One Year After Roe V Wade Overturned And 'uterus Surveillance' Looks Grim

Analysis The US Supreme Court's decision a year ago to overturn Roe v Wade has shone a light on the amount of personal, sensitive data that tech companies collect every day – and how that information can be used for nefarious purposes.

Shortly after the decision, which ended federal protections of abortion rights, it came to light that private Facebook chats between a Nebraska mother and her daughter had been used by law enforcement to build a criminal case against the teen for getting a now-illegal abortion in her home state.

In March, a Texas man sued three women for allegedly helping his wife buy medication to end her pregnancy after snooping on text messages with her friends. The Lone Star State, which prides itself on rugged individualism, now offers a $10,000 cash bounty for reporting on women exposed as seeking reproductive choice.

Meanwhile, online pharmacies selling abortion pills and fertility tracking apps continue sharing pregnancy status as well as search history and geolocation – information that can then be used to identify the websites' customers –  by third parties. 

And data brokers track the "precise" whereabouts of hundreds of millions of mobile devices, making it possible to ID devices at reproductive health clinics and trace those to users' homes.

Governments are weaponizing the most personal and private data about women's bodies and healthcare and using it against them

US Senator Ron Wyden (D-OR), speaking on the Senate floor to mark the one-year anniversary of the Supreme Court striking down Roe v Wade, called this a "crisis of digital privacy and the threat of uterus surveillance."

"Governments are weaponizing the most personal and private data about women's bodies and healthcare and using it against them. That's uterus surveillance," Wyden told his fellow lawmakers. 

"I've been sounding the alarm for years that location data leached from phone apps is ripe for abuse," he continued. "In states where extremists have restricted or banned abortion, that goes straight to a five alarm crisis."

At the federal level, a group of US lawmakers including Wyden have introduced legislation called the My Body, My Data Act, which would minimize the amount of sexual health data that is collected by non-HIPAA-covered organizations – apps, search engines, mobile devices, and the like – to prevent this information from being disclosed or misused. 

This is the elected officials' second such attempt. The original My Body, My Data Act of 2022 died in Senate and House committees last year, and the 2023 version looks doomed to meet the same fate in the Republican-controlled House of Representatives.

"What we're seeing in the wake of Dobbs is federal agencies filling the void where Congress has not acted," said Andrew Crawford, Center for Democracy and Technology (CDT) senior counsel for privacy and data. 

Crawford noted the US Department of Health and Human Services' proposed rule to boost abortion data privacy under Health Insurance Portability and Accountability Act (HIPAA), but their passage is far from certain. 

Additionally, in the year following the Supreme Court decision, a patchwork of state laws protecting reproductive health data have been enacted in the usual-suspect states.

On the other end of the political spectrum, states including Texas have tried to make it a criminal offense for internet service providers to provide access to websites that sell abortion pills or provide information about the procedure.

States pick up the data-privacy slack

Perhaps the most protective rules applying to reproductive health data will soon go into effect in the state of Washington. 

Democratic governor Jay Inslee in April signed into law a bill that will make it illegal for period-tracking apps, Google or any other website to sell consumers' health data, while also making it harder for them to collect and share this personal information. The law, which also bans mass geofences, goes into effect July 23.

"It's long overdue that we have increased data protections for our most sensitive health data, and it's taken on an increased urgency in a post-Dobbs world," Democrat Representative Vandana Slatter told The Register shortly after introducing the legislation in January. "This information, if it's bought or sold, can do real harm."

Shields up

Meanwhile, California lawmakers have proposed legislation similar to the Washington bill that would prohibit companies from sharing, selling or using for marketing purposes medical information – including reproductive or sexual health info.

California, Washington, and New York have all adopted shield laws that prevent companies in those states from sharing communications and other information with out-of-state law enforcement agencies conducting abortion investigations.

Massachusetts has two pieces of legislation related to health data privacy and geolocation moving through the state's legislature, and California has a bill in the state Assembly that aims to protect reproductive and gender-affirming care by outlawing so-called "reverse warrants" or "keyword warrants." 

These allow law enforcement to request names and identities of all people whose digital data puts them near an abortion clinic or shows them searching for related information online.

"EFF believes these are unconstitutional types of warrants because you are asking for information from a lot of people based on no probable cause – sometimes hundreds of thousands of people, depending on the location," Hayley Tsukayama, senior legislative activist at the Electronic Frontier Foundation (EFF) told The Register. "We are very worried about them as dragnet surveillance tools."

