I mean there is little recourse they have either way, they have to comply, even if they wanted to not hand over the data, they'd have to change the app in ways that leaves them no way to provide cops with the data.
Not complying with lawful requests likely isn't a palatable option for these companies. But they could change their data collection practices in order to not have the data in the first place. Too bad they are also strongly incentivized not do do that either.
Sure they can! In 2016, Apple famously declined multiple requests and even court orders to help unlock some iPhones. I don't blame them in the slightest for declining to publicly answer a hypothetical question about it on the spur of the moment (and a pretty poorly framed question too - how is a tech company gonna know if a particular law enforcement request is abortion-related?), but it's reasonable to hope they're developing a strategy here.
I think at the time they just found another way in. Since they'd won all the cases and appeals so far, and since the law is clear (even if I disagree with it) I don't think they were afraid. Remember, that was the court that refused to hear privacy cases around the NSA, warrent-less wiretapping etc. And since then the court has taken a hard right swing...
Those orders could not be compelled by a judge. Different situation. Unless something drastic changes, companies can be forced to hand over data, but they cannot be forced to create new expressions or sources of information for law enforcement. (Ignoring whatever NSA shenanigans may be occurring.)
And if it’s not the law in the state where they currently have servers? It would be interstate commerce, which is controlled at the federal level, not the state level.
Like the idea of seizing the servers. Yes, a company like Google must comply with lawful court orders, but surely possessing the hardware would be by far the worst way to get it. They’d never find anything.
That is literally how all warrants and court orders work... Comply, appeal, or a guy with a truncheon will give you concussion and we'll seize anything that might have been associated with something to do with the case.
Kinda grim, if the implied best case in the current US situation is to hope that corporations like Apple and Google and AWS will finally step up to completely ignore the law. I mean... all the other PR those companies doesn't exactly imply they'll be the best shepherds of the people's best interest...
At the risk of Godwin-ing myself, history is a relevant teacher here. Many companies were more than happy to provide services to Nazi Germany in the lead up to WWII. Most notably, IBM and their punch card machines[1]. Or, more recently, consider how many American companies have conceded to giving Chinese authorities special access to their Chinese users[2].
Corporate morality rarely extends beyond its value as PR. Once the financial cost of doing the right thing exceeds the PR value, it's probable that the financial considerations will prevail.
> Corporate morality rarely extends beyond its value as PR. Once the financial cost of doing the right thing exceeds the PR value, it's probable that the financial considerations will prevail.
Make that the morality of most individuals. Few people in the world are bleeding hearts. Most will pay lip service to a cause and then go back to work on Monday to pay taxes to the very government they condemned as oppressive. If every Tom, Dick, and Harry are each fickle enough to preserve themselves when their livelihoods and investments become threatened, why expect a group of them under the banner of ABC, inc. to be any more self-sacrificial?
> Corporate morality rarely extends beyond its value as PR. Once the financial cost of doing the right thing exceeds the PR value, it's probable that the financial considerations will prevail.
Money interprets ethics as damage and routes around it.
There could be multiple ways to interpret complying with requests for information, especially since there's nothing specific to abortion information in cutrent law and no case law to look at. Why would a company provide a statement around a poorly defined hypothetical?
I am horrified that the day has arrived that as a person, as a woman, I might have to actually think twice what I look up on Google or what I store on my emails or WhatsApp chats because until now I haven't ever worried for a moment.
[Edit] most relevant reply here from Krapp: If you're using a period tracker, you may want to consider deleting it
Yeah, I saw a post that said the US has become "Chrisitian" Saudi Arabia and it is hard to argue that it hasn't (or won't be very very soon). Just look at the $2B payoff from one Saudi country to another.
Really? Only now? Not 9 years ago when the snowden/NSA revelations came out? I mean, it's great that people are realizing the dangers of the surveillance state, but it's sad that they didn't care until it personally affected them. That does not bode well for the other 50% of the population where the hot button political issue isn't really applicable to them.
Well, besides the obvious "suspicious search terms" (eg. anarchists cookbook), there was a general concern of the fact that the data collected might be used against be in some unknown way in the future (sort of like how posting stuff on social media might cause you to get canceled a decade down the line).
> there was a general concern of the fact that the data collected might be used against be in some unknown way in the future
I think this is a reasonable concern. But I think this is where it differs from the concern people have with sharing abortion data.
In the NSA case, the concern is in a possible future, the information they've gathered could be used against you in some way.
In the current abortion data case, the concern is:
1. That there are states with laws on the books that would punish you if this information came to light.
2. There are companies with this information in hand that have no legal obligation to keep it private.
3. These companies refuse to make any sort of agreement or promise to keep this data away from those that would use it against you, or destroy the data.
4. These companies are within the legal jurisdiction of the aforementioned states.
The threat here is much more concrete.
Edit: To be clear, I'm not saying that the mass collection of data by the NSA is harmless. Rather, I understand why people are more concerned about the abortion data collection, because the threat is more concrete. The full consequence that NSA data collection poses haven't actualized, but depending on how things go, could be much, much worse than this.
Well if you looked further than 2 feet ahead, you'd be worried about getting a secret personality and political profile assembled on you, that a subsequent administration (or anyone that hacks them, or does the same kind of data collection as the NSA/Google/Facebook/VISA/China [1]/..) could use to extra-legally exclude you from payment systems [2], services [3,4], government jobs [5], and..
Oh, wait, I said "further than 2 feet ahead", but this is already happening. Well it can always get worse, who knows how close towards China the US will move in the next few decades. Or maybe your political stance will continue to be so totally in-line with the establishment, that even living in a state-corporate panopticon, you will have nothing to worry about. The ideal citizen of the future.
You saw the cage closing in around you, but thought "Why should I worry? I'm on good terms with the warden."
All your cites are for white nationalism, which is by definition antithetical to a free American society. They also seem to be conflating actions taken by the government (2, 5) and operations taken by private companies (4).
I'm also not sure what you mean by "extra-legally" in this context. "Extralegal" means not regulated or sanctioned by law. AirBnB banning people from its platform is certainly regulated - for example, you can't ban based on protected classes (of which being a white nationalist is not). Governmental hiring, military admissions, etc. are all clearly very regulated environments.
> All your cites are for white nationalism, which is by definition antithetical to a free American society
What does operation Chokepoint or Chinese hacking have to do with white nationalism? And don't worry, they'll define every opinion they want to suppress as "antithetical to a free American society" - anti-immigration becomes white supremacy, anti-war becomes Muslim extremism/support of dictators, anti-factory-farming becomes eco-terrorism [1],...
> conflating actions taken by the government and operations taken by private companies
I'm not conflating anything. I'm listing the risks of surveillance - they are present in both the corporate and governmental spheres, not limited to only one or the other.
[1] Supporters of ag-gag laws have argued that they serve to protect the agriculture industry from the negative repercussions of exposés by whistle blowers. - https://en.wikipedia.org/wiki/Ag-gag
Snowden revealed that you're in danger if you're "an interesting person". Politician? Journalist? Civil rights advocate? These people have all been encrypting their emails for a decade.
It's the first time in, well, a long long time, that an average person might have something to hide, simply for the crime of being female.
It's something that I've always worried about, but these new abortion laws do make the surveillance state a lot more powerful against women. Something like a stillbirth can now easily lead to a woman having all of her data searched through and anything in there that makes it look like an abortion happened can result in decades in prison.
I'm struggling to think of a law that had the same effect on as many people as before.
Women who have had stillbirths were already subject to this type of investigation and many women, especially those of color and/or lower economic status, have been charged with homicide or manslaughter following stillbirths based upon little to no evidence of them doing anything to cause the stillbirth.
> Something like a stillbirth can now easily lead to a woman having all of her data searched through and anything in there that makes it look like an abortion happened can result in decades in prison.
Because things that are not procured abortions were not protected by Roe even when it was in place, places with fetal homicide laws while Roe was in place have, in fact, investigated and, though far less often, sometimes charged miscarriages/stillbirths as homicides, usually of types involving recklessness or criminal negligence, not intent-to-kill.
How is WhatsApp different if they get legal access to your phone? I don't see how data stored locally in WhatsApp is different than data stored on your phones email client.
Everyone has their moment. Glad you’re waking up to the wholesale data trading that has been happening for years in the period tracking app industry. My hope is we will see better data models emerge there.
Tech companies are US corporations which are legal entities created under US laws and run by US citizens who are human beings who can be handcuffed and put in prison. Asking them to break US laws, even bad ones, is unrealistic.
What we should be asking them is whether they’re now doing everything they can to scrub their datasets of information that could be requested by police and could be used in abortion cases.
>What we should be asking them is whether they’re now doing everything they can to scrub their datasets of information that could be requested by police and could be used in abortion cases.
You have to define what is actually illegal and how the data would be used. Most of the laws are about performing an abortion in the state. I'm not up to date on everything, but generally state jurisdiction ends at the state line. For example, someone in CA can look up high capacity magazines and buy them in another state without ever bringing them back into CA. They can't prosecute you for touching a 30rd mag in a different state.
Executives can move to a non-extradition state, Boston and MA have already stated they won't cooperate with extradition requests in relation to abortion prosecutions.
You might also want to consider the long term cost of being parties to a human rights violation under color of law, vs the short-term cost of not doing that.
What law does it break? And should/does the state have this kind of power to view your private, personal affairs? Can the government also see if I walk 10,000 steps per day?
IANAL but to be clear, scrubbing all data personal is probably fine, but specifically looking for an illegal activity (ie. abortion) and scrubbing that data seems like destruction of evidence and/or aiding/abetting to me.
I generally agree. One thing to point out, they could probably delete it right now before there's any case law that states the information can be used in these sort of cases, and what type of data that is. At this point it's all hypothetical, and much of it hasn't been well defined or tied to the actual act.
If the company operates out of California, well, state's rights and that activity isn't illegal in California and there is nothing anyone can do about it.
If the company operates out of one of the states that is making abortion illegal then yea maybe, except that states such as California or New York may make it a requirement that companies collecting such data must delete it upon request from their citizens in order to operate in that state. At which point nobody is keeping their HQ in an anti-abortion state so it probably doesn't matter because there is nobody who can enforce the law. It will just come down to jurisdiction.
But good luck to anti-abortion states in enforcing these laws and trying people for murder or something. State governments are already woefully incompetent at enforcing other laws. I personally will be donating to entities that help fund people who need help covering travel expenses for an abortion.
The question is whether they have enough data to provide to law enforcement if one their users underwent an abortion. If they aren't collecting enough data to determine this then they could just state: "we can't and therefor we won't"
It's a huge red flag if corps think they have enough data about their users that they think they can provide this data.
edit: I'm not talking about social media where people might explicitly say this.
We have already seen law enforcement ask for identification of users and other data of all phones in the vicinity of a crime. It's not a leap to imagine them asking for this same data using a geofence around providers and using that to obtain search history, communications, or other records
Then I can't comment on this. I don't live in the US nor know what it is like.
I was responding to this from an 'EU' perspective. For the tech companies who do bussiness globally, my objection still stands. In the country I'm living in, the data collected to determine whether someone is pregnant or had an abortion, is data collected beyond what they should be collecting to provide their service.
I have no idea why a company who provides: email, vpn, search, etc... should be able to figure out users health data.
They probably shouldn't have access to any personal information in an ideal world. But they gather as much info as possible to sell advertising and pay for the service. At least here in the US there have been well know cases where someone starts receiving pregnancy related ads before they even know they're pregnant, just based on other data/activities that are correlated to becoming pregnant.
Yes. What I want to hear from any company that stores health data is “Health data, including period tracking, is 100% end to end encrypted. We don’t have the keys to this data and are unable to provide it to any law enforcement.”
Short of that, I don’t trust them.
Having said that, I’m not sure at all how Snapchat, etc enter into this. They are platforms where people post about themselves to the world. If I had a post saying “I am on the way to get an abortion” I am not sure how or why the company would get between me and the law.
If information is published publicly by users LEO should be invited to scrub it from public facing services themselves. Why should companies provide any help surveil its users?
If FB can tell when/if you’re pregnant it can also probably tell how likely you are to get an abortion. What’s to stop LEO from stopping at demanding raw data and start asking for algorithmic data as well.
