Selected Readings on the Intersection of Data, Abortion Care, and Women’s Health

Curated on Posted on by Uma

By: Uma Kalkar, Salwa Mansuri, Andrew J. Zahuranec

As part of an ongoing effort to contribute to current topics in data, technology, and governance, The GovLab’s Selected Readings series provides an annotated and curated collection of recommended readings on themes such as open data, data collaboration, and civic technology.

In this edition, we reflect on the intersection between data, abortion, and women’s health following the United States Supreme Court ruling regarding Dobbs v. Jackson Women’s Health Organization which held that there was no constitutional right to abortion and decided that individual states have the authority to regulate access to abortion services. In the days before and since the decision, a large amount of literature has been produced both on the implications of this ruling for individuals’ data privacy and the effects on women’s social and economic lives. It is clear that, while opinions on access to abortion services are often influenced by deeply held attitudes about women’s bodily autonomy and when life begins, data has critical importance both as a potential source of risk and as a tool to understand the decision’s impact.

Below we curate some stories from news sources and academic papers on the role of data in abortion services as well as data-driven research by institutions into the effects of abortion. We hope this selection of readings provides a broader perspective on how data and women’s rights and health intersect.

As well, we urge that anyone seeking further information about abortion access visit www.ineedana.com via a secure site, and preferably via a VPN. For those looking for menstrual apps, Spot On by the Planned Parenthood Federation of America saves data locally on phones, does not provide information to third parties, and allows for anonymous accounts.

The readings are presented in alphabetical order.

***

Data & Privacy Concerns

Conti-Cook, Cynthia. “Surveilling the Digital Abortion Diary: A Preview of How Anti-Abortion Prosecutors Will Weaponize Commonly-Used Digital Devices As Criminal Evidence Against Pregnant People and Abortion Providers in a Post-Roe America.” University of Baltimore Law Review, forthcoming. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3666305

  • In this four-part article, Conti-Cook discusses the history of health data rights and the long-standing ways in which digital evidence produced by pregnant people has been used to prosecute their actions. She discusses how digital technologies help prosecutors lay charges against those seeking abortions and how they help “ the state see[k] control over [them] by virtue of their pregnancy status” by digitally surveilling them.
  • The author examines how “digital, biometric, and genetic surveillance” serves as a vehicle to “microtarget” historically oppressed communities” under a patriarchal and racist social structure.
  • She also discusses how online searches relating to pregnancy termination and abortion, location and tracking data, site history, wearable devices, and app data can be factored into risk assessment tools to assess social service outcomes and federal prosecutions.
  • Conti-Cook ends by reviewing digital hygiene strategies to stop the use of personal data against oneself and foster a more critical use of digital tools for reproductive and pregnancy-related health needs.

Diamant, Jeff, and Besheer Mohamed. “What the Data Says about Abortion in the U.S.” Pew Research Center, June 24, 2022. https://www.pewresearch.org/fact-tank/2022/06/24/what-the-data-says-about-abortion-in-the-u-s-2

  • In the aftermath of the overturn of Roe v. Wade (1973), the Pew Research Center published a compilation of facts and statistics about abortion care in the United States obtained through the Centers for Disease Control and Prevention and Guttmacher Institute.
  • The piece describes shifting trends pertaining to the number of legal abortions conducted each year in the United States since the 1970s, the abortion rate among women, the most common types of abortions, and the number of abortion providers over time. It describes, for example, how the procedure has generally declined at “a slow yet steady pace” since the early 1990s. It also notes that the number of providers has declined over time.

Paul, Kari. “Tech Firms under Pressure to Safeguard User Data as Abortion Prosecutions Loom.” The Guardian, June 25, 2022, sec. US news. https://www.theguardian.com/us-news/2022/jun/25/tech-companies-health-data-security-abortion-prosecution

  • Paul writes about the concerns of abortion and civil rights activists on how data collected about individuals through apps and online searches might incriminate those seeking or providing abortion services. It notes how geo-location data used by tech companies can make “it easy for law enforcement officials to access incriminating data on location, internet searches, and communication history.”
  • While period tracking apps have received significant attention, the article notes that companies such as Meta, Uber, Lyft, Google, and Apple have yet to publicly announce how they would respond to law enforcement requests on abortion evidence.
  • The piece finally includes a recommendation from the digital rights advocacy group Electronic Frontier Foundation that companies preemptively prepare “for a future in which they are served with subpoenas and warrants seeking user data to prosecute abortion seekers and providers.” It suggests end-to-end encryption as a default, refraining from collecting location information, and allowing anonymous or pseudonymous access to apps.