Google alone received 5,764 of these between 2018 and 2020 from police in the states that had banned abortion as of July 2022.

Both Google and EFF have signed on in support of California's AB 793.

"In the context of reproductive healthcare, it's a tool that can be wielded very effectively," Tsukayama said, adding that while other California laws prohibit cops from seeking warrants for people at a Planned Parenthood clinic, "there's nothing stopping you from saying give me the gas station next to the Planned Parenthood."

Tsukayama said she's not aware of these types of reverse warrants being used to prosecute people seeking or providing abortions.

"But we've seen reverse demands be used against protesters, or being used to falsely arrest someone because they were in the wrong place at the wrong time," she added. "This seems like a logical next step."

Big Tech at the heart of the debate

The Dobbs decision leaks in May 2022 put privacy and abortion rights advocates on high alert.

"After the decision finally came down, CDT quickly realized just how much tech issues were going to be at stake in the implementation of that decision – and in the course of people's daily lives," said the center's CEO, Alexandra Reeve Givens. 

"We also realized that this was going to be an issue for the tech companies," she added. "They are going to be right in the heart of an incredibly politicized debate." 

To this end, privacy rights advocates have called on Big Tech to implement end-to-end encryption and stop storing location data, among other measures, to better protect users from unwanted surveillance.

Google, in particular, has found itself embroiled in a legal battle and positioned squarely in the middle of this debate, in part because of the amount of data it collects from users, but also because it took an early stand on protecting reproductive data rights and privacy.

The same month as the Dobbs ruling, Google pledged to update its location history system so that visits to medical clinics and similarly sensitive places are automatically deleted.

As recently as May, however, two investigations, one by advocacy group Accountable Tech and the other by the Washington Post, found Google continued to track and store location history for trips to abortion clinics.

Accountable Tech also found that Google continued to store its Maps search query data by default – for example, searches for words like "abortion" or "Planned Parenthood" – for 18 months.

When asked about the two reports back in May, a Google spokesperson directed The Register to this blog for the company's official statement. 

Shortly after, Democratic senators led by Senator Amy Klobuchar (D-MN) sent a letter to Google demanding answers and asking the company to agree to a third-party audit to verify that it's keeping its promise to delete sensitive location data.

Google did not respond to The Register's inquiries about the senators' letter.

"They [Google] set this trap for themselves," Nicole Gill, Accountable Tech co-founder and executive director, told The Register.

"That's the irony of it. They made this proclamation, and they're not living up to it. And so, understandably, there's more focus on them, but they're certainly not the only piece of tech that potentially could be used and weaponized against people seeking abortions."

'Surveillance advertising' business models

In addition to Google, there's Facebook, Apple and Amazon – or really any company that collects and monetizes user data as part of their business models, Gill added.

Yes, these companies collect consumer data with their consent, "but that model of consent is completely flawed," she said. "Companies really need to look at their business models, and I don't know that an advertising-based business model is also going to last for the long term."

As long as it does last, however, this type of "surveillance advertising," as Gill describes it, is going to be increasingly dangerous for people who live in states where abortion has been criminalized. 

Plus, these are also the same regions with weak data protection laws.

"It's creating even more of a dramatic split between the haves and have-nots," Gill said. "And the have-nots are willingly restricting rights and putting people's health at incredible risk by restricting the access to abortion and then also their willingness to prosecute those who seek it." ®

 

RECENT NEWS

From Chip War To Cloud War: The Next Frontier In Global Tech Competition

The global chip war, characterized by intense competition among nations and corporations for supremacy in semiconductor ... Read more

The High Stakes Of Tech Regulation: Security Risks And Market Dynamics

The influence of tech giants in the global economy continues to grow, raising crucial questions about how to balance sec... Read more

The Tyranny Of Instagram Interiors: Why It's Time To Break Free From Algorithm-Driven Aesthetics

Instagram has become a dominant force in shaping interior design trends, offering a seemingly endless stream of inspirat... Read more

The Data Crunch In AI: Strategies For Sustainability

Exploring solutions to the imminent exhaustion of internet data for AI training.As the artificial intelligence (AI) indu... Read more

Google Abandons Four-Year Effort To Remove Cookies From Chrome Browser

After four years of dedicated effort, Google has decided to abandon its plan to remove third-party cookies from its Chro... Read more

LinkedIn Embraces AI And Gamification To Drive User Engagement And Revenue

In an effort to tackle slowing revenue growth and enhance user engagement, LinkedIn is turning to artificial intelligenc... Read more