Companies should at least commit to challenging this type of data collection in the court system. Also, the minute we agree with tech companies cooperating with bad laws in the US we lose all moral basis for insisting they don't cooperate with bad laws in authoritarian regimes around the world. Do we really want to live in a world where we accept the idea that companies don't have moral obligations beyond "comply with local laws no matter how immoral"?
It also means very little that Google and other companies are committing to provide out of state abortions if they are only willing to do so in a way that the insurance provider tracks and reimburses those expenses before handing them over to the state so you can be prosecuted for undergoing a medical procedure. This doesn't actually accomplish getting people safe access to abortion, it's theatre.
Corporations that pay employees below subsistence levels are indirectly bailed out by food stamps programs. I wouldn't depend on them for moral anything.
>Corporations that pay employees below subsistence levels are indirectly bailed out by food stamps programs
I never understood this argument. How are the corporations being "bailed out" in this case? The employees need sustenance regardless of whether they're employed or not. If anyone is getting "bailed out" it's the food stamp programs, because the programs are means tested and receiving income from employment reduces the amount of funds that need to be handed out.
Yes, I want to live in a world where corporations' moral obligation is to comply with local laws of the countries they operate in no matter whether they agree with them or not. It should not be left up to corporations to pick and choose which laws they will comply with. If a corporation disagrees with the law in a particular country they either need to live with it, work to get the law changed through the legitimate means available in that country or stop operating in the country.
Tech companies are US corporations which are legal entities created under US laws and run by US citizens who are human beings who can be handcuffed and put in prison.
Oh, I wish the human beings in big corporations would be handcuffed for breaking US law when they do things like tax evasion, wage theft, have unfair labor practices, etc. I in no way expect these big corporations to do anything for me out of the goodness of their own heart, as the article suggests, but let's not pretend like the law doesn't apply differently to them.
>I in no way expect these big corporations to do anything for me out of the goodness of their own heart, as the article suggests, but let's not pretend like the law doesn't apply differently to them.
The parent post doesn't imply equal treatment under the law, only that the state can coerce the employees/executives of tech companies into complying.
The parent post also implies that companies are lawful and abiding when infact they continuously attempt to circumvent the law just when its in their own self interest
Welcome to the sting all the "crazies" in the anti-data hoovering camp were on about. Geofence warrants around known abortion clinics, financial purchase/search query surveillance, you name it. If a State Attorney General decides it's worth pursuing, I guarantee the datasets that have been hoovered are more than enough to spill the beans on anyone.
This is why data, in particular geospatial location history data, is toxic as all hell just by existing.
The tech bros at these FAANG companies will give into law enforcement with your privacy destroyed and violated, something the Free Software Foundation (FSF) had been fighting to prevent and to totally remove such surveillance capitalist products made by these companies. That fight has been lost and is a complete failure.
Now these data barons will comply, happily give your data away and they do not care and won't change.
92 comments
[ 4.8 ms ] story [ 180 ms ] threadThe US has a very disfunctional political system. But that doesn't mean it's viable to just try and shame big companies into overriding the law...
The current one, on the other hand, might work great for the FBI. In 1868, Vigenère was considered unbreakable. If it was good enough then...
Sounds kinda tyrannical
Corporate morality rarely extends beyond its value as PR. Once the financial cost of doing the right thing exceeds the PR value, it's probable that the financial considerations will prevail.
[1] https://en.wikipedia.org/wiki/IBM_and_World_War_II#Critics_o...
[2] https://www.reuters.com/article/us-china-apple-icloud-insigh...
Make that the morality of most individuals. Few people in the world are bleeding hearts. Most will pay lip service to a cause and then go back to work on Monday to pay taxes to the very government they condemned as oppressive. If every Tom, Dick, and Harry are each fickle enough to preserve themselves when their livelihoods and investments become threatened, why expect a group of them under the banner of ABC, inc. to be any more self-sacrificial?
Money interprets ethics as damage and routes around it.
There could be multiple ways to interpret complying with requests for information, especially since there's nothing specific to abortion information in cutrent law and no case law to look at. Why would a company provide a statement around a poorly defined hypothetical?
