Saturday, July 02, 2022

Who’s Going to Protect Reproductive Rights Online?

Chicago protests, June 24. (photo: Timothy Karr)

Co-authored with Nora Benavidez for Tech Policy Press

Following the Supreme Court’s decision overturning Roe v. Wade13 states have or will soon have laws that criminalize abortion, and at least five more are ready to follow. Those trying to determine how and where they can obtain reproductive healthcare face added layers of complexity when they use the internet and their smartphones to learn more. Law enforcement can now weaponize online data to investigate, harass and take legal action against people seeking abortions.

Despite the severity of the situation, social media platforms and other tech companies are failing to grapple with how the Supreme Court ruling should alter their content-moderation and user-privacy guidelines. Few could muster a coherent response when reporters from MIT Technology Review asked for clarity. 

We can already tell from recent reporting that they’re making a mess of it. Companies including Meta and Google have overcorrected for the Dobbs v. Jackson Women’s Health decision in ways that could further jeopardize the health and liberty of millions of people. 

Before they do more harm, online platforms and internet service providers must change how they collect data about their users and ensure that they’re not sharing information that puts abortion seekers at risk. Congress, the Federal Trade Commission (FTC), and tech companies themselves each have power to safeguard the rights of those seeking reproductive health services. 

Privacy and the Digital Dragnet

This situation was decades in the making. Authorities can access pretty much anything we do online and via our smartphones. And there’s little that social-media platforms and other technology companies can do if police with a legal warrant or court order seek the user information these businesses have collected.

Google, for example, received more than 20,000 U.S. location data warrants between 2018 and 2020. This included dragnet orders demanding data about everyone who was near a particular location. In the hands of law enforcement seeking to charge abortion seekers, this would give them the power to locate a person at an abortion-services provider’s address at a given time. Google, which produces the Android operating system for hundreds of millions of mobile devices, says that as a matter of company policy it is required to respond to legal warrants.

There’s an additional risk to people who search for reproductive health-care information, such as how to order “abortion pills” via any of the online providers of this medicine. Internet service providers can keep records of the websites their users visit. When you send a text via SMS, your phone company stores copies of all those texts. These can be turned over under a warrant.

AT&T, for example, received 77,996 criminal subpoenas for user information from federal, state and local authorities in just the last six months of 2021. Like other companies that hold user data, AT&T says it is required under the law to provide customer data in response to court orders, subpoenas, lawful-discovery requests and other legal requirements.

What Congress Can Do

The absence of clear federal data privacy laws is a major concern. Layer over that the patchwork of state-level prohibitions on abortion and things become far more confusing for people seeking reliable abortion information online. The glut of websites and social-media posts featuring inaccurate medical and legal advice makes matters even worse. The platforms’ own rules for addressing these issues remain murky and are inconsistently enforced. 

One fairly straightforward solution is for these companies to stop collecting data about what their users are doing online, and where they’re going offline. Platforms, search companies and internet service providers must change their data-collection and retention practices so that they no longer gather or store individualized search and browsing histories and unnecessary customer-location information. 

To that end, Congress is considering several privacy bills that limit the data companies can collect. Various pieces of legislation currently on the table would reduce or prohibit the collection, retention and use of sexual health information, while others protect healthcare, genetic, biometric and geolocation data more generally, or even ban any use of such data in a way that violates people’s civil rights. But online entities still would be able to use such data with individuals’ consent, in order to respond to the requests that users make for information on these crucial topics.

Free Press Action is part of a large coalition of civil and digital rights groups fighting to minimize the personal information platforms and data brokers can collect and limit how they can use it. Another strong legislative proposal is the Fourth Amendment Is Not For Sale Act, which closes a loophole that currently allows these brokers to sell our data to police without a warrant.

While none of these proposals are a perfect fix for this complex and crucial set of issues, these bills are meaningful measures that — if passed — could begin to ensure that tech companies are doing more to safeguard the privacy necessary for protecting reproductive rights.

What the FTC Can Do

The FTC is charged with oversight of unfair or deceptive practices related to the harvesting, sharing or sale of personal data, including health-related information.

For months now the agency has been teasing plans to begin a rulemaking proceeding to rein in the misuse of online data by social-media companies and other data brokers. In May, the Senate confirmed the agency’s fifth commissioner, Alvaro Bedoya, an experienced privacy advocate who has supported agency action alongside FTC Chairwoman Lina Khan and Commissioner Rebecca Kelly Slaughter. 

The agency has put a proceeding on its summer calendar and has the majority it needs to establish clear rules against abusive data practices that undermine reproductive rights and access to health care. Through an open and participatory rulemaking, the FTC can build a record of the harms related to the trafficking of personal and geolocation information and establish guardrails against unfair and deceptive extractive data practices. Such a rule would help mitigate these harmful data practices embedded in every sector of society, which we know to especially harm historically disadvantaged communities.

What Platforms Can Do

Legislation and FTC rules together won’t fix everything. People researching reproductive health-care options are seeking information on social-media platforms. With state-level abortion restrictions, sharing this kind of information in those states presents a significant content-moderation challenge.

Recent research finds that content from less reliable sources referencing abortion has more than doubled since the Dobbs ruling was leaked in May. Platforms have yet to apply the sorts of user-warning labels to abortion misinformation that they’ve applied (albeit in a haphazard fashion) to inaccurate posts about COVID-19 treatments and elections.

We’ve already seen risk-averse social-media companies overreact to abortion-related content. Meta, for example, technically has a gun-sale ban on its platforms. Yet it allows users to violate that policy 10 times before penalizing them. Meanwhile, just in the last week Facebook and Instagram have removed individual posts about sales of abortion pills. It seems likely that these companies will also ban ads for abortion services in states that have outlawed abortions.

If they’re forced to do so, they and other online advertisers must also refuse to accept advertising dollars from entities seeking to mislead people seeking abortions (for example: by posing as clinics that provide these services or spreading disinformation).

Social-media platforms have an ethical responsibility to invest in moderators who are specifically trained to spot such harmful content. These companies must ensure that people seeking abortions aren’t targeted for abuse or exposed to disinformation.

The difference between 2022 and 1973, when Roe v. Wade was decided, is that we now live in an era in which data about what we do, with whom and where, is in the hands of tech companies and data brokers that are willing to sell this information to the highest bidder — or hand it over to federal, state and local authorities.

As tech companies wield increasing power over everyone’s digital rights, they must collect and archive less user data and establish clear standards for sharing potentially lifesaving reproductive health-care information. The Supreme Court’s abortion decision makes the need for comprehensive action more urgent than ever. Congress, the FTC and tech companies must do what is necessary to protect reproductive rights.

Nora Benavidez is the senior counsel and director of digital justice and civil rights at Free Press Action, where Timothy Karr is the senior director of strategy and communications.

No comments: