{"id":920662,"date":"2022-12-14T08:00:43","date_gmt":"2022-12-14T08:00:43","guid":{"rendered":"https:\/\/blogs.lse.ac.uk\/humanrights\/?p=2684"},"modified":"2022-12-14T08:00:43","modified_gmt":"2022-12-14T08:00:43","slug":"rethinking-explicit-consent-and-intimate-data-collection-the-looming-digital-privacy-concern-with-roe-v-wade-overturned","status":"publish","type":"post","link":"https:\/\/radiofree.asia\/2022\/12\/14\/rethinking-explicit-consent-and-intimate-data-collection-the-looming-digital-privacy-concern-with-roe-v-wade-overturned\/","title":{"rendered":"Rethinking Explicit Consent and Intimate Data Collection: The Looming Digital Privacy Concern With Roe v. Wade Overturned"},"content":{"rendered":"

INTRODUCTION <\/strong><\/p>\n

On 24 June 2022, the United States Supreme Court declared in Dobbs v. Jackson Women’s Health Organization<\/em><\/a> that there is not any constitutional right to abortion, reversing Roe v. Wade<\/em><\/a> and Planned Parenthood of Southeastern Pennsylvania v. Casey<\/em><\/a>\u2014two landmark decisions which had affirmed American\u2019s right to access abortions<\/em>.<\/p>\n

Since the Dobbs<\/em> decision, there has been much discussion<\/a> over the widespread use of period tracking apps, which according to a report\u00a0by <\/a>Consumer Reports<\/em><\/a> are used by around 50 million women worldwide. It has been cautioned by some advocates that law enforcement in states where abortion is criminalised can and would subpoena the data obtained by these apps to be used as evidence of a terminated pregnancy in an effort to combat self-managed abortions, despite the fact that such abortions are medically identical to miscarriages<\/a>. Period trackers could, theoretically, share user information with law enforcement if faced with requests.<\/p>\n

ABORTION AND PRIVACY RIGHTS IN THE DIGITAL WORLD<\/strong><\/p>\n

It is worth mentioning that the right to privacy and the right to have an abortion are two rights that are intertwined in the legal system of the United States, despite the fact that they may seem to be unrelated at first look. This is because the decision in Roe v. Wade<\/em>, which was handed down in 1973, states that the right to abortion originates from the constitutional right to privacy <\/a>that is provided by the due process clause of the Fourteenth Amendment.<\/p>\n

It is well-established<\/a> that the criminalisation of abortion forces women to turn to illegal and frequently dangerous procedures. But in the digital era<\/a>, restricted access to reproductive care has also bred worries about privacy. Privacy advocates worry that state and local governments may use sensitive information, such as data about menstrual cycles and reproductive health from period-tracking apps, search histories and even text messages to identify and punish women who seek abortions in the wake of the Dobbs<\/em> ruling. Many of these period tracking applications also work in the AdTech sector<\/a> and employ business strategies that generate income by selling users\u2019 sensitive information.<\/p>\n

The increased criminalisation of reproductive health care has serious ramifications for the lack of robust digital privacy protections for health apps, such as period trackers. In 2019, Privacy International published a study<\/a> highlighting\u00a0 how certain popular period tracking applications were sharing the data they acquired with Facebook for advertisement purposes. In a different <\/a>study<\/a>, Privacy International requested data from five period tracking applications in order to examine these apps\u2019 adherence to GDPR standards<\/a>, including the right of access to one\u2019s data and to observe how users\u2019 data was being used and shared. When the researchers tried to access their own data, only two apps responded, and even then, their data was occasionally shared with outside parties<\/a>. In 2021, a complaint was filed against the widely-used app Flo, alleging that \u201capp events,\u201d<\/a> or app data shared to third parties for various reasons, had been used to disclose sensitive health information, such as the confirmation of a user\u2019s pregnancy, to third parties. After Dobbs, privacy advocates<\/a> and women\u2019s rights organisations <\/a>worry that state officials will now have access to and be free to exploit this data.<\/p>\n

These concerns are not unfounded. In one widely reported instance<\/a>, a Mississippi mother who gave birth to a stillborn child at home was accused of murder because she had looked up abortion medications online. In another instance<\/a>, prosecutors used a woman\u2019s text messages as evidence<\/a> that her miscarriage was in fact a self-induced abortion, and she was given a 20-year prison term for feticide. Her conviction was ultimately overturned, but only after she had served three years in prison.<\/p>\n

