End of Roe redefines privacy and content moderation
Last week, the Supreme Court overturned Roe v. Wade, the long-standing precedent that affirmed the constitutional right to abortion. As Roe fell, states around the country began to enforce anti-abortion laws, some of which criminalize abortions or permit individuals to sue providers and helpers of abortion. As a result, there are now immediate questions surrounding the data collection practices of online services and apps, and whether this information could become a tool for authorities and litigants seeking to enforce anti-abortion laws. Advocates and lawmakers are mobilizing to preserve safe access to reproductive health care services. Meanwhile, the Supreme Court's decision also calls into question key precedents that established a right to privacy and other fundamental rights with implications for tech policy. This week’s newsletter examines some of the consequences of the Court's ruling for tech policy and privacy online.
What is the future of abortion-related content on the internet?
Since the Supreme Court overturned Roe v. Wade, 26 states are expected to ban or significantly limit access to abortion, raising complicated questions about how online abortion content should be treated. Advocates fear that in states where abortion is no longer legal, officials could try to criminalize online content about the procedure.
Some have argued that Section 230 of the Communications Decency Act of 1996 could help protect abortion-related content online in a post-Roe America. Section 230 significantly limits the legal liability of tech platforms for content generated by users, and does not require additional litigation over the legality of the content in question. Fight for the Future’s Evan Greer highlights the law’s significance post-Roe, saying: “Even well-intentioned changes to Section 230, like those proposed in the SAFE TECH Act or Justice Against Malicious Algorithms Act, could unleash a wave of lawsuits from anti-abortion activists (who are already lawyered up, litigious, and highly motivated to get content about abortion access scrubbed from the internet).”
Some online platforms have already begun to limit abortion-related content. Writing for Motherboard, Joseph Cox and Jordan Pearson reported on Monday that Facebook is banning people who offer to mail abortion pills to women in states where the procedure is illegal or could soon be outlawed. Meta spokesperson Andy Stone tweeted in response, “Content that attempts to buy, sell, trade, gift, request or donate pharmaceuticals is not allowed…” Cox and Pearson note that while there’s uncertainty about when exactly Facebook began clamping down on the selling of abortion pills, they “confirmed Facebook removed such posts on the same day that the Supreme Court overturned Roe v. Wade.”
Meta’s response highlights the power of platforms to set policies that go beyond what’s legal or illegal, an important question post-Roe. In December of 2021, the FDA allowed patients to receive abortion pills by mail instead of requiring them to obtain the medication in-person, from specially certified health providers. The decision empowers patients to attend a telemedicine appointment with a provider who can prescribe abortion pills and send them to the patient by mail, potentially bypassing state abortion bans. Meta could reverse its policy and allow women to use the platform to obtain abortion pills from out-of-state sources.
Looming over this debate is the possibility that the Supreme Court could still take up the controversial Florida social media law intended to punish platforms for content moderation decisions. The Florida law is a predecessor to the Texas law that the Supreme Court struck down, which seeks to prohibit tech companies from “censoring” or de-platforming political figures. In his dissent to the Texas decision, Justice Alito signaled a desire to re-examine the issue: “[i]t is not at all obvious how our existing precedents, which predate the age of the internet, should apply to large social media companies[.]”
RESPONSES
David Greene, civil liberties director of the Electronic Frontier Foundation, tweeted, “Keep the commercial speech cases Bigelow v. Virginia and United States v. Edge Broadcasting on you radar in this post-Roe era. Each case discusses when advertisements of services legal in one state may be published in a state in which the service is illegal.”
