Thus far, tech giants have largely avoided saying how they intend to approach law enforcement requests that may lead to the prosecution of abortion-seekers or providers — even as some of those companies have pledged to help cover travel costs for their own employees who may need to leave their home states to access a legal abortion.
Companies including Amazon, Apple, Google, Lyft, Facebook-parent Meta, Microsoft, Uber, Snap, TikTok and Twitter either didn’t respond, declined to comment or didn’t directly answer questions about how they would handle data requests targeting abortion-seekers.
Tech companies have broadly said they comply with government data requests so long as they are consistent with existing laws. Now, the rollback of federal abortion protections, combined with the passage of new legislation in numerous states restricting abortion, could make it difficult for platforms to fight certain data demands related to abortion investigations.
It isn’t just tech giants that could be subject to these requests, said Danielle Citron, a law professor at the University of Virginia and author of the forthcoming book “The Fight for Privacy.” For example, Citron said, apps that help women track their periods contain a wealth of data that could be used against abortion-seekers as evidence.
“I’m most concerned about data brokers, including location data brokers,” she said, referring to companies that collect and sell data on consumers, “as well as fertility tracking apps and health monitors. That is where the bounty lies.”
In the case of the sprawling data broker industry, which hinges on the loosely regulated commercial sale of personal information, all the government needs is a willingness to pay, Citron said. “Location data brokers are in the business of peddling our whereabouts including visits to doctors,” Citron said. “They are already providing access to law enforcement for a fee. No subpoena necessary.”
But given their ubiquity and prominence, Big Tech platforms could still be targets for law enforcement requests related to abortion investigations.
For example, in response to questions, Meta referred CNN to its transparency center and said the company requires government requests to be consistent with the law and with the company’s own data policies. “If we determine that a government request is not consistent with applicable law or our policies, we push back and engage the governmental agency to address any apparent deficiencies. If the request is unlawful (for example, overly broad, or legally deficient in any way), we will challenge or reject the request.”
With some states passing legislation to expressly ban, and in some cases criminalize, abortion, whether tech companies could successfully challenge a data request as unlawful is murky at best.
In response to CNN’s questions, some companies sought to promote the privacy protections they already have in place for users. A Snap spokesperson told CNN that location data is not collected by default on Snapchat, it prohibits users from “checking in” at sensitive locations such as clinics and that, if users enable location data sharing, that information is stored for a maximum of seven days. The spokesperson added that chats and snaps auto-delete by default, and that the company regularly evolves how its in-house teams respond to law enforcement requests to balance user privacy with the need to comply with the law.
Telecom companies such as Verizon, AT&T and T-Mobile also receive thousands of law enforcement requests each year, including for information such as location data (which is typically measured by distance from nearby cell towers). The companies all say they carefully review and push back on some law enforcement requests, such as when they are not legally valid, according to regular transparency reports. (Verizon and T-Mobile declined to comment; AT&T did not respond to a request for comment.)
In the meantime, digital privacy experts have encouraged people seeking or providing abortions (or those who may do so in the future) to safeguard their data by taking steps such as using encrypted messaging apps with auto-delete features such as Signal, using privacy-focused web browsers such as DuckDuckGo and turning off location sharing on their personal devices.