Nguyen, Nicole, and Cordilia James. “How Period-Tracker Apps Treat Your Data, and What That Means If Roe v. Wade Is Overturned.” Wall Street Journal, June 21, 2022. https://www.wsj.com/articles/how-period-tracker-apps-treat-your-data-and-what-that-means-if-roe-v-wade-is-overturned-11655561595

  • Nguyen and James provide an extensive analysis of the ways that period tracking apps track, collect, store, and share data about women’s fertility and menstrual cycle. Following Dobbs v. Jackson Women’s Health Organization (2022), which overturned Roe v. Wade (1973), there has been significant public concern about the (re)use of the data these apps collect.
  • They detail different kinds of data that could be subpoenaed from period trackers and the terminology that users can search for in an app’s privacy policy to understand how their data will be used. It describes, for example, what it means to when Terms & Conditions outline how they will “encrypt” (that is, to scramble into an incoherent string of code), “share” or “sell” (data can be given to third parties such as advertisers), and respond to “requests” (companies may notify the user when a court or government data asks for data).
  • The article closes with an overview of the most-downloaded fertility apps — including Flo, Apple Health, Clue, FitBit, Glow, and Natural Cycles — and where they stand on data privacy.

Sherman, Jenna. “How Abortion Misinformation and Disinformation Spread Online.” Scientific American, June 24, 2022. https://www.scientificamerican.com/article/how-abortion-misinformation-and-disinformation-spread-online/

  • In Scientific American, Sherman writes an opinion piece on the growth of online dis- and misinformation in the aftermath of Dobbs. She summarizes how, according to current data-driven research, much of the information people find online about abortion is not reliable and that the highest volume of online searches about abortion tends to be in those states with the most restricted access.
  • Despite much research on abortion, Sherman notes “a lack of access to quality information or care” online, especially for marginalized communities. She also summarizes the results of studies on social media and search engines. In one 2021 study, searches for “abortion pill” tended not to yield scientifically accurate and moderately accessible information.
  • Another study cited in the article found that half of the web pages surfaced by Google on abortion contained misinformation. This appears to be by design — with false information about “abortion pill reversal” and abortion practices generating large revenues for platforms like Facebook.

Data on the Impact of Abortion Access

Amador, Diego. “The Consequences of Abortion and Contraception Policies on Young Women’s Reproductive Choices, Schooling and Labor Supply.” Documento CEDE №2017–43 (2017). https://ssrn.com/abstract=2987367

  • Amador analyzes aggregate provider data from the Guttmacher Institute to assess the relationship between contraceptive use, abortion, schooling, and labor decisions of US women. The dataset follows a sample of women born between 1980 and 1984, with data from interviews starting in 1997 and ending in 2011.
  • A counterfactual model based on the data suggests that a perfectly enforced ban on abortions would raise the rate of standard contraceptive use for women 9.1%. The fraction of children born to single mothers would increase from 30% to 34% while the average amount of schooling after high school would decrease by 3.1%. The number of women with college degrees would drop by 1.8% age points. The estimated average loss in lifetime earnings for women who would have at least had one abortion was estimated at USD 39,172.
  • The author also assesses the impact that free contraception would have, suggesting a 15.7 decrease in pregnancies per 1000 women and an 11.6 reduction in abortions per 1000 women. Accumulated schooling after high school increased by an estimated 3%. An assessment of mandatory counseling laws found that the long-run effect of these laws on women ages 18 to 30 was a 10% decrease in abortion rates.
  • The author concludes that policies such as an abortion ban and free contraception have important effects on schooling and lifetime earnings but only a moderate impact on labor supply.

ANSIRH. “Introduction to the Turnaway Study.” ANSIRH, March 2020. https://www.ansirh.org/sites/default/files/publications/files/turnawaystudyannotatedbibliography.pdf

  • This fact sheet summarizes various analyses stemming from the Turnaway Study, the first study to rigorously examine the effects of receiving abortion services versus being denied access to them. The study is an initiative by Advancing New Standards in Reproductive Health (ANSIRH), a program within the UCSF Bixby Center for Global Reproductive Health. It examines 1,000 women seeking abortion from 30 facilities around the country, with interviews conducted over five years.
  • Studies conducted with the dataset find that the most common reason for women to seek an abortion was not being able to afford a child and/or not having a suitable partner/parent involved to assist with childrearing. Most women don’t feel pressured by counseling that occurs in clinics but find it less helpful when it is state-mandated. Half of all women report seeing anti-abortion protestors at clinics and greater contact with them tends to be more upsetting.
  • Studies also suggest no evidence that abortion causes negative mental health outcomes, although being denied an abortion is associated with elevated anxiety and stress and lower self-esteem. Those who receive an abortion experience “a mix of positive and negative emotions in the days after […] with relief predominating.” The intensity of the emotion diminishes over time but over 95% of women report “abortion was the right decision for them at all times over five years after.”
  • Carrying an unwanted pregnancy tended to be associated with worse outcomes for women’s physical health and socioeconomic status. Women denied abortion who later gave birth reported more chronic pain and rated their overall health as worse. Economic insecurity for women and their families increased almost four-fold. In terms of education, women who received abortions tended to have higher odds of having positive one-year plans while women denied abortions were no more or less likely to drop out of school.

Donohue, John J., and Steven D. Levitt. “The Impact of Legalized Abortion on Crime Over the Last Two Decades.” The University of Chicago, Becker Friedman Institute for Economics Working Paper №2019–75 (May 2017). https://ssrn.com/abstract=3391510

  • This paper primarily argues that legalizing abortion in the 1970s had positive consequences in the significant reduction of crime even two decades later, in the 1990s. In particular, the paper suggested an approximate 20% decrease in crime rates between 1997 and 2014. Not only is abortion legalization a crucial factor but perhaps one of the most crucial ones in the significant reduction in crime rates (see Donohue and Levitt, 2001).
  • A particularly crucial aspect of the data collected was that it took close to a decade for the “number of abortions performed to reach a steady-state” attributed to the variability and heterogeneity of state-level data due to the variability and dynamic nature of evolving abortion legislation and abortion reform.
  • Moreover, the effect of abortion on crime rates was only incrementally visible as “crime-aged cohorts” were gradually exposed to legalized abortion. Donohue and Levitt’s work supports the abortion-crime hypothesis — that increased access to abortion would decrease crime.

Frost, Jennifer J., Jennifer Mueller, and Zoe H. Pleasure. “Trends and Differentials in Receipt of Sexual and Reproductive Health Services in the United States: Services Received and Sources of Care, 2006–2019.” The Guttmacher Institute, June 24, 2021. https://doi.org/10.1363/2021.33017

  • This report describes trends in reproductive and sexual health care across the United States over a 13-year period as told by the National Survey of Family Growth, the only national data source that contains detailed information on sexual and reproductive health. It finds that some 7 in 10 women of reproductive age (44 million people) make at least one medical visit for sexual and reproductive health care each year. However, disparities exist — Hispanic women are less likely to receive care than White women, and the uninsured are substantially less likely to receive care than privately insured women.
  • It further finds that publicly funded clinics were a critical source of care for young women, lower-income women, women of color, foreign-born women, women on Medicaid, and women without insurance.
  • The report also finds that the Affordable Care Act increased the number of women receiving contraceptive services by 8% among women with private providers. There was a complimentary drop among women receiving contraceptive care from publicly funded clinics.

Hill, J. Jackson IV. “The Need for a National Abortion Reporting Requirement: Why Both Sides Should Be in Support of Better Data.” Available at SSRN (May 2, 2014). https://ssrn.com/abstract=2306667.

  • Hill writes a paper urging organizations to improve the status of abortion reporting in the United States. Examining statistics collected by the Centers for Disease Control and the Guttmacher Institute, the author finds serious deficiencies, including a lack of voluntary reporting from states, conflicting requirements (or unenforced requirements) about what data is collected, and an absence of timely data.
  • After the passage of Roe, state legislatures attempted to mandate abortion reporting and monitoring; however, concerns over the safety of women’s choice, undue administrative hurdles, and issues over pervasive data collection made it difficult to impose a standardized, non-intrusive, and anonymized data collection practice.
  • Hill argues that these data gaps and paternalistic methods of collecting data have had consequences on the ability of policymakers to make decisions around abortion policy and undermine the public’s knowledge on the issue. He assesses the feasibility of federally regulated abortion data and potential other strategies for achieving reliable, uniform data. He proposes two avenues for a “comprehensive, uniform abortion data” set: a ‘command’ option that requires states to provide and collect abortion information for a federal database or a ‘bribe’ option that monetarily incentivizes states to provide this information.

Knowles Myers, Caitlin, and Morgan Welch. “What Can Economic Research Tell Us about the Effect of Abortion Access on Women’s Lives?” Brookings, November 30, 2021. https://www.brookings.edu/research/what-can-economic-research-tell-us-about-the-effect-of-abortion-access-on-womens-lives/

  • Knowles Myers and Welch write on what current economic research suggests about abortion access on women’s reproductive, social, and economic outcomes.
  • Comparing Alaska, California, Hawaii, New York, Washington, and the District of Columbia (states which repealed abortion bans prior to Roe) to other states, research suggests states that repealed abortion bans had between a 4–11% decline in births relative to the rest of the country — with effects particularly large for teens and women of color. Studies also suggest that abortion legalization reduced the number of teen mothers by 34% and reduced maternal mortality by 30–40%, with little impact on white women.
  • Additional studies indicate that abortion access has a large impact on the circumstances under which children are born. Various studies find that abortion legalization reduced the number of unwanted children, cases of neglect and abuse, and the number of children living in poverty. It also improved long-term outcomes by increasing the likelihood of child attendance in college.
  • Other studies find that abortion and pregnancy have substantial impact on women’s economic and social lives, with pregnancy frequently lowering women’s wages. This fact has substantial implications for “low-income mothers experiencing disruptive life events.” Based on various studies, the authors argue that “access to abortion could be pivotal to these women’s financial lives.”
  • While abortion is driven by views on women’s bodily autonomy and when life begins, the authors find a clear causal link between access to abortion and “whether, when, and under what circumstances women become mothers.” All studies suggest that access to abortion can have substantial implications on education, earnings, careers, and life outcomes. Restricting or eliminating access would diminish women’s personal and economic lives along with that of their families.

Maxmen, Amy. “Why Hundreds of Scientists Are Weighing in on a High-Stakes US Abortion Case.” Nature 599, no. 7884 (October 26, 2021): 187–89. https://doi.org/10.1038/d41586-021-02834-7

  • A piece by Amy Maxmen for Nature summarizes a recent amicus brief filed by more than 800 scientists and several scientific organizations providing data-driven research into how abortion access is an important aspect of reproductive health.
  • It notes, for example, more than 40 studies suggesting that receiving an abortion does not harm a woman’s mental or physical health but that being denied an abortion can result in negative financial and health outcomes. It also cites a 2019 study of nearly 900 women who “who sought but were unable to get abortions reported higher rates of chronic headaches and joint pain five years later, compared with those who got an abortion,” while a similar 2017 study finds no similar physical or psychological effects.
  • A separate amicus brief submitted to the Court by about 550 public health and reproductive health researchers described how unwanted pregnancies can result in worse health outcomes. It also can disproportionately harm the physical, mental, and economic well-being of Black people according to a separate study.
  • An additional amicus brief filed by economists notes several studies that found that “abortion legalization in the 1970s helped to increase women’s educational attainment, participation in the labor force and earnings — especially for single Black women.”

Myers, Caitlin, and Ladd, Daniel. “Did parental involvement laws grow teeth? The effects of state restrictions on minors’ access to abortion.” Journal of Health Economics, 71, (2020): p.102302. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3029823

  • A paper by Caitlin Knowles Myers of Germany’s IZA Institute of Labor Economics and Daniel Ladd of the University of California, Irvine compiles data on the location of abortion providers and enforcement of parental involvement laws. The researchers seek to assess the impact of laws requiring parental approval for an abortion have on minors seeking abortions.
  • The paper concludes that parental involvement laws may have contributed to a modest decline in teen births (a 1.4% reduction) during the 1980s and 1990s but a 2.8% increase from 1993 to 2014 in women aged 15 to 18.
  • It further finds that laws with an avoidance distance (the distance minors have to travel to avoid parental involvement and can seek an abortion confidentially) have significant effects. In the 1980s, a parental involvement law with an avoidance distance of 100 miles decreased teen births by 1.48%. A parental involvement law with a 400-mile avoidance distance, about a day’s drive, increases the teen birth rate by 4.3%.

Popinchalk, Anna, Cynthia Beavin, and Jonathan Bearak. “The State of Global Abortion Data: An Overview and Call to Action.” BMJ Sexual & Reproductive Health 48, no. 1 (January 1, 2022): 3–6. https://doi.org/10.1136/bmjsrh-2021-201109.

  • Popinchalf and colleagues at the Guttmacher Institute write in the journal BMJ Sexual & Reproductive Health on the urgent need for data on abortion incidents and access to examine disparities in people’s ability to safely terminate a pregnancy.
  • The authors note that the three sources of data on abortion are official statistics, surveys of women, and scientific studies. However, stigmatization and varying legal access undermine the quality of this data and can lead to substantial under-reporting. Even in high-income countries, there can be significant variation in the frequency with which data is published. This variation in quality and availability exacerbates inequities by limiting the number of experiences that can be studied.
  • The authors argue that data availability and quality of abortion care can be improved by investing in country-level surveys and scientific studies. It also argues for reducing stigma through community and provider messaging as it can hinder the accuracy and completeness of datasets.

Tierney, Katherine I. “Abortion Underreporting in Add Health: Findings and Implications.” Population Research and Policy Review 38, no. 3 (June 1, 2019): 417–28. https://doi.org/10.1007/s11113-019-09511-8

  • Tierney notes that there is substantial evidence that abortion is significantly underreported in the United States, especially among Black women and those in lower socioeconomic classes.
  • She supplements this review with her own evaluation of the abortion data in the National Longitudinal Study of Adolescent to Adult Health (Add Health), finding that the dataset captures only 35% of expected abortions. Examining data from 1994–1995, 1996, 2001–2002, and 2008–2009, she found severe abortion underreporting; however, there were no significant differences between race/ethnicity, age, or time of abortion and underreporting.
  • Tierney argues that this fact means that Add Health is no better than other surveys in collecting abortion data. She also argues that this underreporting, likely caused by stigma, has substantial implications for research and that researchers should be cautious with self-reports of abortion. Figures need to be evaluated, contextualized, and used with caution.

New laws to strengthen Canadians’ privacy protection and trust in the digital economy

Curated on Posted on by Stefaan Verhulst

Press Release: “Canadians increasingly rely on digital technology to connect with loved ones, to work and to innovate. That’s why the Government of Canada is committed to making sure Canadians can benefit from the latest technologies, knowing that their personal information is safe and secure and that companies are acting responsibly.

Today, the Honourable François-Philippe Champagne, Minister of Innovation, Science and Industry, together with the Honourable David Lametti, Minister of Justice and Attorney General of Canada, introduced the Digital Charter Implementation Act, 2022, which will significantly strengthen Canada’s private sector privacy law, create new rules for the responsible development and use of artificial intelligence (AI), and continue advancing the implementation of Canada’s Digital Charter. As such, the Digital Charter Implementation Act, 2022 will include three proposed acts: the Consumer Privacy Protection Act, the Personal Information and Data Protection Tribunal Act, and the Artificial Intelligence and Data Act.

The proposed Consumer Privacy Protection Act will address the needs of Canadians who rely on digital technology and respond to feedback received on previous proposed legislation. This law will ensure that the privacy of Canadians will be protected and that innovative businesses can benefit from clear rules as technology continues to evolve. This includes:

  • increasing control and transparency when Canadians’ personal information is handled by organizations;
  • giving Canadians the freedom to move their information from one organization to another in a secure manner;
  • ensuring that Canadians can request that their information be disposed of when it is no longer needed;
  • establishing stronger protections for minors, including by limiting organizations’ right to collect or use information on minors and holding organizations to a higher standard when handling minors’ information;
  • providing the Privacy Commissioner of Canada with broad order-making powers, including the ability to order a company to stop collecting data or using personal information; and
  • establishing significant fines for non-compliant organizations—with fines of up to 5% of global revenue or $25 million, whichever is greater, for the most serious offences.

The proposed Personal Information and Data Protection Tribunal Act will enable the creation of a new tribunal to facilitate the enforcement of the Consumer Privacy Protection Act. 

The proposed Artificial Intelligence and Data Act will introduce new rules to strengthen Canadians’ trust in the development and deployment of AI systems, including:

  • protecting Canadians by ensuring high-impact AI systems are developed and deployed in a way that identifies, assesses and mitigates the risks of harm and bias;
  • establishing an AI and Data Commissioner to support the Minister of Innovation, Science and Industry in fulfilling ministerial responsibilities under the Act, including by monitoring company compliance, ordering third-party audits, and sharing information with other regulators and enforcers as appropriate; and
  • outlining clear criminal prohibitions and penalties regarding the use of data obtained unlawfully for AI development or where the reckless deployment of AI poses serious harm and where there is fraudulent intent to cause substantial economic loss through its deployment…(More)”.

How Period-Tracker Apps Treat Your Data, and What That Means if Roe v. Wade Is Overturned

Curated on Posted on by Stefaan Verhulst

Article by Nicole Nguyen and Cordilia James: “You might not talk to your friends about your monthly cycle, but there’s a good chance you talk to an app about it. And why not? Period-tracking apps are more convenient than using a diary, and the insights are more interesting, too. 