Director of Fight for the Future, Evan Greer, responded in a tweet, “I find this particularly interesting given that some civil society groups who are generally pro Section 230 have said they might support a 230 carveout around paid advertising. Hard to imagine how any abortion provider could run online ads if that were to happen now…”
Ron Wyden, US Senator (D-OR), tweeted, “It’s no accident that Republicans’ efforts to criminalize abortion have moved in tandem with their crusade to control what people can say, write, or teach. In the post-Roe world, Section 230 will be critical in protecting abortion information online”
Elizabeth Nolan Brown, senior editor of Reason, tweeted, “And of course all of these abortion/speech issues will be compounded by the internet. Section 230. Search results. Encryption. Etc etc etc. You can get it’s all going to get roped into the coming abortion wars…”
Karl Bode, tech reporter, tweeted, “I don't know how you could argue that Facebook, also among the biggest purveyors of far-right propaganda on the planet, isn't a right wing organization // at BEST it's a spineless opportunist pandering to authoritarians”
He continued, tweeting, “just honestly one of the shittiest companies in tech, and it will never change until there's a ruthless culling of the entire executive leadership team, and even then it's probably too late now that there's a semi-competent FTC and they're stuck in an innovation spiral”
UltraViolet tweeted, “Abortion content should not be banned during this time. We're less than a week after the #SCOTUS decision, which means a gigantic information ecosystem is being formed (and has been forming for quite some time now). This means disinformation is going to be playing a MAJOR role,
They continued, tweeting, “which is all the more reason why #AbortionFacts should be spreading online, not abortion disinformation. Anti-abortion extremists want to prevent us from getting abortions, abortion facts, and would rather we risk our health, lives, and wellbeing than to allow us to post” and “something as simple as, "Abortion is essential" or "Abortion is healthcare." That's silly. And extremely dangerous to be spreading medical disinformation AND preventing factual medical information. #BansOffOurBodies”
Kendra Albert, Clinical Instructor at Harvard Law School's Cyberlaw Clinic, tweeted, “I am so glad Evan and Lia wrote about this! If you think the problems with online platforms taking down abortion info are bad now, under most of the 230 reform proposals, they would be WAY worse.”
Eva Galperin, Director of Cybersecurity at the Electronic Frontier Foundation, responded by tweeting, “Access to accurate information about safe abortions is more important than ever. The choices online platforms make right now will dictate how that plays out.”
Evan Greer tweeted, “If Democrats don't hold the line against carevouts to Section 230, we’ll live in a country where lawmakers in Alabama, Mississippi, and Texas get to set the rules for online speech nationwide. We can't let that happen. Plz share this widely.”
Jeff Kosseff, associate professor of cybersecurity law at the U.S. Naval Academy, responded by tweeting, “I highly recommend this excellent piece examining the intersection of Section 230 and many of the threats arising from the overturning of Roe.”
Greer also tweeted, “Sex workers and LGBTQ+ groups have been warning about the dangers of further changes to Section 230 for years, since the utter disaster of SESTA/FOSTA. Democrats need to start listening, before it's too late.”
How do existing data collection practices put women at risk in post-Roe America?
In addition to concerns about censorship of abortion content online, privacy advocates and lawmakers are warning that tech companies’ extractive data collection practices have left individuals seeking abortions in trigger states vulnerable to criminal investigation or prosecution. In May, a report by Motherboard revealed that sensitive location data related to 600 U.S. Planned Parenthood locations could be easily purchased from one data broker. Additionally, in Indiana and Mississippi, search and browsing history has been used previously in cases against individuals suspected of violating abortion law.
Amidst concerns that digital footprints may be used for prosecutions, reproductive rights activists are advocating for deleting period and fertility tracking apps. Stardust, a tracking app, surged in downloads after it claimed it would implement end-to-end encryption. But privacy and encryption experts quickly debunked Stardust’s claims, noting that its privacy policy requires the company to comply with law enforcement and highlighting its shoddy end-to-end encryption practices.
Real risks to women’s safety post-Roe go beyond period-tracking apps, privacy experts warn. As the Ford Foundation’s Cynthia Conti-Cook explains in her University of Baltimore Law Review article, Surveilling the Digital Abortion Diary: “[N]ew unregulated technological developments, in combination with the potential increase in the criminalization of pregnancy and abortion, will create life-long devastating penalties for people seeking autonomy over their decisions related to their reproductive health.”
