This post originally appeared on News@Northeastern. It was published by Jessica Taylor Price.
The use of social media data as evidence to charge a Nebraska woman in an abortion case has reignited discussion of data privacy in a post-Roe United States.
According to court documents, Facebook messages show that a woman, who was 17 at the time, took abortion pills to end a pregnancy at 28 weeks—in Nebraska, abortions are illegal after 20 weeks—and disposed of the fetus. The criminal investigation began in April, months before the Supreme Court overturned Roe v. Wade in the Dobbs v. Jackson case.
Still, with the overturning of Roe v. Wade changing the legal landscape in the United States, some are worried that this case is emblematic of a stark new reality when it comes to criminalizing abortion. What they may not realize, though, is that law enforcement uses data like this all the time, and that data had been used to prosecute abortion long before the Dobbs ruling.
According to experts, concerns about data being used in abortion cases are warranted—messaging apps and geolocation data can be valuable evidence to law enforcement, along with other forms of data like browsing and purchasing history. This means the legal landscape in which pregnant people navigate reproductive healthcare now is significantly different from the one that existed before Roe v. Wade became the law of the land.
“We didn't exist in the kind of surveillance state and surveillance economy that we live in now,” says Ari Waldman, professor of law and computer science at the Northeastern University School of Law. “Now, states are criminalizing abortion in a world where every single move that we make is tracked by someone. And if that someone is a private party, it's super easy for any arm of the state to get that information.”
This type of usage of data also isn't new, not even in the context of abortion. In a 2020 University of Baltimore Law Review report, Cynthia Conti-Cook, a technology fellow at the Ford Foundation, outlines two examples of ways that data has already been used to prosecute abortion in the United States.
In April 2017, a Mississippi woman gave birth at home and was charged with murder. Among the evidence used in the case was her browser history, which showed that she had searched for information on abortion pills. The case was later dropped. And in 2013, an Indiana woman was charged with feticide after law enforcement found she had texted a friend about abortion pills.
These cases could be harbingers of what's to come, according to Conti-Cook. “The inclusion of Ms. Fisher's alleged internet search history related to her reproductive health as evidence of criminal intent will become standard protocol across the country once abortion is again criminalized,” she writes.
There are hurdles that keep law enforcement from using data in this way. According to the Digital Defense Fund, whose mission is to help protect “digital security for the abortion access movement,” most abortion-related criminal cases start not with data, but with a person reporting the alleged abortion. DDF cites an article by Kendra Albert, a technology lawyer at Harvard Law School's Cyberlaw Clinic, which describes how data is used to add evidence of a person's intent to have an abortion, rather than to begin an investigation. This suggests that pregnant people are not being monitored all the time, although, as Conti-Cook notes, this is not impossible, and she predicts that even other behaviors like going to a bar or a substance abuse center could be criminalized for pregnant people.
However, for a third-party company like Facebook, law enforcement typically has to obtain a warrant including evidence of a crime and specific information on the scope of the search.
“Law enforcement isn't going to look at the content of messages without justification,” says Alexandra Meise, associate teaching professor at the Northeastern University School of Law. “They are not blank checks.”
But there are loopholes. One of them is an “emergency legal request,” which can bypass the normal legal channels. Law enforcement can also purchase location data, Vox reports, and they can perform geofence warrants or search term warrants that capture the behaviors of many people at once.
Tech companies have little choice but to comply, The Washington Post reports, but Waldman notes that there are instances where Facebook and other platforms will challenge them.
For message apps, there's the added issue of encryption. Depending on the app, encryption can make it harder for law enforcement to access data. This makes it controversial, Meise says, as it can prevent the law enforcement from accessing some data depending on the app. Data storage and backups also complicate the question of whether data is secure.
Legally, there are few protections in place for consumers who want to shield this information from law enforcement. Meise notes that Europe has regulations protecting consumer privacy, but in the United States, progress in federal legislation has been limited.
“There has been debate in Congress about what kinds of federal legislation may be possible to protect consumer privacy, but so far, legislation currently proposed through the House has not made it to a vote,” she says. A case like this “may motivate Congress to overcome previous disagreements and take action on this issue.”
Ironically, some technology companies are ahead of the curve in this respect, according to Yakov Bart, associate professor at the D'Amore-McKim School of Business at Northeastern. In response to public concerns about privacy, such as the “creepy factor” of an ad suggesting the exact purse you spotted in a store, Apple requires marketers to ask their customers for permission before tracking them.
But consumer data is still far from being protected, and, Meise notes, a case like this could educate consumers on how law enforcement's use of data can impact them. For any other crime, such as a murder or theft, “it may not seem as strange to the general person” to look at data like this, she says. But now that abortion is being restricted in the United States, “that this case was about abortion highlights the privacy issue in a way that individuals who never anticipated being part of the criminal justice system can relate to,” Meise says.
Sam Levine, director of the Federal Trade Commission's Bureau of Consumer Protection, echoed Meise's sentiment in a statement to the Washington Post. “Some of the discussion around the recent Dobbs decision just underscores what many people have been saying for a long time: Consumer privacy is not just an abstract issue,” he said.
For some, the case reflects a broader discussion about privacy online. For others, it represents a new tool in an ongoing attack on reproductive rights. Chelsea Souder, founder and director of Nebraska Abortion Resources, would not comment on the case specifically, but in a statement, said: “No one should be targeted, policed, or prosecuted for self-managing abortion, or experiencing pregnancy loss.”