By Steven Orpwood

Head of Privacy Office

 

On 24^th June 2022 the US Supreme Court overturned the 1973 ruling that abortion is a constitutional right, and that it should instead be a decision made at State level.  As a result, it is estimated that up to 26 States will alter their abortion policies and make it illegal.  The upshot being that for a woman living in a State where abortion becomes illegal, an abortion, even if carried out outside the State, will result in prosecution.

 

Whatever the rights and wrongs of such a ruling, it is clear that in the 21^st Century where data tracking of our movements is readily available and routinely carried out, there is a risk that such data, even if it is considered personal and is subject to strict regulation, could be acquired by the authorities and used as evidence against us.  This is not new - figures from Google show that ten States that have banned abortion as of 5^th July have between them made 5,764 “geofence” (virtual geographic boundaries) warrants between 2018 and 2020, relating to various offences.  These warrants demand GPS data showing which mobile devices were present in a specified area during a particular time period, and can help investigate individuals who were present at crime scenes or other locations of interest.

 

Currently, there is no legislation that might distinguish between different types of crime, and no cases have come to light of warrants being used to prosecute abortions, but it is clear that data protection, and the right of the individual to have control over the use of their own personal data is not always clear cut and can be limited.  The US is currently experiencing a huge rise in the number of States introducing privacy legislation, and the federal government is considering a draft federal law with support from both houses and parties, so it will be interesting to see how this situation develops and how both sides of the argument are represented.

 

What is clear though, is that we should always be wary of what personal data we allow into the public domain, and that making conscious decisions about how we use our data, and what we allow to be created, is incredibly important.  And this extends to companies who process personal data.  In order to limit potential issues arising from the data we hold as organisations it is imperative that we know what we have, where we have it, and if it is being actively used in our processing, or if it is just redundant.  As such, tools like dataBelt, which can index all data across all repositories, classify it, and report on its status, are vital in a new age where we all need to be responsible for information that belongs to us, or is provided to us in exchange for a service.

 

 

More:

• For information about our data protection services, please click here.
• Data leakage case study