Post-Roe reproductive privacy goes beyond period trackers, experts say
The Supreme Court’s reversal of Roe v. Wade last week triggered a viral wave of concern about how law enforcement in states criminalizing abortion could use everything from period tracking apps to data from Planned Parenthood’s website to arrest abortion-seeking Americans.
“When you’re looking at the criminalization of something that used to be legal, potential sources of information that could be used against someone includes basically everything,” said Kendra Albert, an attorney at Harvard Law School’s Cyberlaw Clinic.
But as Albert and co-authors professor Maggie Delano and policy analyst Emma Weil pointed out in a recent blog, some of the advice spreading online after the ruling is based more on fear and uncertainty than actual legal risk. More urgently, it could distract individuals concerned about their reproductive rights from more serious security risks.
When assessing the risks that Americans now face when it comes to the use of their data in potential abortion-related charges, experts such as Albert say that it’s important to look at what’s actually been used in prosecutions before. Using that as a model, period trackers prove less of a risk than viral tweets may lead one to believe. Of the known abortion-related cases that relied on digital evidence, none relied on data from period-tracking apps.
And even if law enforcement tried to rely on that data in future cases, it would be difficult to get a conviction out of it, argues Albert, who uses the pronoun they, and their co-authors. Take for instance a case where an individual is suspected of inducing a self-managed abortion. Medically, miscarriages and self-managed abortions are indistinguishable. A period tracker would be relatively useless in proving intent compared to evidence like texts, emails and search histories pointing to buying an abortion pill — all forms of data which have been used by law enforcement in previous abortion-related charges.
Even in instances where individuals follow best security practices and obfuscate their digital footprint with encrypted messaging or a privacy-focused search engine such as DuckDuckGo, police have plenty of non-tech data sources to utilize. Albert noted that health care providers, which have access to far more health data than most tech providers, can prove a bigger risk when targeted by law enforcement.
The issue of how to protect reproductive health data is not just an individual one, of course. Policymakers have had to grapple in the aftermath of the Roe reversal with how to deal with concerns over reproductive data. For instance, the Department of Health and Human Services on Wednesday issued guidance clarifying that the Health Insurance Portability and Accountability Act prohibits healthcare providers from disclosing protected health information to law enforcement outside of narrow exceptions.
The step is a beneficial one for reproductive privacy, said Greer Donley, assistant professor of law at the University of Pittsburgh Law School.
“We know from other countries that ban abortion that many investigations related to abortion-related crimes start in the emergency department where someone seeks care after self-managing an abortion,” Donley wrote in an email. “This guidance—and particularly, enforcement of the statute against someone who violates it—should help protect patients.”
The Biden administration will also reportedly send a letter to the Federal Trade Commission asking that the agency use its authorities to prevent unfair or deceptive surveillance and sharing of personal health data related to reproductive health, according to a report by Axios.
Even if it’s impossible to have perfect security, there are realistic steps that individuals can take to shore up their privacy, experts say.
Groups like the Digital Defense Fund and Electronic Frontier Foundation urge individuals to adopt encrypted messaging apps such as Signal for discussions about reproductive health and related protests, for instance.
Ultimately, how to model risk when it comes to sharing reproductive data is an extremely personal decision, Albert said.
“I mean, yes, there are probably risks. But are running those risks worth not being pregnant to people, and I think the answer is also yes,” they said. “You have to balance the cost of taking any digital security advice against not taking it.”
Updated 7/1/22: Updated to include the names of Albert’s co-authors.