer their phones when asked by the police, and can opt in to encrypted messaging apps and a virtual private network, or VPN, to hide their identity during searches.
Millions of people use apps to help track their menstrual cycles, recording and storing intimate data about their reproductive health. Because this data can reveal when periods, ovulation and pregnancy stop and start, it could become evidence in states where abortion is criminalized.
These companies are proven to play fast and loose with privacy. In 2019, the menstrual Ovia was pushed back for sharing aggregate family planning data from select users with their employers.
Last year the The Federal Trade Commission has settled with the Flo rules tracking app after the app promised to keep user data private but then shared it with marketing companies such as Facebook and Google.
A recent Consumer Reports survey found flaws in the way five popular period-tracking apps handle sensitive user data, including sending it to third parties for targeted ads.
How are apps allowed to share this personal data? Our interactions with healthcare providers are covered by a federal privacy law called the Health Insurance Portability and Accountability Act, or HIPAA. However, rule-tracking apps are not defined as covered entities, so they can legally share data.
Joseph Menn contributed to this report.