[Edit] most relevant reply here from Krapp: If you're using a period tracker, you may want to consider deleting it
But this certainly brings USA one step closer to Iran and Saudi Arabia in terms of religious extremism and your individual rights as a woman.
What were you worried about looking up/messaging when those revelations came out?
I think this is a reasonable concern. But I think this is where it differs from the concern people have with sharing abortion data.
In the NSA case, the concern is in a possible future, the information they've gathered could be used against you in some way.
In the current abortion data case, the concern is:
1. That there are states with laws on the books that would punish you if this information came to light.
2. There are companies with this information in hand that have no legal obligation to keep it private.
3. These companies refuse to make any sort of agreement or promise to keep this data away from those that would use it against you, or destroy the data.
4. These companies are within the legal jurisdiction of the aforementioned states.
The threat here is much more concrete.
Edit: To be clear, I'm not saying that the mass collection of data by the NSA is harmless. Rather, I understand why people are more concerned about the abortion data collection, because the threat is more concrete. The full consequence that NSA data collection poses haven't actualized, but depending on how things go, could be much, much worse than this.
Oh, wait, I said "further than 2 feet ahead", but this is already happening. Well it can always get worse, who knows how close towards China the US will move in the next few decades. Or maybe your political stance will continue to be so totally in-line with the establishment, that even living in a state-corporate panopticon, you will have nothing to worry about. The ideal citizen of the future.
You saw the cage closing in around you, but thought "Why should I worry? I'm on good terms with the warden."
[1] https://www.nbcnews.com/tech/security/china-spent-years-coll...
[2] https://en.wikipedia.org/wiki/Operation_Chokepoint
[3] https://www.nbcnews.com/news/us-news/ahead-far-right-wing-ra...
[4] https://www.foxnews.com/travel/airbnb-bans-white-supremacist...
[5] https://www.nytimes.com/2021/01/18/us/politics/military-capi...
I'm also not sure what you mean by "extra-legally" in this context. "Extralegal" means not regulated or sanctioned by law. AirBnB banning people from its platform is certainly regulated - for example, you can't ban based on protected classes (of which being a white nationalist is not). Governmental hiring, military admissions, etc. are all clearly very regulated environments.
What does operation Chokepoint or Chinese hacking have to do with white nationalism? And don't worry, they'll define every opinion they want to suppress as "antithetical to a free American society" - anti-immigration becomes white supremacy, anti-war becomes Muslim extremism/support of dictators, anti-factory-farming becomes eco-terrorism [1],...
> conflating actions taken by the government and operations taken by private companies
I'm not conflating anything. I'm listing the risks of surveillance - they are present in both the corporate and governmental spheres, not limited to only one or the other.
[1] Supporters of ag-gag laws have argued that they serve to protect the agriculture industry from the negative repercussions of exposés by whistle blowers. - https://en.wikipedia.org/wiki/Ag-gag
I know what you're doing in the bathroom, but you still close the door.
It's the first time in, well, a long long time, that an average person might have something to hide, simply for the crime of being female.
I'm struggling to think of a law that had the same effect on as many people as before.
Because things that are not procured abortions were not protected by Roe even when it was in place, places with fetal homicide laws while Roe was in place have, in fact, investigated and, though far less often, sometimes charged miscarriages/stillbirths as homicides, usually of types involving recklessness or criminal negligence, not intent-to-kill.
End to end encryption doesn't matter if the ends are p3wned.
Oh wait - https://en.wikipedia.org/wiki/PRISM
What we should be asking them is whether they’re now doing everything they can to scrub their datasets of information that could be requested by police and could be used in abortion cases.
That sound illegal in and of itself.
By this logic no user data can ever be deleted, just in case it becomes relevant to enforcing a future law.
That's cold comfort when the AG of those minority states decide to prosecute the company or their executives.
>By this logic no user data can ever be deleted, just in case it becomes relevant to enforcing a future law.
But it's illegal in 13 states right now.
https://en.wikipedia.org/wiki/Trigger_law
You have to define what is actually illegal and how the data would be used. Most of the laws are about performing an abortion in the state. I'm not up to date on everything, but generally state jurisdiction ends at the state line. For example, someone in CA can look up high capacity magazines and buy them in another state without ever bringing them back into CA. They can't prosecute you for touching a 30rd mag in a different state.