RESPONSES
New America’s Open Technology Institute wrote in a statement: “In hollowing out this long-standing right, the Court’s decision creates new and egregious privacy threats. Digital surveillance is more expansive than ever, and in states where abortion is no longer legal, law enforcement and others will likely seek access to extremely sensitive healthcare data and further erode individual privacy.”
The Center for Democracy and Technology wrote in a statement: “This ruling is devastating for the privacy rights of people seeking reproductive care… In the digital age, this decision opens the door to law enforcement and private bounty hunters seeking vast amounts of private data from ordinary Americans. Location data that reveals sensitive reproductive health information can be collected and sold by data brokers without users’ knowledge. Data about a person’s reproductive health decisions can also be revealed from sources like their browser and search histories, email and text message logs, use of reproductive health apps, and other commercial products…”
Access Now wrote in a statement: “In light of this decision, law enforcement agencies and prosecutors in states that have criminalized abortion will likely seek to access geolocation and other data to identify people who have sought abortions, including those who travel to other states to access reproductive services.”
The Electronic Privacy Information Center wrote in a statement: “The Court’s ruling is an affront to human rights and a clear signal that constitutional protections for privacy and autonomy are at risk of further erosion. Privacy is a fundamental right that the Court has long recognized as ‘implicit in the concept of ordered liberty.’ Now, for the first time, the Court has stripped away part of that right to personal autonomy and self-determination.”
Zeynep Tufekci, Technology and Society researcher at Columbia University, tweeted, “Let me reemphasize that there’s fairly little an individual can do to effectively protect themselves from being hunted down by law-enforcement or antiabortion vigilantes using the many tools of digital surveillance. Period apps are very minor in the scheme of what’s possible.”
Cory Doctorow, tech journalist, tweeted, “Period-tracking apps share their users' sex lives, fertility data, location and other sensitive info to all comers, and will be a bonanza for bounty-hunting forced-birth advocates seeking to turn in people who have abortions for cash rewards.”
What are the remedies that experts and advocates say will protect women and their right to privacy?
In light of these risks and threats, privacy and reproductive rights advocates say curbing data collection and digital surveillance is more urgent than ever, pressing tech companies to terminate the practice and demanding lawmakers issue a comprehensive federal privacy standard.
Fifty civil rights organizations are urging Google to stop unnecessarily collecting and retaining customer location data to avoid jeopardizing the privacy of individuals seeking abortions. In their privacy policies, several tech companies have established that they may share user data in compliance with law enforcement and have remained silent on whether or not these policies will change in light of the Court’s decision. Kendra Albert, a Clinical Instructor at Harvard’s Cyberlaw Clinic, points out the unlikelihood that tech companies will issue any statement taking a stand against fulfilling requests for data for authorities because resistance could implicate them criminally.
Earlier this month, lawmakers introduced several new privacy bills, including the My Body, My Data Act, the Health and Location Data Protection Act, and American Data Privacy and Protection Act draft bill. The Health and Location Data Protection Act would end the sale of location and health data by data brokers, and the My Body, My Data Act would restrict tech companies from collecting nonessential health information. Advocacy groups like the Electronic Frontier Foundation and Fight for the Future have already endorsed the My Body, My Data Act.
Although the American Data Privacy Protection Act advanced to markup last Thursday, it’s not getting sufficient support elsewhere. According to a memo circulated by Democratic staffers, Democratic aides have said the Three Corners Bill fails to protect against the emerging privacy threats of a post-Roe world. Sen. Ron Wyden (D-OR) disagreed with a “loophole” that would exempt de-identified data, arguing, “Data that tracks phones from a doctor’s office to where individuals sleep at night would make it trivially easy to re-identify supposedly anonymous data and put women's privacy at risk.” Outside of Congress, the Electronic Privacy Information Center (EPIC) continues to support the bill. Furthermore, as Democrats demand stronger reproductive data privacy protections within the ADPPA, the likelihood of Republican agreement on national data privacy appears to be slim.
