Like millions of other young people, I use a period app to track my cycle. But in the post-Roe era, that could lead to serious consequences — even jail time. That’s because there are almost no federal protections for our reproductive and sexual health data. The information you leave behind in period and fertility tracking apps, ride-sharing apps, search engines, browsing history, location data and more can be sold and shared without your consent with advertisers, data brokers or even law enforcement.
There has long been an entire unregulated surveillance system built around collecting and selling massive amounts of personal information about millions of people. But in the year since Dobbs v. Jackson Women’s Health Organization overturned the constitutional right to an abortion, the stakes for protecting our vulnerable reproductive and sexual health data have risen even further, especially for people who historically have faced higher barriers to care. Twenty states already ban or severely restrict abortion access — and the fight over abortion continues fervently in courtrooms and state legislatures in additional states. Personal data is one of the key ways to investigate and prosecute people for getting, providing or assisting those who are seeking abortion care — and we’ve already seen it happen.
We already know that we can’t rely on the goodwill of companies to protect our information.
Even before the fall of Roe, abortion had been criminalized and disproportionately targeted against people of color. In 2017, Mississippi police charged Latice Fisher after digging into her Google search history and finding that she searched how to “buy Misoprostol Abortion Pill Online.” In August of last year, police used Facebook messages between a mother and her daughter in Nebraska as part of an investigation into an abortion illegal under state law. And this is only the beginning.
While people can, and should, take steps to protect themselves online, we shouldn’t force individuals to carry the burden of figuring out which apps and sites have strong privacy practices. And we already know that we can’t rely on the goodwill of companies to protect our information. Despite promising to delete location data at abortion clinics, Google continues to retain such data at sensitive locations. Recently, Meta investors voted against a proposal to curb abortion-related data from being shared with law enforcement. Pawning off this responsibility to individuals or companies means we’re condoning the inevitable weaponization of this data.
Congress needs to immediately step in and set federal privacy standards for this information. The stakes are far too high. That’s why I introduced the My Body, My Data Act to create a new national standard to protect reproductive and sexual health data. Under my bill, companies “may not collect, retain, use, or disclose personal reproductive or sexual health information, except as is strictly necessary” to provide their services. For example, if you use a period tracking app, like I do, it can track your period information but not your location. You can ask companies to delete your data and they can’t sell or share it. You also have the power to sue companies if you think your data is being misused in any way.
Young people were quick to realize the risks of using these apps given attacks on abortion access, while Congress has (unsurprisingly) taken a little longer to catch on. After the Dobbs decision leaked, I immediately started hearing from my friends, co-workers and peers who were petrified that their personal information could be used against them. But on Capitol Hill, I’ve had to explain to many of my older, male colleagues that 1) people track their periods, 2) there are apps to help you track your period, 3) HIPAA doesn’t protect consumer health information in apps (and other places) and 4) that data could be used as evidence in abortion cases.
I’m glad to have strong partners such as Sens. Mazie Hirono and Sen. Ron Wyden leading the companion legislation in the Senate, but we have an uphill battle ahead of us. House Speaker Kevin McCarthy and far-right House Republicans continue to block legislation supporting reproductive rights even though public opinion is on our side — almost two-thirds of the American people, including the majority of Republicans, want Congress to ban apps and search engines from sharing reproductive health data.
The vulnerabilities of our reproductive and sexual health data have long existed, but these consequences have taken on new life in the post-Roe era. It’s time for Congress to catch up to the American people, recognize these risks and protect people’s reproductive data privacy by passing the My Body, My Data Act.