Today the House voted to reauthorize the Foreign Intelligence Surveillance Act (FISA), the legislation originally intended to aid government tracking of foreign terrorists but often abused for unauthorized surveillance of American citizens. The bill the House passed is incredibly disappointing for those who want to see FISA reformed so it cannot be abused in the future. But lurking behind the discussion over FISA reform is a broader discussion about privacy and how different legal frameworks, including FISA and the Electronic Communications Privacy Act (ECPA), intersect with the processes whereby federal and state governments can get personal information from internet service providers and platforms like Facebook and Google and how these can all be weaponized against women in a post-Dobbs world.  

In the two years since the Supreme Court took away the federal right to abortion in Dobbs, states have rushed to pass restrictive abortion laws criminalizing the women who get abortions and the doctors who provide them. In an effort to enforce these draconian measures some states are exploiting the law to track down and punish women who receive abortions and doctors who provide them.

What happened recently in Nebraska is a case in point. Jessica Burgess and her daughter faced criminal charges stemming from allegations related to an illegal abortion under Nebraska’s state law that bans most abortions after 12 weeks. In an effort to build their case, prosecutors secured a warrant to access their private digital activities, compelling Meta to surrender private messages exchanged between the two which showed that the pregnancy had been aborted, not miscarried as the two claimed. Crucially, the information was obtained legally through a warrant. In response, California and Washington – home to the country’s major internet platforms – passed shield laws which prohibit electronic communication providers like Meta, Google, Apple and Microsoft and others based in those states from complying with warrants, subpoenas and any other demands for data to support investigations of reproductive health activities.

California’s shield law is a victory for privacy, for reproductive health and for accountable governments not interfering in the personal health decisions of everyday Americans. But these laws also mean that governments who want to prosecute women who receive and doctors who provide reproductive health care will be looking for other ways to access information about their activities. Unfortunately for those who care about privacy, there are currently legal ways for them to do so.

Although traditionally the Fourth Amendment’s warrant requirement serves as a safeguard against unwarranted and unjust searches by law enforcement, the so-called data broker loophole gives local, state and federal prosecutors a way to bypass warrant requirements and surveil Americans’ communications with little to no oversight. Data broker loopholes, including ones that are found in FISA and ECPA, permit governments to buy sensitive records such as cell phone location data from data brokers and bypass the need for a warrant from the courts. This information could easily be weaponized, just as Facebook’s information was weaponized in Nebraska.

A recent Politico report, bolstered by information disclosed by Senator Ron Wyden, drives this point home. Near Intelligence, Inc., a data broker, collected, allegedly without consent, the location data of visitors to nearly 600 Planned Parenthood facilities across 48 states. It then sold that data to an anti-abortion group, which used it in a massive ad campaign. Senator Wyden, in his letter to the Federal Trade Commission and U.S. Securities and Exchange Commission, underscored the grave implications of an unregulated data broker industry where private information is available to the highest bidder for potentially harmful purposes. Senator Wyden emphasized in a statement accompanying his letter the danger of data brokers selling reproductive health data to extremists, who could then exploit it to spread misinformation, targeting, intimidating, and possibly prosecuting women seeking healthcare. 

Unfortunately, in a post-Dobbs world, the dangers to women and doctors are no longer theoretical. It is crucial that Congress close the data broker loophole immediately. It is incredibly disappointing that the House today failed to address the data broker loophole as part of this reauthorization. But there are other things Congress can and should do, including passing the Fourth Amendment is Not For Sale Act which would mandate that the government obtain a court order before compelling data brokers to disclose data under ECPA and continuing to try to legislatively close the FISA data broker loophole. Otherwise, women’s lives and liberty will hang in the balance.