HomeTECHNOLOGYGoogle is failing its post-Roe promise to protect abortion privacy
Google is failing its post-Roe promise to protect abortion privacy
May 9, 2023
When the Supreme Court overturned Roe v. Wade, privacy advocates, including me, raised an alarm that data from smartphones could be used to help prosecute abortions. Google offered a partial solution: It would proactively delete its trove of location data when people visited “particularly personal” places, including abortion clinics, hospitals and shelters.
Nearly a year later, my investigation reveals Google isn’t doing that in any consistent way. And its response to me shows it isn’t taking accountability.
Misleading the public about data privacy practices is possibly illegal under the authority of the Federal Trade Commission. Google’s surveillance of our intimate affairs is not only creepy, it’s also a reminder we’ve left critical elements of our civil rights up to the whims of a giant corporation. (Below, I’ve got some steps you can take to limit Google’s surveillance of you.)
To test Google’s privacy promise, I’ve been running an experiment. Over the last few weeks, I visited a dozen abortion clinics, medical centers and fertility specialists around California, using Google Maps for directions. A colleague visited two more in Florida.
In about half of the visits, I watched Google retain a map of my activity that looked like it could have been made by a private investigator.
For example, last Monday I visited a Planned Parenthood clinic and two nearby hospitals in San Francisco. A week later, my travels to all three locations remained visible in one of my test phones’ location history. Looking back on the map, it clearly reads, “Planned Parenthood — San Francisco Health Center.”
This didn’t happen every time. After I sat for 15 minutes in the parking lots of two clinics south of San Francisco, Google deleted each from my location history within 24 hours. It did the same for my colleague’s two visits to clinics in Florida.
I tested several variables, including how long I stayed at the location, taking photos there, and even tapping a button in Google Maps that says “I’m here.” I couldn’t discern any pattern to what data Google kept and deleted.
Often, Google kept my location on its timeline but only labeled it as the name of a neighborhood rather than a specific clinic. One time, it labeled my visit to a Planned Parenthood clinic as the coffee shop next door, and kept the record.
I shared my experience, including half a dozen screenshots, with Google. Spokeswoman Genevieve Park didn’t address the many inconsistencies and reiterated the company’s previous promise.
“If our systems identify that they have visited certain places that can be particularly personal — including medical facilities like counseling centers, domestic violence shelters, abortion clinics, fertility centers, addiction treatment facilities, weight loss clinics, cosmetic surgery clinics, and others — we will delete that entry from Location History soon after they visit,” Park emailed. She did not specify how Google identifies such locations or how long it takes to delete them.
Google’s response to me also placed the onus on individual users. Park said users have the ability to delete their location data and stop the company from collecting it — if, of course, they know where to look in Google’s mountain of settings.
I’m not the only one who’s spotted Google’s failure. Aditi Ramesh, a policy manager with the advocacy group Accountable Tech, has been doing her own version of this test over the last several months and found similar results. In about 60 percent of her tests, Google failed to delete location data.
“No one should be tracked or targeted for their personal health decisions. But that’s exactly what Big Tech’s business model of surveillance advertising right now is designed to do,” Ramesh told me.
For my tests, I adjusted the privacy settings on iPhones and Android phones to allow Google to log my location history, which it stores on its servers and displays on what it calls your Google Timeline.
Google has that setting off by default, but many Google services — from search to maps — try to get you to hand over location data with the promise of a better experience. If you haven’t adjusted your settings recently, yours might still be on.
Our data problems with Google go even deeper than location: Depending on your privacy settings, Google can also keep a record of your searches and interactions with its apps.
Google never promised it would proactively delete searches related to abortions. But with this setting on, I found Google kept a record of every single search I made for an abortion clinic and also exactly when and how I sought directions to it.
The price of surveillance
Privacy advocates say a digital footprint including location could become evidence used to investigate or prosecute people getting an abortion, providing an abortion or helping someone get an abortion.
Today, most criminal cases for abortion start with a human telling authorities, not data. However data can be accessed or subpoenaed later as evidence, which is why a commitment from Google should still be taken seriously.
“We always find out about how data is being used after — and sometimes well after — it happens. One of the goals of privacy protections is to stop the misuse of information before anything occurs,” says Jake Snow, a senior staff attorney at the American Civil Liberties Union of ACLU of Northern California.
Across the board, Google is increasingly receiving what’s known as “geofence warrants,” where it’s asked to hand over the identities of people known to be in a certain area.
This kind of digital surveillance is also a concern for more than just people seeking abortions. “We’ve seen parents prosecuted for kidnapping or mistreatment of a child for trying to get them gender-affirming care,” Snow said. “It’s not hard to imagine that the repositories of digital information companies Google has could be a target in those kinds of prosecutions as well.”
Rep. Sara Jacobs (D-Calif.) is among a handful of lawmakers who have proposed tightening protection for health information, even when it’s held by companies like Google.
“Google should uphold its promise to delete this location information and keep people’s information private and safe. But it shouldn’t be up to companies to do the right thing or to individuals to know how best to protect themselves,” says Jacobs.
“It’s unacceptable that we’re living in a country where people are increasingly worried that their health care decisions are being policed,” says a Planned Parenthood spokesperson. “We encourage technology companies to also prioritize protecting their users and join Planned Parenthood’s efforts to help ensure no one faces fear or intimidation for seeking or accessing essential health care.”
So what should you do? If you’re in need of care and fear you could run afoul of the law, advocates say your top priority should be understanding who you can trust. If you have a legal question, the organization If/When/How offers a legal helpline.
My colleagues at The Washington Post’s Help Desk prepared a guide on how to avoid leaving a digital trail when seeking an abortion, from incognito browsing to location tracking.
For anyone who wants to make sure Google isn’t following your location: You can see what location information Google already has about you by going to timeline.google.com. To stop it from collecting this information, go to your Google Activity controls page (you’ll need to log in), look for Location History and turn it off.
Or another option: Use fewer Google products. Apple Maps, for one, was designed to minimize data collection, and doesn’t associate where you go with your Apple ID. Where possible, Apple says, it processes location information only on your end device — not on Apple’s servers.