But how much do you know about the ways apps and trackers collect, store—and sometimes share—your fertility and menstrual-cycle data?

The question has taken on new importance following the leak of a draft Supreme Court opinion that would overturn Roe v. Wade. Roe established a constitutional right to abortion, and should the court reverse its 1973 decision, about half the states in the U.S. are likely to restrict or outright ban the procedure.

Phone and app data have long been shared and sold without prominent disclosure, often for advertising purposes. HIPAA, aka the Health Insurance Portability and Accountability Act, might protect information shared between you and your healthcare provider, but it doesn’t typically apply to data you put into an app, even a health-related one. Flo Health Inc., maker of a popular period and ovulation tracker, settled with the Federal Trade Commission in 2021 for sharing sensitive health data with Facebook without making the practice clear to users.

The company completed an independent privacy audit earlier this year. “We remain committed to ensuring the utmost privacy for our users and want to make it clear that Flo does not share health data with any company,” a spokeswoman said.

In a scenario where Roe is overturned, your digital breadcrumbs—including the kind that come from period trackers—could be used against you in states where laws criminalize aiding in or undergoing abortion, say legal experts.

“The importance of menstrual data is not merely speculative. It has been relevant to the government before, in investigations and restrictions,” said Leah Fowler, research director at University of Houston’s Health Law and Policy Institute. She cited a 2019 hearing where Missouri’s state health department admitted to keeping a spreadsheet of Planned Parenthood abortion patients, which included the dates of their last menstrual period.

Prosecutors have also obtained other types of digital information, including text messages and search histories, as evidence for abortion-related cases…(More)”.

China’s Expanding Surveillance State

Curated on Posted on by Stefaan Verhulst

Article by  Isabelle Qian, Muyi Xiao, Paul Mozur and Alexander Cardia in the New York Times: “China’s ambition to collect a staggering amount of personal data from everyday citizens is more expansive than previously known, a Times investigation has found. Phone-tracking devices are now everywhere. The police are creating some of the largest DNA databases in the world. And the authorities are building upon facial recognition technology to collect voice prints from the general public.

The Times’s Visual Investigations team and reporters in Asia spent over a year analyzing more than a hundred thousand government bidding documents. They call for companies to bid on the contracts to provide surveillance technology, and include product requirements and budget size, and sometimes describe at length the strategic thinking behind the purchases. Chinese laws stipulate that agencies must keep records of bids and make them public, but in reality the documents are scattered across hard-to-search web pages that are often taken down quickly without notice. ChinaFile, a digital magazine published by the Asia Society, collected the bids and shared them exclusively with The Times.

This unprecedented access allowed The Times to study China’s surveillance capabilities. The Chinese government’s goal is clear: designing a system to maximize what the state can find out about a person’s identity, activities and social connections, which could ultimately help the government maintain its authoritarian rule.

Here are the investigation’s major revelations.

Analysts estimate that more than half of the world’s nearly one billion surveillance cameras are in China, but it had been difficult to gauge how they were being used, what they captured and how much data they generated. The Times analysis found that the police strategically chose locations to maximize the amount of data their facial recognition cameras could collect…

The Chinese authorities are realistic about their technological limitations. According to one bidding document, the Ministry of Public Security, China’s top police agency, believed the country’s video surveillance systems still lacked analytical capabilities. One of the biggest problems they identified was that the data had not been centralized….(More)”.

How the Federal Government Buys Our Cell Phone Location Data

Curated on Posted on by Stefaan Verhulst

Article by Bennett Cyphers: “…Weather apps, navigation apps, coupon apps, and “family safety” apps often request location access in order to enable key features. But once an app has location access, it typically has free rein to share that access with just about anyone.

That’s where the location data broker industry comes in. Data brokers entice app developers with cash-for-data deals, often paying per user for direct access to their device. Developers can add bits of code called “software development kits,” or SDKs, from location brokers into their apps. Once installed, a broker’s SDK is able to gather data whenever the app itself has access to it: sometimes, that means access to location data whenever the app is open. In other cases, it means “background” access to data whenever the phone is on, even if the app is closed.

One app developer received the following marketing email from data broker Safegraph:

SafeGraph can monetize between $1-$4 per user per year on exhaust data (across location, matches, segments, and other strategies) for US mobile users who have strong data records. We already partner with several GPS apps with great success, so I would definitely like to explore if a data partnership indeed makes sense.

