fb-pixel Skip to main content

Abortion ruling could scramble data privacy talks

Abortion rights demonstrators chanted outside the US Supreme Court in Washington, D.C., on Saturday, June 25, 2022.Eric Lee/Bloomberg

The Supreme Court’s decision to overturn federal abortion rights is amplifying Democratic calls to protect reproductive health data and other sensitive information — a push that could muddle negotiations with Republicans as lawmakers look to strike a deal on a bipartisan privacy law.

Democratic officials have warned for weeks that the fall of Roe v. Wade could create fresh privacy risks for those who may become pregnant, whose information they say could be harvested and weaponized to punish people seeking abortions. Separately, a bipartisan group of lawmakers has made groundbreaking progress on efforts to pass federal privacy standards.

But key Democrats are voicing concern that a surging new privacy bill fails to sufficiently protect data related to abortions, which may emerge as a sticking point with Roe now struck down.


In a memo circulated by Democratic staffers on the Senate Commerce Committee and obtained by The Technology 202, aides voiced concern that a bill backed by three congressional leaders “does not adequately protect against” the privacy threats posed by a post-Roe world. Tricia Enright, a spokesperson for Chairwoman Washington Democrat Maria Cantwell, confirmed its authenticity.

According to the memo, the American Data Privacy and Protection Act "makes it harder for women to seek redress when their sensitive health data has been used against them" and would force women to "jump through arbitrary, drawn-out hoops" to sue over privacy violations.

Democratic aides called out provisions overriding state laws and delaying when consumers can bring lawsuits against companies by four years. "During that time, all strong state privacy laws are preempted, leaving fewer enforcement mechanisms for women," they wrote.

Spokespeople for House Energy and Commerce Committee Chairman Frank Pallone Jr., a New Jersey Democrat, and the panel’s ranking Republican, Cathy McMorris Rodgers of Washington state, two lead sponsors, declined to comment.

Senator Roger Wicker of Mississippi, who is the top Senate Commerce Committee Republican and is leading the bill in the upper chamber, said in a statement, “As we work to finalize this legislation, we are continuing to receive feedback about how to provide strong protections for consumers’ sensitive personal information, including health care information not covered by [existing law].”


Alan Butler, executive director of the Electronic Privacy Information Center, EPIC, pushed back on the criticisms, arguing that the bill has more robust enforcement measures than Europe's landmark privacy rules, the General Data Protection Regulation.

"I think it is a really significantly stronger enforcement structure than this memo gives it credit for and the hyper-focus on the private right of action is missing the forest for the trees," he said.

Cantwell has been sharply critical of the bipartisan privacy bill's enforcement mechanism, which would allow for federal regulators, state regulators and consumers to bring privacy lawsuits against companies, but for the latter only after a years-long delay. The "private right of action" for consumers has been a point of contention in privacy talks for years.

Two other Democratic lawmakers voiced concern that the bill, which advanced unanimously at a House markup Thursday, would still leave women exposed to risk.

Democratic Representative Sara Jacobs, a Californian who recently unveiled a bill seeking to protect women’s reproductive health data, said that while she was glad that Congress is finally moving on data privacy, “it’s clear that there is a lot more to do than is currently included in this bill.”


Senator Ron Wyden, an Oregon Democrat and a top privacy hawk, said the bill “unfortunately would not do enough to protect fundamental rights of a woman over her own body and her privacy.” In a statement, Wyden took issue with a “loophole” in the proposal exempting data that’s been stripped of personal information, or “de-identified,” which he argued could still be exploited.

"Data that tracks phones from a doctor's office to where individuals sleep at night would make it trivially easy to re-identify supposedly anonymous data and put women's privacy at risk," he said.

While the bill would not apply to "de-identified data," it would cover any information that is "linked or reasonably linkable . . . to an individual or a device." Butler argued that mitigates Wyden's concern, because data that can be easily linked back to a user would probably be protected.

"The restrictions on data that they're describing in the statute are extremely strict," he said.

While lawmakers have made significant progress toward passing a data privacy law, issues around abortion rights are highly polarized on Capitol Hill.

If the Roe ruling emboldens Democrats to push for more-sweeping proposals and makes protecting reproductive data a rallying cry, it could complicate talks with Republicans.

Cantwell, who is a co-sponsor of Jacobs's My Body, My Data Act, told The Technology 202 in a statement that it's "impossible to separate the impact of the Supreme Court's decision to overturn Roe from the need to pass strong privacy legislation."


She added: “That’s why we also need an additional comprehensive privacy bill that gives victims who suffer serious harms and violations their day in court. A privacy right is only as strong as its enforcement.”