As the fate of a federal privacy law remains uncertain, Democrats are directing attention to the Federal Trade Commission’s enforcement authority, urging the agency to launch a probe into Google and Apple. Citing the vulnerability of people seeking abortions to privacy harms, Sens. Wyden (D-OR), Booker (D-NJ), Warren (D-MA), and House Rep. Jacobs (D-CA) said iOS and Android helped facilitate “an unregulated data broker market.”
RESPONSES
The Center for Democracy and Technology wrote in a statement: “In this new environment, tech companies must step up and play a crucial role in protecting women’s digital privacy and access to online information. There are a variety of ways to do this, including strengthening and expanding use of end-to-end encryption; limiting the collection, sharing and sale of information that can reveal a person’s pregnancy status; and refraining from using artificial intelligence predictive tools that could reveal users’ pregnancy status.”
CEO Mallory Knodel tweeted, “Justices taking away multiple rights makes more of everyday life a crime. Criminalizing abortion + deputizing citizens to sue any person who performs, aids, abets abortions means cops and civilians are incentivized to violate individuals' right to privacy.”
New America’s Open Technology Institute wrote in a statement: “[I]t should not merely be incumbent on individuals to protect themselves and their data online. As a start, tech companies should take steps to protect their users by reviewing and limiting the relevant data that they collect and retain; refusing to sell such data; challenging or limiting law enforcement requests for this data to the extent possible; and offering and defending encrypted services as much as possible. Finally, policymakers must act now to protect both patients and providers of reproductive healthcare and their digital privacy.”
In a statement, the Electronic Frontier Foundation wrote: “Everyone deserves to have strong controls over the collection and use of information they necessarily leave behind as they go about their normal activities.”
They continued, saying: “People should carefully review privacy settings on the services they use, turn off location services on apps that don’t need them, and use encrypted messaging services. Companies should protect users by allowing anonymous access, stopping behavioral tracking, strengthening data deletion policies, encrypting data in transit, enabling end-to-end message encryption by default, preventing location tracking, and ensuring that users get notice when their data is being sought. And state and federal policymakers must pass meaningful privacy legislation. All of these steps are needed to protect privacy, and all are long overdue.”
Director of Cybersecurity Eva Galperin wrote in a Twitter thread: “If tech companies don’t want to have their data turned into a dragnet against people seeking abortions and people providing abortion support, they need to stop collecting that data now… Search data matters. Location data matters. Health data matters. Contact lists and friend lists matter. The contents of messages matter and so does the meta-data. If you work in tech, this is what you should be protecting right now.”
Senior legislative activist Hayley Tsukayama said in an interview: “None of the state laws are sufficient to protect people against the things that we’re worried about.”
Access Now wrote in a statement: “It is imperative that guardrails be put in place to ensure geolocation data trackers and other companies that harvest data cannot sell information on people seeking abortions. Better yet, companies should follow data broker SafeGraph’s example and stop selling information on people’s reproductive healthcare decisions — It is an assault on human rights. Companies should not provide government authorities access to reproductive health data.”
In a statement, Fight for the Future wrote: “Surveillance capitalism as a business model is incompatible with basic human rights, and this assault on bodily autonomy makes that clearer than ever. The White House, Congress and the Federal Trade Commission must do everything in their power to end corporate surveillance, data harvesting, and data retention practices that are weapons perfectly built to persecute abortion patients. Companies must end the collection and storage of sensitive location, health, and other data that will be used to apprehend and persecute anyone engaged in the abortion care process.”
Director Evan Greer spoke with Kara Swisher and Scott Galloway on their podcast, Pivot. In the segment, she said that “if tech companies really care about protecting reproductive rights, they'll take immediate steps to reduce data collection & retention and fire their anti-privacy lobbyists.”
Greer also tweeted, “Tech companies: commit to firing all the lobbyists you have working against real privacy legislation in states where abortion is criminalized or literally shut the fuck up about the SCOTUS decision.”