But brokers are not limited to data from apps they partner with directly. The ad tech ecosystem provides ample opportunities for interested parties to skim from the torrents of personal information that are broadcast during advertising auctions. In a nutshell, advertising monetization companies (like Google) partner with apps to serve ads. As part of the process, they collect data about users—including location, if available—and share that data with hundreds of different companies representing digital advertisers. Each of these companies uses that data to decide what ad space to bid on, which is a nasty enough practice on its own. But since these “bidstream” data flows are largely unregulated, the companies are also free to collect the data as it rushes past and store it for later use. 

The data brokers covered in this post add another layer of misdirection to the mix. Some of them may gather data from apps or advertising exchanges directly, but others acquire data exclusively from other data brokers. For example, Babel Street reportedly purchases all of its data from Venntel. Venntel, in turn, acquires much of its data from its parent company, the marketing-oriented data broker Gravy Analytics. And Gravy Analytics has purchased access to data from the brokers Complementics, Predicio, and Mobilewalla. We have little information about where those companies get their data—but some of it may be coming from any of the dozens of other companies in the business of buying and selling location data.

If you’re looking for an answer to “which apps are sharing data?”, the answer is: “It’s almost impossible to know.” Reporting, technical analysis, and right-to-know requests through laws like GDPR have revealed relationships between a handful of apps and location data brokers. For example, we know that the apps Muslim Pro and Muslim Mingle sold data to X-Mode, and that navigation app developer Sygic sent data to Predicio (which sold it to Gravy Analytics and Venntel). However, this is just the tip of the iceberg. Each of the location brokers discussed in this post obtains data from hundreds or thousands of different sources. Venntel alone has claimed to gather data from “over 80,000” different apps. Because much of its data comes from other brokers, most of these apps likely have no direct relationship with Venntel. As a result, the developers of the apps fueling this industry likely have no idea where their users’ data ends up. Users, in turn, have little hope of understanding whether and how their data arrives in these data brokers’ hands…(More)”.

I tried to read all my app privacy policies. It was 1 million words.

Curated on Posted on by Stefaan Verhulst

Article by Geoffrey A. Fowler: “…So here’s an idea: Let’s abolish the notion that we’re supposed to read privacy policies.

I’m not suggesting companies shouldn’t have to explain what they’re up to. Maybe we call them “data disclosures” for the regulators, lawyers, investigative journalists and curious consumers to pore over.

But to protect our privacy, the best place to start is for companies to simply collect less data. “Maybe don’t do things that need a million words of explanation? Do it differently,” said Slaughter. “You can’t abuse, misuse, leverage data that you haven’t collected in the first place.”

Apps and services should only collect the information they really need to provide that service — unless we opt in to let them collect more, and it’s truly an option.

I’m not holding my breath that companies will do that voluntarily, but a federal privacy law would help. While we wait for one, Slaughter said the FTC (where Democratic commissioners recently gained a majority) is thinking about how to use its existing authority “to pursue practices — including data collection, use and misuse — that are unfair to users.”

Second, we need to replace the theater of pressing “agree” with real choices about our privacy.

Today, when we do have choices to make, companies often present them in ways that pressure us into making the worst decisions for ourselves.

Apps and websites should give us the relevant information and our choices in the moment when it matters. Twitter actually does this just-in-time notice better than many other apps and websites: By default, it doesn’t collect your exact location, and only prompts you to do so when you ask to tag your location in a tweet.

Even better, technology could help us manage our choices. Cranor suggests that data disclosures could be coded to be read by machines. Companies already do this for financial information, and the TLDR Act would require consistent tags on privacy information, too. Then your computer could act kind of like a butler, interacting with apps and websites on your behalf.

Picture Siri as a butler who quizzes you briefly about your preferences and then does your bidding. The privacy settings on an iPhone already let you tell all the different apps on your phone not to collect your location. For the past year, they’ve also allowed you to ask apps not to track you.

Web browsers could serve as privacy butlers, too. Mozilla’s Firefox already lets you block certain kinds of privacy invasions. Now a new technology called the Global Privacy Control is emerging that would interact with websites and instruct them not to “sell” our data. It’s grounded in California’s privacy law, which is among the toughest in the nation, though it remains to be seen how the state will enforce GPC…(More)”.

We Need to Take Back Our Privacy

Curated on Posted on by Stefaan Verhulst

Zeynep Tufekci in The New York Times: “…Congress, and states, should restrict or ban the collection of many types of data, especially those used solely for tracking, and limit how long data can be retained for necessary functions — like getting directions on a phone.

Selling, trading and merging personal data should be restricted or outlawed. Law enforcement could obtain it subject to specific judicial oversight.

