How tech firms and users can protect privacy

The Supreme Court’s decision on Friday to withdraw the right to obtain an abortion raised new questions about whether and how tech companies should protect the information of users seeking reproductive health care.

Tech companies may have to grapple with user privacy issues related to this kind of health care, whether they want to or not. This may be the case if they are ordered by a court to hand over certain types of data, such as location information, search history or text messages of users at an abortion clinic.

Even before the decision was made official, lawmakers asked Google and the Federal Trade Commission to ensure that the data of online consumers seeking care would be protected in the event that the landmark Roe v. Wade decision was reversed. The letters came in the wake of Politico’s reporting on the leaked draft decision, which would cut security.

The official decision puts the online platform in a difficult position. Although major tech companies have spoken out on political issues that align with their values, including advocating for certain types of privacy laws and immigration reforms that protect their workforces, access to the issue as controversial as abortion rights Doing can come with significant backlash from both. sides of the debate.

Those who have sought abortions or sued after experiencing pregnancy loss say they have already faced privacy concerns in states with restrictive abortion methods.

“We’ve already seen that, but we anticipate that tech companies will be issued subpoenas for people’s search histories and search information,” says Pregnant Women, a nonprofit that provides legal defenses for pregnant women. said Dana Sussman, deputy executive director for National Advocates. People.

“The problem is, if you build it, they’ll come,” said Corinne McSherry, legal director of the non-profit Electronic Frontier Foundation (EFF). “If you create huge databases of information, then what you are creating is like a honeypot for law enforcement to come to you, you come in as a third party, and have a chance to get that information. If they think it is useful for prosecution.”

That’s why a group of Democrats led by Sen. Ron Wyden of Oregon and Representative Anna Esshu of California wrote to Google last month about concerns over its “need to collect and maintain comprehensive records of cell phone location data”. Current practice will allow it to become a tool for far-right extremists looking to crack down on people seeking reproductive health care.This is because Google stores historical location information about hundreds of millions of smartphone users, which it regularly collects. regularly shares with government agencies.

Data privacy experts, concerned about the implications of the court’s ruling, say there are ways in which both tech companies and their users can try to better protect their information in the post-Roe era.

Sussman pointed to two cases that could foreshadow the ways prosecutors used digital communications as evidence in cases criminalizing abortion in the post-Roe era.

The first is that of Purvi Patel, who in 2015 was sentenced to 20 years in prison after allegedly aborting herself on charges of feticide and neglect of a child. Patel told doctors in an Indiana emergency room that she would have an abortion, resulting in a stillbirth. Prosecutors used texts between Patel and a friend, including a discussion about ordering pharmacy pills to induce abortion, as evidence against them.

In 2016, an appeals court downplayed the seriousness of the charges, finding that the law had not been used against women for their own abortions, and Patel was released from prison when his sentence was even shorter. It was done

The second case is that of Lattice Fisher, who was indicted by a Mississippi grand jury in 2018 of second-degree murder after her lawyers said she was a stillborn child. Prosecutors used Fisher’s search history, including the search for abortion pills and inducing abortion, as evidence against her, according to reports at the time. The district attorney later dropped the charge.

Once Roe v. Wade and Casey v Planned Parenthood, another case that generally upheld abortion rights, is undone, “We will see a reinterpretation of existing laws to apply for conduct during pregnancy.” , for pregnancy loss and self-managed abortion, Sussman said.

Although many of those who support anti-abortion laws say they should focus on providers of procedures, Sussman predicts that prosecutors will inevitably go after those seeking services as well.

“I think it’s not realistic,” Sussman said of the idea that anti-abortion laws would not target pregnant people. “And I think it’s not accurate at all, because we’ve already seen it and also because when you make laws that establish that a fetus is a person, you criminalize a pregnant person.” Will do. There is no question about it.”

As for technology platforms, the EFF suggested in a recent blog post that reducing data collection and storage could reduce the risk of that data becoming subject to scrutiny. The group suggests that companies cut down on behavior tracking, limit the type of data they collect to only what is needed and encrypt the data by default so that it cannot be easily read by others. .

