This article is a collaboration with Reveal from The Center for Investigative Reporting. Facebook is collecting ultrasensitive personal data about abortion seekers and enabling anti-abortion organizations to use that data as a tool to target and influence people online, in violation of its own policies and promises. In the wake of a signaling the likely end of nationwide abortion protections_,_ privacy experts are sounding alarms about all the ways people’s data trails could be used against them if some states criminalize abortion. leaked Supreme Court opinion A joint investigation by Reveal from The Center for Investigative Reporting and The Markup found that the world’s largest social media platform is already collecting data about people who visit the websites of hundreds of crisis pregnancy centers, which are quasi-health clinics, mostly run by religiously aligned organizations whose mission is to persuade people to choose an option other than abortion. Meta, Facebook’s parent company, prohibits websites and apps that use Facebook’s advertising technology from sending Facebook “ ” data. sexual and reproductive health After investigations by in 2019 and in 2021, the social media giant to help detect sensitive health data and blocked data that contained any of 70,000 health-related terms. The Wall Street Journal New York state regulators created a machine-learning system But Reveal and The Markup have found Facebook’s code on the websites of hundreds of anti-abortion clinics. Using , a Markup tool that detects cookies, keyloggers, and other types of user-tracking technology on websites, Reveal analyzed the sites of —with data provided by the University of Georgia—and found that at least 294 shared visitor information with Facebook. Blacklight nearly 2,500 crisis pregnancy centers In many cases, the information was extremely sensitive—for example, whether a person was considering abortion or looking to get a pregnancy test or emergency contraceptives. In a statement to Reveal and The Markup, Facebook spokesperson Dale Hogan said, “It is against our policies for websites and apps to send sensitive information about people through our Business Tools,” which includes its . advertising technology “Our system is designed to filter out potentially sensitive data it detects, and we work to educate advertisers on how to properly set up our Business Tools.” Facebook declined to answer detailed questions about its filtering systems and policies on data from crisis pregnancy centers. It’s unknown whether the filters caught any of the data, but our investigation showed a significant amount made its way to Facebook. Credit:https://www.facebook.com/privacy/center More than a third of the websites sent data to Facebook when someone made an appointment for an “abortion consultation” or “pre-termination screening.” And at least 39 sites sent Facebook details such as the person’s name, email address, or phone number. Facebook takes in data from crisis pregnancy centers through a tracking tool called the that works whether or not a person is logged in to their Facebook account. Meta Pixel The pixel is largely an advertising tool that allows businesses to do things like buy Facebook ads targeted to people who have visited their website or to people who share similar interests or demographics with their site’s other visitors. This is a mostly automated process in which the business does not have access to information about the specific users being targeted. It’s how this data is later used. not clear Crisis pregnancy centers and other businesses can choose whether to install pixel on their websites, though many website builders and third-party services automatically embed trackers. In 2020, The Markup of the 80,000 most popular sites use the ad tracker, and Facebook has said are on websites across the internet. found that 30 percent millions of pixels Facebook says pixel data can be . stored for years That personal data can be used in a number of ways. The centers can deliver targeted advertising, on Facebook or elsewhere, aimed at deterring an individual from getting an abortion. It can be used to build anti-abortion ad campaigns—and spread misinformation about reproductive health—targeted at people with similar demographics and interests. And, in the worst-case scenario now contemplated by privacy experts, that digital trail might even be used as evidence against abortion seekers in states where the procedure is outlawed. “I think this is going to be a wake-up call for millions of Americans about how much danger this tracking puts them in when laws change and people can weaponize these systems in ways that once seemed impossible,” said Albert Fox Cahn, founder and executive director of the New York–based Surveillance Technology Oversight Project. Facebook and crisis pregnancy centers “are operating with virtually no rules,” he said. Facebook has that are supposed to block sensitive personal data. But the platform’s filters have often proved to be porous against the vast amount of information they take in every day. policies and filters Essentially, that means the company is putting the onus on its advertising clients to monitor themselves. And Facebook does not have an incentive to crack down on violations of its advertising policies, said Serge Egelman, research director of the Usable Security & Privacy Group at UC Berkeley’s International Computer Science Institute. “That costs them money to do. As long as they’re not legally obligated to do so, why would they expend any resources to fix this?” Using Data to Make Abortion “Unthinkable” Crisis pregnancy centers market themselves as being in the “pregnancy resource” business, offering a range of free or low-cost services from pregnancy tests to baby clothing and “options consultations.” But their mission, articulated by Heartbeat International, the largest crisis pregnancy center network in the world, is : “to make abortion unwanted today and unthinkable for future generations.” far more sweeping Although many centers resemble medical clinics, the majority are not licensed medical facilities. Thus, most are not required to follow most privacy protections against the sharing of personal health information, including the federal Health Insurance Portability and Accountability Act, or HIPAA. In recent years, crisis pregnancy centers have become increasingly savvy about targeting people using sophisticated digital tools and infrastructure. Heartbeat International, for example, has developed suites of products to help individual centers improve their online presence, digital advertising, and data management. These online tools enable the centers to amass , including medical histories, details about prior pregnancies, and even ultrasound photos, and store and share that information with networks of anti-abortion partners. highly personal information As Heartbeat International says on its webpage marketing its : “Big data is revolutionizing all sorts of industries. Why shouldn’t it do the same for a critical ministry like ours?” data management system When asked about Heartbeat International’s data-sharing practices, spokesperson Andrea Trudden said, “Heartbeat International encourages all pregnancy help organizations to utilize a variety of marketing to reach those seeking pregnancy help.” But, she said, “we do not require affiliates to provide such details to us.” Crisis pregnancy centers also have been documented as spreading false or misleading information about abortion, contraceptives, and other reproductive health topics, including on Facebook. In 2021, the Center for Countering Digital Hate found that Facebook showed ads promoting an unproven medical procedure known as abortion pill reversal . as many as 18.4 million times Many of those advertisements were linked to Heartbeat International’s Abortion Pill Rescue Network project, which did not respond to a request for comment. How We Tracked the Data To test how Facebook and crisis pregnancy centers have been using the data the pixel collects, Reveal reporter Grace Oldham created a new Facebook profile in late April solely for this investigation. Then, while logged in to Facebook, she visited the 294 crisis pregnancy center websites that Blacklight found to have a pixel, clicking through each website and, when available, filling out appointment request forms. Oldham conducted the research in a clean browser with a cleared cache. In early May, she and Reveal data reporter Dhruv Mehrotra used Meta’s to and review the data of the clean Facebook account. Privacy Center download They found that Facebook retained data about Oldham’s interactions with 88 percent of those crisis pregnancy center websites, linking her behavior to her Facebook profile. For instance, Facebook knew Oldham had