Eight months post-Roe, reproductive-health privacy is still messy

Data privacy awareness boomed last June when the Supreme Court overturned Roe v. Wade, limiting access to safe, legal abortion. Now, eight months later, privacy experts say not to let your guard down. Legislative bodies have made little progress on health data security.

We give up so much data each day that it’s easy to tune out. We blindly accept permissions or turn on location sharing, but that data can also be used by governing bodies to prosecute civilians or by attackers looking to extort individuals. That’s why, when SCOTUS declared access to abortion would no longer be a constitutional right, people began to scrutinize the amount of private health data they were sending to reproductive-health apps.

“The burden is really on consumers to figure out how a company, an app, a website is going to collect and then potentially use and share their data,” Andrew Crawford, senior counsel, privacy and data, at the Center for Democracy and Technology said.

There aren’t widespread industry standards or federal legislation to protect sensitive data, despite some increased regulatory action since last year. Even data that isn’t considered personally identifiable or explicitly health related can still put people at risk. Location data, for example, can show if a patient traveled to receive an abortion, possibly putting them at risk of prosecution.

“Companies see that as information they can use to make money,” Jen Caltrider, lead at Mozilla’s consumer privacy organization Privacy Not Included, told Engadget. Research released by Caltrider’s team in August analyzed the security of 25 reproductive-health apps. Eighteen of them earned a privacy warning label for failing to meet privacy standards.