The EFF also urges companies to back down on what it says would be unreasonable demands, such as asking a search engine for information on a search term such as “abortion” or geofence warrants that would be available to every device in an area. Orders data on, such as an abortion clinic. If there is still a need to comply with the demands, companies should at least notify users of them if they have not been banned from doing so, the group wrote.

“I think companies are calming down a little bit, but I’m pretty sure they’re thinking about it,” McSherry said.

“Tech platforms have a major role to play here,” said Sussman, who said companies should use their vast resources to challenge court orders for information related to abortion or pregnancy loss cases.

“The reality is that prosecutors’ offices have a certain amount of resources,” Sussman said. “And if they feel that the best way to use their resources to improve the quality of life in their community is to fight to achieve the digital footprint of pregnant people, then they have to spend those resources, and they are going to have unlimited access. The resources aren’t there. So if tech companies can make it very, very, and more difficult to access this information, it will play a big part in reducing their ability to bring these indictments.”

A spokesperson for Facebook parent Meta said the company already held back on broad-based requests for information, pointing to a policy on government requests that it says “may decline or over-specificity on those requests.” may be required that appear overly broad or unclear.” The policy also states that Meta will notify users and advertisers upon receipt of such requests, unless they are prohibited from doing so.

While many tech companies may be inclined to be as politically neutral as possible, McSherry said, “companies should always stand up for their users with privacy, no matter what the issue. And this is an opportunity for them to do so.” Is.”

McSherry anticipates that if tech companies don’t take steps to protect the information of users seeking abortions, their employees will push them to do more, as they have on other issues.

While companies reducing their own data collection and retention are the most obvious ways to reduce exposure to that data, experts focusing on surveillance and digital rights say there are some ways consumers can reduce risk themselves. Huh.

McSherry said it’s important to remember that “privacy is a community activity.” This means consumers need to think about the privacy and security of not only their own devices and services, but also that of their friends, family, and providers with whom they communicate.

That’s because even under some current state laws in Texas, prosecutors can seek warrants from third parties for information they believe may somehow help a pregnant person seek an abortion.

“Still, the responsibility to protect ourselves from unjust criminalization is falling on those who have the least resources,” Sussman said. “I would also caution people to make sure they are not sharing information with too many people, which, again, is also incredibly difficult if you need the support of your family and friends and community. But that people are very deliberate about who they share information about, because not only would someone’s digital footprint be a problem, but people who have the information could also be involved in some way or the other. “

EFF doesn’t endorse specific products, but McSherry suggests some basic ways for users to increase their data privacy protections.

The first is to use a search engine or browser that minimizes data collection or retention by default, such as DuckDuckGo, Firefox or Brave, and using a private browsing window that will not save search history.

Second, consumers should only communicate sensitive information over encrypted messaging services such as Signal.

The EFF also suggests in a blog post about protecting sensitive information that users set up secondary email addresses and phone numbers for communication they don’t want to be connected too closely. They point to ProtonMail and Tutanota as two email service providers with strong privacy offerings and Google Voice as an option to create secondary phone numbers.

The group also recommends browsing the Internet over a virtual private network, which can mask a computer’s IP address. It also suggests installing browser extensions that can enhance privacy, disable advertising identifiers on mobile devices, and enable location services only when necessary. The EFF says that when visiting a sensitive location, it makes sense to turn off devices completely to reduce location tracking.

McSherry expects that the data privacy concerns arising from the court’s ruling could have a huge impact on how consumers think about privacy protections more broadly.

“Until now, I don’t think most people have given much thought to the law enforcement aspects,” McSherry said. “I think most people think, ‘Well, those warrants are probably only going to be used against bad guys. … I don’t think this is necessarily true. But it does mean that this situation where you can now see it affecting millions of people, I think will lead to a reset of how people think about data privacy in general. And that, I think, can only be a good thing.”

Subscribe to CNBC on YouTube.

WATCH: Protesters outside Supreme Court after leaked doctor’s suggestion to reverse Roe v. Wade