Danielle Citron, Professor of Law at UVA Law, wrote a piece in Slate entitled “The End of Roe Means We Need a New Civil Right to Privacy.” In it, she criticizes the precedent repealing Roe has for user data surveillance, saying: “With the evisceration of Roe and the triggering of state laws criminalizing abortion, police can access the evidence they need to pursue investigations. Our fertility, dating, and health apps, digital assistants, and cellphones track our every move, doctor visit, health condition, prescription, and search; the details of our intimate lives are sold to advertisers, marketers, and data brokers.”
She continued, saying: “The Dobbs ruling should shake us from our complacency. We want, expect, and deserve privacy for our intimate lives, yet we do not have it. The privacy of our intimate lives is under assault, and we need to fight to get it back. We need legislation that makes clear that intimate privacy must be protected and prioritized rather than destroyed or ignored. We need a civil right to intimate privacy now.”
Nora Benavidez, Senior Counsel at Free Press, responded: “We are close to getting the privacy and civil rights protections we’ve been anted for 15+ years. We’re fighting for this @freepress every day this summer. It’s past time. Great piece from @DanielleCitron.”
Benavidez later wrote in a Twitter thread: “Individuals’ access to abortions and provider treatment/healthcare implications hang in balance after the Dobbs ruling… [W]e need policies to limit the data collected about us; limits on what data brokers can sell to police & gov’t; more resourcing for social media moderation; & equitable moderation with new policies that don’t lead to over-enforcement of abortion & healthcare content.”
Sen. Ron Wyden said in a statement: “Congress must pass legislation protecting people’s data so their web searches, text messages and location tracking aren’t weaponized against them… Technology companies must take immediate steps to limit the collection and retention of customer data so that they don’t become tools of persecution.”
Zamaan Qureshi retweeted Sen. Wyden, adding: “@RonWyden is right. Roe overturned means we need federal privacy legislation.”
Rep. Suzan DelBene (D-WA) said in an interview with CyberScoop: “It’s important that people are aware of the information that’s out there that isn’t protected today, and what the risks are to consumers and, in particular, the huge concerns and risks that would be in place for women if the Supreme Court moves forward and we don’t protect their personal information… It’s critically important that we get legislation finalized.”
Tiffany Li, assistant professor of law at the University of New Hampshire Law, said in an interview: “Most of our privacy rights have been determined in the courts… The fact that the law enforcement agencies can get data even outside of the warrant process presents a huge range of risk for a lot of people.”
Privacy attorney Katelyn Ringrose said in an interview: “Folks tend to differentiate bodily autonomy quite a bit from data privacy but in truth, they’re one and the same… You can’t get that without having privacy with your own data… We need federal legislation to codify [Roe v] Wade and we need federal legislation that protects information privacy.”
The ACLU wrote in a Twitter thread: “To help protect your digital privacy when seeking an abortion, you can: Use a privacy-first search engine, like DuckDuckGo. Chat about plans on encrypted apps with disappearing messages. Turn off Google location and search history. Turn off phone location services.”
They continued, saying: “As states push abortion out of reach and criminalize care, people who need an abortion have rightfully raised the alarm about the unprecedented access the government — and private entities — have to our digital lives… No one should have to live in fear of constant surveillance when making decisions about our health care. Our right to privacy goes hand-in-hand with our right to abortion – and we won’t stop fighting for either.”
Democracy Now hosted Daly Barnett (staff technologist at the Electronic Frontier Foundation) and Grace Oldham (reproductive rights reporter) on a segment called “Encrypt, Obscure, Compartmentalize: Protecting Your Digital Privacy in a Post-Roe World.”
Barnett was quoted as saying: “I would say that the first step that abortion seekers, providers, abortion access activists ought to do is an exercise that we call threat modeling… From there, the more technical measures people can take are, first, I would say, download an end-to-end encrypted messaging app, like Signal, turn on disappearing messages — super important.”