Fair enough, but this data should be getting deleted for users in the other 37 states right now.
Executives can move to a non-extradition state, Boston and MA have already stated they won't cooperate with extradition requests in relation to abortion prosecutions.
You might also want to consider the long term cost of being parties to a human rights violation under color of law, vs the short-term cost of not doing that.
This point is actually a big part of the original decisions regarding abortion, so the current SCOTUS might very well say yes they do
If the company operates out of California, well, state's rights and that activity isn't illegal in California and there is nothing anyone can do about it.
If the company operates out of one of the states that is making abortion illegal then yea maybe, except that states such as California or New York may make it a requirement that companies collecting such data must delete it upon request from their citizens in order to operate in that state. At which point nobody is keeping their HQ in an anti-abortion state so it probably doesn't matter because there is nobody who can enforce the law. It will just come down to jurisdiction.
But good luck to anti-abortion states in enforcing these laws and trying people for murder or something. State governments are already woefully incompetent at enforcing other laws. I personally will be donating to entities that help fund people who need help covering travel expenses for an abortion.
If they pay for your data (like other entities can and do), yes they can.
The question is whether they have enough data to provide to law enforcement if one their users underwent an abortion. If they aren't collecting enough data to determine this then they could just state: "we can't and therefor we won't"
It's a huge red flag if corps think they have enough data about their users that they think they can provide this data.
edit: I'm not talking about social media where people might explicitly say this.
We have already seen law enforcement ask for identification of users and other data of all phones in the vicinity of a crime. It's not a leap to imagine them asking for this same data using a geofence around providers and using that to obtain search history, communications, or other records
The laws differ between what law enforcement can and can't do.
https://johnfbakerlaw.com/the-good-the-bad-and-the-ugly-of-g...
I was responding to this from an 'EU' perspective. For the tech companies who do bussiness globally, my objection still stands. In the country I'm living in, the data collected to determine whether someone is pregnant or had an abortion, is data collected beyond what they should be collecting to provide their service.
I have no idea why a company who provides: email, vpn, search, etc... should be able to figure out users health data.
Short of that, I don’t trust them.
Having said that, I’m not sure at all how Snapchat, etc enter into this. They are platforms where people post about themselves to the world. If I had a post saying “I am on the way to get an abortion” I am not sure how or why the company would get between me and the law.
It also means very little that Google and other companies are committing to provide out of state abortions if they are only willing to do so in a way that the insurance provider tracks and reimburses those expenses before handing them over to the state so you can be prosecuted for undergoing a medical procedure. This doesn't actually accomplish getting people safe access to abortion, it's theatre.
I never understood this argument. How are the corporations being "bailed out" in this case? The employees need sustenance regardless of whether they're employed or not. If anyone is getting "bailed out" it's the food stamp programs, because the programs are means tested and receiving income from employment reduces the amount of funds that need to be handed out.
Oh, I wish the human beings in big corporations would be handcuffed for breaking US law when they do things like tax evasion, wage theft, have unfair labor practices, etc. I in no way expect these big corporations to do anything for me out of the goodness of their own heart, as the article suggests, but let's not pretend like the law doesn't apply differently to them.
The parent post doesn't imply equal treatment under the law, only that the state can coerce the employees/executives of tech companies into complying.
Welcome to the sting all the "crazies" in the anti-data hoovering camp were on about. Geofence warrants around known abortion clinics, financial purchase/search query surveillance, you name it. If a State Attorney General decides it's worth pursuing, I guarantee the datasets that have been hoovered are more than enough to spill the beans on anyone.
This is why data, in particular geospatial location history data, is toxic as all hell just by existing.
It means they will comply and give the data away.
The tech bros at these FAANG companies will give into law enforcement with your privacy destroyed and violated, something the Free Software Foundation (FSF) had been fighting to prevent and to totally remove such surveillance capitalist products made by these companies. That fight has been lost and is a complete failure.
Now these data barons will comply, happily give your data away and they do not care and won't change.
Curious how well those companies, purely staffed with right-wing open carry fundamentalist Christians, will do.