Edinburgh Impact

Roe v Wade overturned: data protection under threat?

Tools designed to help people track their health could be working against their civil liberties.

Vector of a woman with magnifying glass looking at a man standing on a modern gadget device, smartphone or tablet

By Dr Catriona McMillan, Deputy Director, Mason Institute for Medicine, Life Sciences and the Law

On 24 June 2022, the US Supreme Court issued its official ruling on the case of Dobbs v Jackson Women’s Health Organization. Their decision overturned the landmark case of Roe v Wade which previously gave a federally guaranteed right to abortion across all US states. The decision means that women in some US states will be open to criminal prosecution if they seek an abortion.

Diminishing human rights

The ruling is clearly of grave concern for the reproductive rights of US citizens. The negative consequences for people there are wide-ranging, from those that are more obvious, such as severe difficulties in accessing abortion where they live, risk of criminal prosecution, to the more hidden such as costs associated with travelling to receive healthcare in another state.

People in Turkey demonstrate wearing costumes from the TV series ‘ A Handmaid’s Tale’ and red face masks
Protests took place worldwide. Here people in Turkey demonstrate wearing costumes from the TV series ‘ A Handmaid’s Tale.'

The ruling also raises serious concerns about law enforcement in states that outlaw abortion, and one aspect which requires urgent attention is officials' ability to subpoena data relating to termination of pregnancy, from data companies and ‘femtech’ apps, particularly fertility trackers, now a widely used smartphone app.

This means that for users of fertility trackers, not only is their privacy entangled with the digital footprint that we leave online, but their health outcomes and bodily autonomy are too. We must learn from the overturning of Roe v Wade if we are to protect the reproductive rights of women, trans men, and those of other gender identities who can get pregnant.

Has tech gone too far?

‘Femtech’ is a term used to describe a range of technologies, usually personal health tracking technologies, associated with a smartphone app, that promise women power, control and knowledge of one’s body. The femtech market is growing rapidly, with some predictions estimating a market worth of $1.1 trillion within the next five years.

It is especially popular among teens and young adults, with reports that it is the second most popular type of app for young women in app stores. While undoubtedly useful for many users, it continues to present a serious risk to their privacy, because as with fertility tracking apps, users are invited to input data such as menstrual cycle length, any symptoms they may have such as cramps, when they have had sex and with whom, and so on and so forth.

A woman waiting for pregnancy test results, holding her phone

Many of us today rely heavily on our smartphones, and the numerous apps we use process all kinds of data. Much of the time this is sold to third parties, such as social media websites, for the purpose of advertising.

Despite the fact that health data is generally subject to relatively stronger protection and regulation than other kinds of data, in most jurisdictions these rules sometimes do not go far enough. Further, privacy terms are often contained in small print, are skippable and often not presented to users when they open the app for the first time for acceptance or rejection.

What permission?

Some popular apps have been reported to have shared user data with Facebook, primarily for the purposes of targeted advertising. Yet an issue remains, more complex than companies promising not to share or sell data (which, I might add, not all do).

Protection of user data varies from jurisdiction to jurisdiction, and for most femtech users it is a matter of where the data is processed. In response to concerns over privacy, following the Dobbs decision, several femtech companies released statements assuring users that the data they enter is ‘private and safe’. But empirical evidence gathered so far suggests the contrary.

For example, a recent letter by the US House Committee on Oversight and Reform, cites a study that shows that nearly 90 per cent of the top 23 women’s health apps in the US share data with third parties, with only 50 per cent requesting user permission to do so.

It is worth noting that the issue of privacy for those seeking abortions extends beyond femtech. After the Roe v Wade decision Google announced plans to delete location history for users who have visited abortion clinics in the US, but since then it has been reported that this can be easily circumvented.

Anyone who is concerned about the right to privacy and the role data can, and unfortunately will, play in the criminalisation of women and others who can get pregnant seeking healthcare, will be alarmed. As with recent tentative but promising moves in Scotland, towards securing the safety and health of those seeking access to abortion clinics, (such as recent discussions surrounding implementing buffer zones) action needs to be taken with regards to securing privacy in the UK, too.

 Placards in support of a Public Space Protection Order are placed outside the Marie Stopes Abortion Clinic by a pro-choice grou
Demonstration in London in 2017 when Ealing council voted to enforce a Public Space Protection Order outside the Marie Stopes Abortion Clinic.

The erosion of legal protections

Recent press coverage has highlighted alarming reports of women being investigated by police for seeking an abortion in England, outside of the criteria laid out in the Abortion Act 1967, the legislation that provides for lawful abortions (under certain circumstances) in England, Wales and Scotland. (All other abortions are illegal in England and Wales under the Offences Against the Person Act 1861. This latter act does not apply to Scotland). Sadly, these sorts of investigations are not new. Moreover, it was reported almost exactly a month after the Dobbs decision that the UK Government has removed its commitments to abortion and sexual health rights from a statement on gender equality.

Of data protection regimes around the world, it may be said that the one we currently have in the UK, derived from the EU General Data Protection Regulation, is ‘better’ than most. That being said, this regime is often criticised for not doing enough to protect our data.

Further, it seems increasingly likely that data protection in the UK is going to depart from its EU roots, post-Brexit, as with much other legislation. Indeed, in a recent statement regarding the new Data Protection and Digital Information Bill, introduced on 18th July 2022, the Government made clear its plans to “[S]eize the benefits of Brexit and transform the UK’s independent data laws”, and among several areas of reform, noted of particular relevance to femtech, is the claim that “[w]e are reducing the burdens on businesses that have held the UK back from the benefits of greater personal data use before now”.

The data collected by these apps about sex, menstruation, pregnancy and abortion are so sensitive it is vital that we remain alert to the changing landscape in reproductive rights here, and elsewhere, and the impact that data protection (or lack thereof) can have on our bodily and physical freedom.