scheduled an appointment with the Pregnancy Resource Center of Owasso, Okla. That state’s Republican governor, Kevin Stitt, signed in late May that bans virtually all abortions from the point of fertilization and took effect immediately. a law The Owasso center did not respond to a request for comment, but after we reached out, Facebook’s tracking pixel was removed from every page on the center’s website. Our analysis found that in if Roe v. Wade is overturned, at least 120 crisis pregnancy centers sent data to Facebook about their website visitors. states that will ban most or all abortions In Tennessee, for example, where the is poised to outlaw abortion statewide, Facebook retained data from Oldham’s interactions with 11 centers. Next Steps Resources in Dunlap sent data to Facebook about every single page Oldham visited on its site. Human Life Protection Act Facebook stored that data and knew that Oldham had submitted an appointment request with the center. Next Steps’ executive director, Debbie Chandler, told Reveal and The Markup that the people she hired to manage her website and marketing disagreed that “any private information was being sent to Facebook.” Credit:Nextstepinfo.org We also found that anti-abortion marketing companies gained access to some of Oldham’s pixel data, even though she never interacted with their websites. These included Choose Life Marketing, whose website claims to help crisis pregnancy centers develop digital strategies to “reach more abortion-minded women,” and Stories Marketing, a social media marketing company for “pregnancy centers and life-affirming organizations.” Those organizations also added Oldham’s Facebook profile to audience groups capable of targeting her and people like her with ads for their services as well as anti-abortion messaging. Choose Life Marketing and Stories Marketing did not respond to requests for comment. custom In their online materials, the marketing companies explain why Facebook plays such an important role in their digital strategies. “Facebook ads have the highest return on investment (ROI) of any type of online marketing—even twice the ROI of Google Ads,” Stories Marketing , adding, “Facebook ads can also be placed on Instagram and other apps for free, extending your reach at no extra cost.” says According to : “Retargeting is an effective method of keeping your center at the forefront of their minds.… This digital marketing method can also help build credibility and trust as women go through the decision-making process because your center’s name becomes familiar to them.” Choose Life We first ran our analysis in February and repeated it using the same methodology in early May. The results of both analyses were similar. As of Tuesday, Facebook still had data about Oldham’s interactions on crisis pregnancy center websites. Abortion Data Collection “Ripe for Abuse” Cahn, of the Surveillance Technology Oversight Project, expressed concerns about how law enforcement agencies could use Facebook data to find people seeking abortions should the procedure become illegal in some states. “It’s ripe for abuse,” he said of Facebook’s data collection. “It seems indefensible to me that we are allowing companies to have so much power to expose our most intimate moments to these platforms and have them use it against us.” In recent years, law enforcement agencies have barraged tech companies like Google and Uber with for user data. demands Often, these legal requests don’t target individual suspects but instead compel the company to divulge data about people in a particular place or searches using specific keywords. According to the most recent data available from , the company received nearly 60,000 government requests for data from July to December 2021 and complied 88 percent of the time. Facebook’s Transparency Center Although crisis pregnancy centers could provide law enforcement with data about anyone who had voluntarily provided personal information, they probably don’t have the technology to disclose specific information about individuals who had merely visited their websites. But Facebook is different. Because the social media company can link activity on a crisis pregnancy center site to an individual’s profile, Facebook is in a much better position to divulge granular data about the center’s website visitors than the center itself. Data from search engine histories played a key role in a 2018 criminal case, in which for second-degree murder after suffering a pregnancy loss at home. a Mississippi woman was indicted The evidence included internet searches the woman had allegedly conducted for how to “buy Misoprostol abortion pill online.” The charges eventually were dropped. “There’s nothing to stop police from using Facebook ad-targeting data the same way they’ve been using Google’s data, as a mass digital dragnet,” Cahn said. Laura Lazaro Cabrera, a legal officer at London-based , said that even metadata, like the titles of webpages or URLs, can be revealing. Privacy International “Think about what you can learn from a URL that says something about scheduling an abortion,” she said. “Facebook is in the business of developing algorithms. They know what sorts of information can act as a proxy for personal data.” Getting Facebook to Fix the Problem Privacy experts have been warning for years that Facebook’s laissez-faire attitude toward how clients use its advertising technology is vulnerable to exploitation. After The Wall Street Journal and New York state regulators exposed how the social media behemoth collected sensitive user data from popular health apps that chart everything from heart rates to menstrual cycles, Facebook claimed to have implemented sophisticated filtering mechanisms to detect and prevent it from taking in sensitive health data. According to , the filters were supposed to block “70,000 terms related to topics such as sexual health and medical conditions.” the Journal But our investigation found that Facebook has continued to ingest data from webpages with obvious sexual health information— including ones with URLs that include phrases such as “post-abortion,” “i-think-im-pregnant,” and “abortion-pill.” Despite Facebook’s official policy prohibiting websites from sending it , it’s unclear what, if anything, the platform does to educate its advertising clients about the policy and proactively enforce it. sensitive health information One way for Facebook to prevent anti-abortion organizations from misusing its ad technology would be to strengthen the filters it already has in place or to discontinue the pixel tool entirely. But the reality, said Egelman of UC Berkeley, is that the company’s in advertising revenue creates a huge financial disincentive to block user information. $115 billion a year “This is their business. The more data they get, the more targeted advertising they can do, and that’s the gravy train for them: targeted ads,” he said. “If they’re proactive about cutting off sites like that, it impacts their revenue in multiple ways.” In the absence of Facebook action, Egelman says he thinks that the best fix is public pressure and tough legislation. That’s what happened last year, when critical backlash prompted Meta-owned Instagram to its plans for a kids’ version of its social media software. shelve While no comprehensive federal data privacy legislation currently exists in the United States, a called the American Data Privacy and Protection Act was released in early June that, if passed, could increase the Federal Trade Commission’s power to regulate and enforce how companies can use sensitive health data. draft of a bill Until then, however, it remains up to state legislatures to enact consumer privacy protections. Brandie Nonnecke, founding director of the CITRIS Policy Lab at UC Berkeley, said the European Union is creating stronger protections that would apply through the . Digital Services Act The new guidelines, which are awaiting formal approval by the European Parliament and E.U. Council, will require large online platforms, like Facebook, and search engines to proactively identify ways their systems could be abused and create strategies to prevent that misuse. “We’re not in a place where there is robust enough transparency and accountability on these data ecosystems and how they’re being used,” she said, “and especially the vulnerabilities to individuals.” By and Grace Oldham Dhruv Mehrotra Byard Duncan and Surya Mattu contributed to this story. It was edited by Nina Martin, Soo Oh, Rina Palta, and Andrew Donohue and copy edited by Nikki Frick. Grace Oldham can be reached at , and Dhruv Mehrotra can be reached at goldham@revealnews.org . Follow them on Twitter: dmehrotra@revealnews.org @grace_c_oldham and . @dmehro Also published here Photo by on Glen Carrie Unsplash

