On Monday, the FTC renewed its vow to investigate or sue companies that use Americans’ digital data in unfair or deceptive ways, following an executive order by the Biden administration that explicitly called for it and other agencies to consider steps to protect abortion-seekers. Since the Supreme Court decision overturning Roe v. Wade, civil liberties experts have warned that Americans’ extensive digital footprints could give away whether they have visited an abortion clinic or sought information on how to access an abortion, prompting questions about the security of that data.
It added: “The Commission is committed to using the full scope of its legal authorities to protect consumers’ privacy. We will vigorously enforce the law if we uncover illegal conduct that exploits Americans’ location, health, or other sensitive data.”
In particular, the FTC said, regulators will closely scrutinize corporate claims that Americans’ data has been or will be “anonymized,” in light of substantial research showing that it can be trivial to reverse-engineer a person’s identity from anonymized datasets. The FTC said it has also sued companies in the past for collecting more data than consumers have consented to providing or that retain user data for indefinite periods of time.
The FTC’s warning is a reminder that digital information ostensibly collected for one purpose may wind up being used for others through the country’s sprawling and loosely regulated data economy, in which personal data is constantly bought and sold, or chopped up and repackaged with other information.
According to a 2014 FTC report, some data brokers may hold thousands of pieces of information on every consumer in the United States. FTC Chair Lina Khan has said the agency is considering drafting new regulations to rein in what she has called a “commercial surveillance” industry that profits from intrusive data collection and sharing, while Congress is currently considering a bill that could enshrine a baseline data privacy right for all Americans at a national level for the first time in US history.
Monday’s warning is in some ways routine; the FTC has prosecuted numerous data security and privacy cases over the past decade, and courts have broadly supported the agency’s authority over data breaches and leaks. But the FTC statement takes on greater significance as policymakers and digital rights groups have sounded the alarm over the novel risks that geolocation, search and other data may pose to abortion-seekers in the wake of the Supreme Court ruling.
