In the fallout of this landmark ruling by the Supreme Court, it is crucial that reproductive medicine and online data privacy be discussed. Online searches for out-of-state medical clinics, menstrual tracking mobile apps, location tracking data, communication with medical practitioners and therapists, and social media posts have all become potential evidence in the efforts by law enforcement agencies which may seek to enforce these new anti-abortion laws.
So, let’s take a look at how we can protect our data privacy while seeking to provide reproductive medical care for those who need it most.
New legislation targets the data not only of patients seeking abortion access, but also anyone who may try and help them. This includes: patients themselves, family members, friends, doctors, nurses, activists, website operators, and even the drivers who may unwittingly drive a patient to an airport or across state lines.
Because our means of communication both personally and professionally is predominantly digital, this has the consequence that this communication does leave a trail of digital evidence which can be used to enforce these new and restrictive laws that make abortions illegal in some states. The phone you carry logs your location, who you call, contact lists, what networks you connect to, and depending on what types of apps on the device it may even contain information related to your personal medical information.
If you are protesting, organize protest movements, or even offer medical care, it is crucial that you harden the privacy of all devices you use and encrypt as much data as you can.
Disabling the location tracking and sharing on your devices for any apps which do not absolutely require it is a quick and easy step to begin locking down your smartphone. Unneeded applications which may be installed on the device should be removed. If you use Firefox for everyday use on the device, consider installing another browser like DuckDuckGo or Brave for use only for searches related to reproductive rights or medical facilities.
Separate your personal and protest activities as much as possible.
If financially possible, it is best practice to compartmentalize and not mix your personal use device with one used for social activism. When attending a protest in support of reproductive rights, it is highly recommended that you turn off your mobile device or leave it at home. Law enforcement agencies regularly employ stingray devices at these events which track the location data of those within range who may be trying to connect to a cell phone tower when using a mobile device. The EFF has reported that these stingray devices can intercept the device IMSI number, metadata about your calls, the content of SMS and voice calls, and intercept data usage for websites you have visited. By turning off the device at a protest unless it is absolutely needed you can mitigate your data exposure to this type of collection.
Screenshot of the EFF website
It is also important to make sure that your devices do not rely only on a bio-metric lock to open. If stopped by law enforcement the device can be held to your face or your fingerprint can be used to unlock it. If you have enabled a strong passcode for the device, law enforcement cannot force you to turn over this passcode in the same manner and proper search and seizure laws must be followed.
Your communications prior to attending a demonstration or protest should also be made through services which offer full end-to-end encryption and also guarantee that your data is encrypted at rest. In the event that your email address, for example, is discovered in affiliation to an on-going investigation your communications will be safe as they cannot be decrypted without your securely stored decryption keys. If you became a person of interest due to organizing protests or helping those in need to medical attention, using an unencrypted email platform will leave your data up for grabs if those companies are presented with a search warrant for your account information.
By using an encrypted email provider, even in the event that a valid court request is received, only encrypted data can be turned over which does not compromise the contents of your communication. If all parties involved in this type of organizing are using the same encrypted services and programs, be it Signal, Tutanota, or VeraCrypt for local storage, with proper implementation of security measures the contents of these communications is extremely secure.
If you find yourself seeking abortion access while living in a state which has now implemented strict restrictions on reproductive health services, all hope is not lost. As stressful as the situation is, you can take certain careful steps to protect your digital privacy and ensure that you receive the medical care that you need.
Before beginning your search to receive this medical care, make sure that your email account is with a service that fully encrypts your data. Your email address is often the center of your digital life, so ensuring it is as secure as possible is crucial. Make sure that all communication with out-of-state clinics which offer abortion services are made through your encrypted email account using full end-to-end encryption. This will ensure the security of both yourself and the clinic that may be communicating with you.
In order to protect yourself from snooping from your ISP, we also recommend and offer full support for VPN and Tor connections to your Tutanota account. By using a VPN or the Tor network, your ISP will only see that you connect to your VPN service (or the Tor network), but will not see which final website you are trying to visit, thus also protecting yourself and any medical clinics.
Your mobile phone also needs to be secured from prying eyes. Disabling your location tracking, enabling a VPN connection or using Tor, and communicating through secure messaging apps like Signal or Session will provide stronger data protections than using SMS or making a normal voice call. Both of these services also offer voice call services for making secure calls on your mobile device.
More information on how to protect yourself online in these trying times has been provided by the Electronic Frontier Foundation and can be found here.
This legal ruling is not the end of the abortion debate in the United States. Prior to the Supreme Court decision Representative Sara Jacobs introduced a piece of legislation known as the “My Body, My Data Act”.
This act will put into place data protections limiting the collection, disclosure, and sale of reproductive and sexual health data. Regardless of your stance on the ethics and legality of abortion, there should be complete agreement that the sale of medical data is an unacceptable business practice that violates the human right to privacy.
The Electronic Frontier Foundation has created a tool for contacting your representatives to voice your support of this privacy legislation.
This fight is not over and pro-choice activists need to keep their data privacy in mind when taking action to contact their local representatives, demonstrate and protest, but most importantly when helping those in need gain abortion access.
By keeping your data safe, you can continue to exercise your reproductive rights safely in a nation falling increasingly under more invasive data collection and surveillance mechanisms. Through the use of encrypted services your freedom to choose will remain intact.
Stay safe out there and keep fighting.
Yours in solidarity,
If you or someone you know is impacted by these legal changes please review the detailed recommendations provided by the Electronic Frontier Foundation for a clear guide to protecting your online privacy.