According to a recent investigation<\/a> by Reveal<\/em> and The Markup<\/em>, anti-abortion groups used Facebook\u2019s advertising tools, which collect data from large portions of the internet\u2014including some hospitals\u2014to monitor people seeking abortion services, in spite of Meta\u2019s rules<\/a> prohibiting the collection of such information. According to the investigation, data gathered by the organisations was also shared with various anti-abortion marketing businesses, allowing them to target advertisements to \u201cabortion-minded women.\u201d<\/a> While there have been no confirmed cases thus far of period trackers being used in prosecutions of abortions, the data collected by digital health applications, such as period trackers, is potentially subject to subpoena and therefore could be used by law enforcement as evidence of abortion in jurisdictions where the practise is now illegal.<\/p>\n

SCOPE OF EXISTING DATA PRIVACY LAWS<\/strong><\/p>\n

Before the Dobbs<\/em> decision was finalised, lawmakers urged Google<\/a> and the Federal Trade Commission<\/a> to guarantee that in the event of such a decision, data for online patients seeking care would be protected. The letters were sent after Politico<\/em> reported<\/a> on a draft of the Dobbs<\/em> ruling that had been leaked, indicating that the Supreme Court was preparing to overturn Roe<\/em>. In many areas of the United States, a routine, safe medical procedure was swiftly made illegal by the repeal of federal abortion rights, and routine medical information<\/a> was transformed into evidence that could be used against people who might have had an abortion.<\/p>\n

Medical privacy laws in the United states, the most significant of which is the Health Insurance Portability and Accountability Act <\/a>(HIPAA), do not prevent subpoenas or warrants for medical records data, and as a result, doctors are permitted to reveal medical information if they have reason to believe that a crime has been committed. The majority of patients do not possess their own medical records, and patients have clear ownership rights<\/a> over their medical records in only one state, New Hampshire. In\u00a0 other states, the laws expressly state that hospitals or medical providers are the owners of the records, though people must be able to view their own complete medical records in accordance with HIPAA. One could believe that the HIPAA safeguards the medical information of abortion-seeking women. However, the law is deficient in this area, and patients\u2019 privacy is not completely protected.<\/p>\n

Experts in health law, Kayte Spector-Bagdady and Michelle Mello, suggested<\/a> three scenarios where HIPAA would fall short of protecting patients\u2019 privacy. These include using medical records of a patient to prove that they are seeking an abortion, using medical facility records to prove that the medical facility is at fault and using online activity data to prove that a patient is seeking an abortion. US senators recently urged the Department of Human and Health Services <\/a>(HHS) to address this problem and safeguard patients\u2019 reproductive healthcare information. After that, the HHS Office of Civil Rights published guidance<\/a> outlining ways that people could protect their health information while using cell phones and tablets. The guidance also advised healthcare professionals that the privacy rule under HIPAA would prevent them from disclosing information about abortion-related incidents unless required to do so by State law. Additionally, it was stated in the guidance that healthcare providers were not required to divulge a patient’s personal health information absent a court order or subpoena from law enforcement. The HHS has been urged by the US senators to take additional action, including using their administrative authority to update the HIPAA privacy rule, identify the covered entities, restrict the circumstances under which these entities may share information about reproductive health or abortion, and make it clear that healthcare information cannot be shared with law enforcement agencies that may be targeting women seeking abortions.<\/p>\n

Surprisingly, because they do not qualify as covered companies, period-tracking apps are not subjected to HIPAA regulations, which enables them to freely monetise the data they gather. As a result, many menstrual apps in the US have been found to exchange data with outside parties, and advertisers use information like a user\u2019s desire for a child or desire to avoid having one to display advertisements for fertility or abortion clinics. Thus, the lack of adequate regulations concerning the use of health data by period tracking apps raises serious concerns about users\u2019 digital privacy in the wake of the Dobbs <\/em>decision.<\/p>\n

CONCLUSION <\/strong><\/p>\n

The United States Supreme Court\u2019s decision in Dobbs v. Jackson Women’s Health Organization<\/em> highlights the need for\u00a0 tech corporations to recognise their own power and the elevated significance of user privacy. We currently live in a world where we leave unparalleled digital fingerprints. The data-sharing tactics of period-tracking apps can exacerbate issues for women and those who procreate, but they can also aid in the diagnosis of diseases, like polycystic ovarian syndrome. Some apps assist in the creation of reports that can be shared with medical practitioners, which makes opting out more difficult and unpleasant, especially for users without access to health insurance or other forms of medical assistance. Today, Protected Health Information (PHI) is gathered, stored, communicated and guarded in quite different ways than it was\u00a0 when HIPAA was passed more than 25 years ago. As new technological advancements and data storage techniques take hold, providers and patients alike are discovering that HIPAA\u2019s patient privacy protections are less comprehensive than previously believed.<\/p>\n

Following are\u00a0 suggestions in order to address some of the problems with period tracking software collecting personal data:<\/p>\n