Find us @

Feature

Reproductive apps lack clear policies that ensure law enforcement

A survey of reproductive health apps that provide mostly inadequate protection from law enforcement has revealed a significant gap in how smartphones are used to look for abortion information.

Published

on

According to a recent survey, most reproductive health apps have taken few precautions in case law enforcement agencies request user data.

Only one of 25 apps that track users’ periods, pregnancies, or fitness has clearly written policies that explain the specific scenarios in which they’d turn over user data, according to a survey by the nonprofit Mozilla Foundation, which also owns the Firefox browser and advocates for a healthy internet.

Experts on privacy say apps should have policies in place before law enforcement requests user data, even though that data hasn’t typically been used in abortion prosecutions.

Since the Supreme Court’s decision to overturn Roe v. Wade, which had made abortion access a federally protected right, pregnancy data has become a contentious issue.

Ovia, a general reproductive health service, is one of the apps Mozilla surveyed, and it boasts a comprehensive privacy policy that details how the company would react if law enforcement obtained a warrant for user data.

According to Jen Caltrider, who oversaw the Mozilla research, the other 24 apps either made hazy promises or refused to elaborate on their policies.

Is a fetus considered a person when determining whether or not a company is allowed to share personal information because of the potential for harm to the user or others? Caltrider remarked, “It turns out very gray.”

The legal definition of abortion is murky in many states. Fearing that period-tracking apps could be used against users, many advocates for reproductive rights urged people to delete them.

Prosecutors have typically relied on unencrypted conversations to prove that suspects had conveyed to others that they had sought out and had abortions in known cases where digital evidence was used to prove abortion-related crimes.

Prosecutors in a recent criminal abortion case in Nebraska obtained unencrypted Facebook messages in which a woman is accused of communicating with her then-minor daughter about taking pills for a medical abortion. The case was initiated before Roe v. Wade was overturned and is still ongoing. The detective who handled the case also claimed in a sworn affidavit presented in court that he had evidence the daughter had been pregnant before, though he did not specify how he had come to that conclusion.

Having obtained a warrant, the detective then delivered it to Facebook. When required by law, Facebook, like most other tech companies, hands over the personal data it collects from its users.

However, there are situations in which companies are not required to obtain a warrant before providing user information to law enforcement. For instance, under certain circumstances, including “imminent danger” and “insufficient time to obtain a court order,” Amazon will hand over Ring camera footage to law enforcement.

While protecting communications is the most pressing privacy need for people seeking abortions, apps that track reproductive health should also begin taking better care of users’ data, according to Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation, a nonprofit that advocates for digital rights.

I think that if we cut off the kind of data that law enforcement can easily get from Meta or a telco, they will start shaking the trees and sending warrants to health-tracking app makers, so I really do want all industries to improve their practices,” Galperin said.

Organizations would do well to begin altering their methods immediately because of the length of time it takes for norms to shift. Large corporations are like ships, and it takes time to turn them around. She emphasized the urgency of getting started immediately: “If they don’t, they won’t be ready when the warrants start rolling in.”