The Supreme Court’s ruling on Friday became a legal minefield for millions of Americans. Now’how to find an abortion’ is a lot more complicated than a simple Google search search search.
Abortion is now illegal in nine states, with many more planning to outlaw procedures in the coming weeks. Privacy advocates are warning that people’s search history, medical records, or other data could be used against them in court.
The Verge spoke to experts about where they see the greatest privacy vulnerabilities for people seeking abortions in a post-roe U.S..
Many cases start at the doctor’s office. The National advocates for pregnant women provides legal defense for pregnant people. One of the most common ways for a prosecution to begin is with healthcare providers.
‘we have had many, many cases where people are criminalized because healthcare providers have reported them to the police,’ says napw executive director Dana Sussman.’in many of our cases, the site of care is also the scene of criminalization, even in the pre-dobbs reality,’ he says.
Under HIPAA, doctors and medical organizations are allowed to report personal health information if they think that a crime has been committed at the institution. In states where abortion is a crime, a doctor could report that they think one was performed – and police could use that report as grounds to begin a more serious investigation.
Hipaa is much more protective than it actually is, says Carly zubrzycki, a health law professor at the University of Connecticut school of law.
The risk is particularly acute at crisis pregnancy centers. These centers offer counseling rather than medical care. They’re run with the explicit goal of discouraging women from getting abortions.
‘they are operating in states that are extremely hostile to abortion rights,’ says Sussman.’they can create all sorts of problems for people who are pregnant and having an abortion’.
The crisis pregnancy center map identifies more than 2,500 such centers across the US, more than triple the number of abortion clinics. Groups like napw and digital Defense Fund recommend that pregnant people avoid them completely.
The reproductive rights group if/when/how deals with many of these cases through its legal helpline. Senior counsel Farah diaz-tello says cases usually begin with a personal report.
The first line of defense is not sharing information unless absolutely necessary, says diaz-tello. diaz-tello:’the precipitating factor is always someone else reporting them to law enforcement, who then have the power to seize people’s devices’.
It’s impossible to erase every digital trace investigators might find. Simple precautions can go a long way toward minimizing the risk of a person’s data being used against them.
We’ve avoided more complex tracking systems like IP-based identification or the tracking pixels used in ad networks. Neither has a track record of being used in law enforcement investigations of this kind. Instead, we’ve focused on the most urgent risks and most effective defenses.
The sheer volume of data is hard to ignore, says a public defender in the digital forensics unit of the legal aid society in New York City. Once police start looking for data to confirm an abortion took place, there are lots of places to find it.
Latice Fisher, a Mississippi woman, was charged with second-degree murder after a failed pregnancy. The investigation began with a 911 call from her husband, who believed his wife had given birth only for paramedics to find the fetus unresponsive. Prosecutors later claimed that Fisher confessed to a nurse that she wanted to terminate her pregnancy.
Prosecutors drew heavily on Fisher’s search history, which included searches like’buy misoprostol abortion pill online’.
A valid court order is enough to get a person’s entire search history. It’s a liability for anyone researching abortion services in places where abortion is now illegal. Sign out of Google or using a privacy-minded search engine like DuckDuckGo will prevent searches from showing up in a search history.
A broad and alarming power has given rise to a concern about dragnet surveillance around terms related to abortion. These warrants have only been issued for queries tied to specific incidents, like the name of a trafficking victim or the address of a building targeted by arson.
Apps that collect and store health information, like period trackers, are notoriously leaky, and many have poor privacy protections. They could be used to check if someone has been pregnant – or if that pregnancy ends.
Data from health apps like period trackers has not been a major part of the strategy to prosecute people seeking abortions so far. Experts think this sort of data could be used against people going forward.
Hipaa does n’t protect against court-issued warrants forcing doctors and health organizations to hand over health records about someone suspected of a crime. Records can be used to make a case that a person had or tried to have an abortion.
The reproductive freedom defense act blocks other states from subpoenaing reproductive health-related information. The legislation could be a model for other states who might come to Connecticut for the procedure.
Information-Sharing rules around health data are set up to help doctors see the types of treatments and care their patients got from other doctors.’imagine that you are in Alabama, and you come to Connecticut and get an abortion, and then you go see any other doctor in Alabama. We’re increasingly in a world where your medical record may just kind of follow you back to Alabama,’ zubrzycki says.
Many individuals do n’t even own their health records; instead, the medical systems do. Many individual patients do n’t own their records, instead, they do n’t.
Remote treatments like misoprostol can be safely and privately ordered online. The remote nature of the treatment means cash is not an option. It’s difficult to make a digital transaction without leaving a record.
The pro-abortion digital Defense Fund recommends using a pre-paid gift card if the convenience of a credit card is needed. This will also reduce digital footprint in other ways.
Cell phone operators handle the routing of calls and SMS messages from our mobile devices. They are frequently subject to subpoenas and search warrants from law enforcement agencies investigating crimes.
A subpoena request does not have to be approved by a judge. Most cell phone network operators can hand over your name, address, and metadata about network use.
T-Mobile revealed that the company received 340,995 subpoenas. More than 80,000 search warrants and 50,000 court orders to provide more detailed user information.
Regular SMS messages are not a secure way to communicate. Using encrypted messaging apps like signal or FaceTime calls gives an additional layer of security.
Signal also has a disappearing message function so that message history is automatically erased from both devices after a certain period of time. Signal also had a disappearing signal function.
By default, most mobile devices collect detailed location data. Data is stored in a user’s history and associated with an online account. A large volume of this location data is available to be purchased from data brokers.
One location data broker sold anonymized information on visitors to 600 Planned Parenthood centers across the US. The information did not contain visitors’ names or exact addresses. Many researchers have warned that it’s possible to de-anonymize users from aggregate data.
In criminal cases, cell phone location data can be made available to law enforcement through a controversial investigation technique known as a geofence warrant. These warrants request information on all devices that passed through a certain area in a set period of time. In the past, they’ve been used to investigate crimes like arson attacks and protest violence but could potentially be used to seek information on cell phones that have been in the vicinity of an abortion clinic.
Android devices and iPhones both give users the option to disable location data collection. If this is n’t possible, Android devices are able to disable their location data.
More than 40 Democratic members of Congress called on Google to curb location data tracking. They suggested that the company should not collect or retain any more location data than was strictly necessary.
It’s possible to take steps to shore up personal privacy. But, like always, these steps are most accessible to people who are n’t already targets under anti-abortion regimes.