Sara Jacobs explains why we need to protect reproductive health data


Since the Internet has existed, abortion was, until last week, a constitutionally guaranteed right. Friday’s Supreme Court decision to overturn Roe vs. Wade will have a number of obvious ripple effects, including the so-called trigger laws that 13 states have enacted to immediately ban the procedure. The ruling also has huge implications for the information we access through our phones: personal reproductive data collected in apps and sold to brokers becomes much more dangerous, as it could be aggregated or bought off by police or crime groups. right to find and target, women who are considering an abortion.

Congresswoman Sara Jacobs, Democrat of California, believes that personal reproductive health data, such as that collected in period-tracking apps, should receive special federal privacy protections. That’s the message behind his new bill, the My Body, My Data Act, which was introduced in the House on June 21. Democratic Senators Mazie Hirono of Hawaii and Ron Wyden of Oregon will present a Senate version.

The bill, which has been endorsed by groups like Planned Parenthood and the Electronic Frontier Foundation, would create through the Federal Trade Commission a new standard for protecting reproductive health data.

We spoke to Jacobs about the bill and its policy outlook on Friday, the day the Supreme Court issued its controversial ruling quashing deer. His comments have been edited for length and clarity.

What requirements would your bill impose on tech companies?

It essentially limits the data that can be collected, stored or used to what is strictly necessary to provide their product or service. So instead of only requiring what can be done with the data, we also require how much data they can collect.

When it comes to period-tracking apps, what would protections do?

I use a period tracker app every month. It predicts for me when I should get my period. So, for example, you can see there’s currently no protection from, say, a right-wing group or a non-profit group in Texas that buys this data from these tech companies to create a way to monitor when women should be menstruating but aren’t. t (indicating a possible pregnancy).

What this bill would do is say that the app maker can only collect what is strictly necessary for what they need to provide the service and then they can’t share or sell that data without my express consent.

Was the impetus for drafting this bill the draft notice leaked in May that the Supreme Court was about to strike down Roe vs. Wade?

When the leaked draft notice came out, I started getting text messages from friends and constituents asking me what they should do about these apps and all their other data. And I realized that it shouldn’t be up to every person to try to figure that out.

It is our job as a government to put in place protections, and in particular for this, some of our most sensitive and personal data. It deserves the highest level of security and protection we can provide, as we do with other health data.

How could different groups use this data if it were not protected?

Let’s talk about private non-profit groups first. We know that in Texas there is the bounty law which is part of their anti-abortion legislation; this encourages individuals to try to determine who is having an abortion so that they can report them. Right-wing groups are beginning to collect and buy this data so they can determine who should be pregnant.

We have already seen some of this data being used against people. You might see in states where abortion becomes criminalized, if you use this [app]it also contains your location data, so even if you go out of state to try to get an abortion, that data could tell and could be used by law enforcement against you.

Thus, one of these applications could read the GPS of the smartphone and pair this data with the data of the application.

And that data is already in the market right now – I mean, it’s very common for apps and websites of all kinds, not just breeding. Basically, their business model is to collect as much data as possible and then sell it for ad targeting. This is how they make their money when they offer this “free” service.

Do you think the police have their own type of digital net, which could be used to actively search for people who might seek an abortion?

I’m not sure exactly what different local police forces use when it comes to data surveillance. We know that many police forces use data surveillance as part of their work. But that’s why it’s so important that it’s a data minimization approach, because it’s not just about what they can access. It also limits what is even collected.

Besides period-tracking apps, there seem to be other ways a woman could inadvertently disclose that she missed her period. She might say it in a chat app or on social media. Does your bill also cover these things?

It covers apps, services, all websites, all searches, and it’s all reproductive or sexual health data.

So you don’t think we can trust companies like Apple to impose appropriate data collection restrictions on app developers? Why do we need the federal government involved?

We cannot rely on the goodwill of individual companies. And that’s a core government service: providing protections for our most personal and sensitive data. We already do this with HIPAA (Health Insurance Portability and Accountability Act of 1996) for other forms of health data. And that just makes sure that our sexual and reproductive health data has the highest level of protection.

For years, Congress failed to pass far-reaching privacy legislation that would cover the tech industry. Where does your bill fit into this broader need for data privacy legislation? Is this something that could be swept away in a larger bill that covers more aspects of privacy?

As a millennial, I’ve lived most of my life online. I think it’s high time Congress had a much broader conversation about privacy and data protection. I also think that right now there is an urgent need to protect this particular type of data with particular types of protection needs.

For example, in most data protection bills currently being discussed, they all provide an exclusion (exemption) for small businesses and small non-profit organizations. But for that specific type of data, you wouldn’t want it deleted, because that’s actually one of the cases that we’re most concerned about is that small right-wing nonprofits are buying these data. It is therefore a specific and urgent problem. It is complementary to all other efforts.

Can you provide an overview of the politics around this bill and how it is progressing through Congress?

We have many co-sponsors from across the ideological spectrum. In fact, I was just talking about it with the leaders today. I think everyone knows we need to move quickly to put protections in place, given the Supreme Court ruling. I think there’s a good chance it will be votable.


Comments are closed.