Researchers have been inventing privacy-preserving methods for analyzing data sets when merging them is in the public interest but the underlying data is sensitive — as when health officials are tracking a disease outbreak and want to merge data from multiple hospitals. These techniques allow computation but make it hard, if not impossible, to identify individual records. Companies are unlikely to invest in such methods, or use end-to-end encryption as appropriate to protect user data, if they could continue doing whatever they want. Regulation could make these advancements good business opportunities, and spur innovation.

I don’t think people like things the way they are. When Apple changed a default option from “track me” to “do not track me” on its phones, few people chose to be tracked. And many who accept tracking probably don’t realize how much privacy they’re giving up, and what this kind of data can reveal. Many location collectors get their data from ordinary apps — could be weather, games, or anything else — that often bury that they will share the data with others in vague terms deep in their fine print.

Under these conditions, requiring people to click “I accept” to lengthy legalese for access to functions that have become integral to modern life is a masquerade, not informed consent.

Many politicians have been reluctant to act. The tech industry is generous, cozy with power, and politicians themselves use data analysis for their campaigns. This is all the more reason to press them to move forward…(More)”.

GDPR and the Lost Generation of Innovative Apps

Curated on Posted on by Stefaan Verhulst

Paper by Rebecca Janßen, Reinhold Kesler, Michael E. Kummer & Joel Waldfogel: “Using data on 4.1 million apps at the Google Play Store from 2016 to 2019, we document that GDPR induced the exit of about a third of available apps; and in the quarters following implementation, entry of new apps fell by half. We estimate a structural model of demand and entry in the app market. Comparing long-run equilibria with and without GDPR, we find that GDPR reduces consumer surplus and aggregate app usage by about a third. Whatever the privacy benefits of GDPR, they come at substantial costs in foregone innovation…(More)”.

Roe draft raises concerns data could be used to identify abortion seekers, providers

Curated on Posted on by Stefaan Verhulst

Article by Chris Mills Rodrigo: “Concerns that data gathered from peoples’ interactions with their digital devices could potentially be used to identify individuals seeking or performing abortions have come into the spotlight with the news that pregnancy termination services could soon be severely restricted or banned in much of the United States.

Following the leak of a draft majority opinion indicating that the Supreme Court is poised to overturn Roe v. Wade, the landmark 1973 decision that established the federal right to abortion, privacy advocates are raising alarms about the ways law enforcement officials or anti-abortion activists could make such identifications using data available on the open market, obtained from companies or extracted from devices.

“The dangers of unfettered access to Americans’ personal information have never been more obvious. Researching birth control online, updating a period-tracking app or bringing a phone to the doctor’s office could be used to track and prosecute women across the U.S.,” Sen. Ron Wyden (D-Ore.) said in a statement to The Hill. 

Data from web searches, smartphone location pings and online purchases can all be easily obtained with little to no safeguards.

“Almost everything that you do … data can be captured about it and can be fed into a larger model that can help somebody or some entity infer whether or not you may be pregnant and whether or not you may be someone who’s planning to have an abortion or has had one,” Nathalie Maréchal, senior policy manager at Ranking Digital Rights, explained. 

There are three primary ways that data could travel from individuals’ devices to law enforcement or other groups, according to experts who spoke with The Hill.

The first is via third party data brokers, which make up a shadowy multibillion dollar industry dedicated to collecting, aggregating and selling location data harvested from individuals’ mobile phones that has provided unprecedented access to the daily movements of Americans for advertisers, or virtually anyone willing to pay…(More)”.

‘Agile governance’ could redesign policy on data protection. Here’s why that matters

Curated on Posted on by Stefaan Verhulst

Article by Nicholas Davis: “Although technology regulation is evolving rapidly in today’s world, such regulation remains greatly fragmented across national and regional divides. Agile governance can potentially solve this fragmentation by promoting nimbler, more fluid, and more adaptive approaches to regulation.

Whether it is privacy, cyber security, cyber warfare, national security, or prohibited content, every hot-button issue in technology governance today seems to be of global concern, yet resides in the hands of nationally-focused lawmakers relying on outdated policies that continue to reinforce the fragmentation of technology regulation.

Take data protection, for example. The EU’s General Data Protection Regulation (GDPR), which was first proposed in 2012 and came into effect in 2018, is essentially an international privacy law for data protection. Any organization that processes any personal data from any EU citizen is covered.

Beyond its extraterritorial impact, it has inspired similar efforts to update and improve data protection in other jurisdictions, such as in JapanChileEgypt, and the state of California in the United States…(More)”.