State governments are seeking ways to safeguard health data used in the ongoing controversy surrounding abortion.
Certain state governments and federal regulatory bodies were already taking steps to protect the confidentiality of people’s reproductive health information. However, a recent report from a U.S. senator revealed that cellphone location data was utilized to send millions of anti-abortion advertisements to individuals who had visited Planned Parenthood facilities.
It is against federal law for medical providers to disclose health information without a patient’s permission, however, this does not prohibit digital technology companies from monitoring menstrual cycles or an individual’s whereabouts and then selling this data to data brokers. Attempts to pass federal regulations to ban this practice have not been successful due to resistance from the tech industry.
The issue of whether this should be altered has become a divisive point in a country where the majority of states governed by Republicans have implemented limitations on abortion – with 14 states completely banning it at all stages of pregnancy – while most states governed by Democrats have worked to preserve access since the Supreme Court overturned Roe v. Wade in 2022.
Advocates for abortion rights are concerned that failure to maintain the confidentiality of this data could result in its exploitation for both targeted advertising and legal investigations, or by anti-abortion individuals seeking to harm those seeking to terminate pregnancies.
Washington state Representative Vandana Slatter, who introduced a law in her state last year to regulate the unauthorized use of health information, stated that it is not just slightly unsettling, but rather has harmful consequences.
Up to this point, there is no proof of widespread utilization of this type of information in criminal investigations.
Albert Fox Cahn, the executive director of the Surveillance Technology Oversight Project and a proponent of safeguards, stated that we are discussing a potential risk in the future, not a current situation on the ground.
Last week, Senator Ron Wyden, a Democrat from Oregon, released a report revealing the largest known campaign against abortion, targeted at individuals who have visited abortion clinics.
Wyden’s investigation found that the information gathered by a now-defunct data broker called Near Intelligence was used by ads from The Veritas Society, a nonprofit founded by Wisconsin Right to Life. The ads targeted people who visited 600 locations in 48 states from 2019 through 2022. There were more than 14 million ads in Wisconsin alone.
Senator Wyden urged the Federal Trade Commission to step in during Near’s bankruptcy proceedings to ensure that any location data gathered from Americans is permanently deleted and not sold to other data brokers. He has also requested that the Securities Exchange Commission look into potential securities fraud, as Near may have provided false information to investors regarding the senator’s investigation.
This is not the first occurrence of the issue.
In 2017, Massachusetts came to an agreement with an advertising agency that conducted a comparable campaign almost ten years prior.
In 2022, the Federal Trade Commission filed a lawsuit against data broker Kochava for making similar allegations. The case is still ongoing. Last month, the FTC reached a settlement with another data broker, X-Mode Social, and its successor Outlogic. The government accused them of selling location data of users who had opted out of such sharing. It was also discovered that X-Mode had sold location data to the U.S. military.
The FTC used a law prohibiting unfair or deceptive practices in both instances.
Several states are enacting or contemplating legislation designed specifically to safeguard confidential health data.
Washington’s Slatter, a member of the Democratic party, has devoted her efforts to addressing concerns surrounding digital privacy for a considerable amount of time. However, she was unsuccessful in getting a bill passed in her state that would provide comprehensive safeguards.
She mentioned that there was a shift after Roe v. Wade was rescinded. In 2022, she attended a protest and overheard women discussing removing period-tracking apps due to concerns about their personal information being misused.
Last year, when she proposed a bill regarding data privacy in the healthcare field, women of varying ages and backgrounds showed up to express their support, not just lawyers and lobbyists.
The regulation prevents the sale of personal health information without a person’s permission and also bans tracking of individuals visiting reproductive or sexual health facilities. It was passed by the majority of Democratic lawmakers in the state, while all Republicans opposed it.
In the previous year, Connecticut and Nevada both implemented comparable regulations. Additionally, New York passed a law prohibiting the use of tracking devices near health care facilities.
California and Maryland chose a different method by passing legislation that prohibits computerized health systems from sharing sensitive medical information with other providers without consent.
“We are actively advancing towards a smooth and unrestricted transfer of healthcare information, with the goal of making it easily accessible for providers to treat individuals holistically,” stated Andrea Frey, a legal representative for healthcare providers and digital health systems. “On the other hand, privacy concerns also come into consideration.”
Last year, Illinois implemented a new law that prohibits sharing government license plate reading data with law enforcement in states with abortion bans. This law, which went into effect on January 1, adds to the existing restriction on sharing health tracking data such as heart rates and steps.
Legislation related to this matter has been proposed in various states during this year, such as Hawaii, Illinois, Maine, Maryland, Massachusetts, Missouri, South Carolina, and Vermont.
Recently, legislation in Virginia was passed by both the Democratic-controlled General Assembly that would forbid the use of search warrants, subpoenas, or court orders for electronic or digital records related to menstrual health.
Senator Barbara Favola, a member of the Democratic party, expressed her belief that the bill is essential in light of efforts by Republican leaders, such as Virginia Governor Glenn Youngkin, to impose limitations on abortion.
Favola stated in a committee hearing that the potential next action for enforcing an abortion ban may involve gathering menstrual health data. She expressed her efforts to safeguard this data.
Critics inquired if law enforcement had previously requested this type of data, to which Favola stated she was not aware of a specific instance.
Republican Senator Mark Peake stated that it is simply looking for a nonexistent problem.
Youngkin’s team stated that he was against a similar bill in the past, but his press team did not address a request for his stance on the current version.
Sean O’Brien, the creator of the Yale Privacy Lab, believes that the utilization of health data is problematic. However, he is uncertain if laws will effectively address this issue as companies may still choose to disregard potential repercussions and persist in collecting and selling sensitive information.
He stated that the software distribution process is heavily contaminated with the practice of tracking people’s locations.
___
The article was written by Mulvihill in Cherry Hill, New Jersey. This report also includes contributions from Frank Bajak in Boston and Sarah Rankin in Richmond, Virginia, by the Associated Press.