Facebook

Google

Instagram

Nationwide

Techcrunch

Twitter

Uber

Wall Street Journal

Hospital Websites are Giving Facebook Sensitive Information

How Amazon Treats Warehouse Workers Who Contracted COVID

Every dollar you donate helps support The Markup’s work.

Read My Stories

Too Long; Didn't Read

Facebook and Anti-Abortion Clinics Have Your Info 

Facebook and Anti-Abortion Clinics Have Your Info

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

A Conversation with Kashmir Hill: Envisioning a Chaotic Future

Facebook Ads Market Potentially Dangerous “Abortion Reversal” Procedure

Hospitals Broke Federal Law After Denying an Abortion to a Miscarrying Patient

This Online Abortion Pill Provider Used Tracking Tools That Gave Powerful Companies Your Data

Your Planned Parenthood Data Is Being Collected, Analyzed, and Sold

The Noonification: How Often Do NFTs Pass The Howey Test? (1/13/2023)

A Conversation with Kashmir Hill: Envisioning a Chaotic Future

Facebook Ads Market Potentially Dangerous “Abortion Reversal” Procedure

Hospitals Broke Federal Law After Denying an Abortion to a Miscarrying Patient

This Online Abortion Pill Provider Used Tracking Tools That Gave Powerful Companies Your Data

Your Planned Parenthood Data Is Being Collected, Analyzed, and Sold

The Noonification: How Often Do NFTs Pass The Howey Test? (1/13/2023)

Light-Mode

Classic

Newspaper

Minty

Dark-Mode

Neon Noir

Minty

HN StartUps