Since the Supreme Court’s reversal of Roe v. Wade in June, location data firms, app developers, and online abortion pill providers have been facing increased scrutiny from Congress for trading in sensitive user data that could indicate when someone is seeking an abortion.
The Markup has found that location data company INRIX, which collects, analyzes, and sells aggregated vehicle, traffic, and parking data includes Planned Parenthood clinics in its INRIX IQ Location Analytics dashboard.
Using a free trial of the product, The Markup was able to locate at least 71 Planned Parenthood clinics in dozens of states.
INRIX is a major, established mobility data company that has been in business for 17 years. It lists the U.S. Federal Highway Administration, Microsoft, the Los Angeles Department of Transportation, BMW, Zillow, and IBM among its clients.
The Markup’s findings follow recent reports by Motherboard identifying two other location data firms—Safegraph and Placer.AI—that also included Planned Parenthood visitor data in their similar dashboard products. Both companies have since removed that data.
Mark Daymond, the CTO and data protection officer at INRIX told The Markup in an email, “INRIX receives anonymized data and further de-identifies it then aggregates that data. Identities of individuals are irrelevant for our business.”
The free version of INRIX’s Location Analytics dashboard listed only the address, hours, and average annual daily traffic counts on nearby streets for each clinic, but the paid version shows more detailed statistics for sample points of interests in its database, including demographic and ethnic breakdowns of visitors, visitor counts by hour and day, aggregated heat maps of the origins and destinations for visitors, and drive times to and from the business location.
The Planned Parenthood locations remained in the INRIX dashboard after we contacted the company, and were still there hours before publication of this story. Planned Parenthood did not immediately respond to a request for comment.
Daymond said the approach INRIX takes to limit detail on the maps protects users from being identified.
“Location Analytics only displays results down to the census block group level. We source data from a variety of map providers whose information is commercially available,” he said.
With the legal landscape changing rapidly since Dobbs v. Jackson triggered more restrictive abortion laws, people seeking the procedure face increased risks to their privacy, and many technology companies have been racing to respond.
Anti-abortion activists have used tools built by the location data industry, such as geofencing, to dissuade abortion-seeking patients with targeted ads. Now, the stakes are higher as nine states have criminalized the procedure.
Some Democratic lawmakers are demanding action. Following reports by Motherboard, 14 Democratic senators sent letters to location data companies Safegraph and Placer.AI seeking details about their data collection and asking them to cease including abortion clinics.
Safegraph and Placer.AI have removed the clinics and other sensitive locations from their databases following the Motherboard reports. On July 1, Google pledged to erase visitor location data when a user visits an abortion provider, fertility center, or other sensitive location.
Last week, the House Oversight Committee contacted location data companies Placer.AI, Safegraph, Babel Street, X-Mode (Outlogic), Gravy Analytics, and five reproductive health app developers and asked them to disclose their data collection practices, the sources of their location data, and all data partnerships as part of an investigation into abortion and reproductive health patient data privacy.
“This is a great example of how comprehensive privacy laws need to be put in place that restrict the collection of that kind of data that can be weaponized against users by fingerprinting, identifying them, and selling that sort of behavioral data or identifying data to anyone that wants it, law enforcement or otherwise,” said Daly Barnett, a staff technologist at the Electronic Frontier Foundation.
INRIX, a privately held company based in Kirkland, Wash., offers parking, traffic, and aggregated location data to transportation agencies, car manufacturers, and software developers.
In a brochure for its “Vehicle Trips” product, the company boasts that its data “captures over 150 million anonymous trips” and 36 billion “real-time data points” each day, with updates as frequent as every three seconds.
Location data companies like INRIX, Placer.AI, and Safegraph offer similar products: an easy-to-use dashboard where users can quickly analyze foot and vehicle traffic to millions of retail businesses, highlighting patterns in visits with charts and maps and tools to compare competing businesses.
One of the sample locations The Markup was able to explore was a chicken sandwich restaurant in New Jersey.
Such data is extremely valuable for city planners, retail businesses, and commercial real estate and private equity firms.
The data powering these aggregated insights comes from multiple sources, including mobile phone apps, connected vehicles, traffic sensors, and data purchased from other brokers.
While tracking the aggregate number of people visiting a chicken sandwich shop seems innocent enough, when people are seeking an abortion, the privacy risks change drastically.
Some location data companies have recognized the risks of including sensitive locations like doctors’ offices and houses of worship.
For example, location intelligence firm Cuebiq publishes a public “Sensitive Points of Interest” policy defining the types of locations it excludes to protect the privacy of the users in its datasets.
INRIX’s privacy policy states that it collects personal data from third-party sources, including “[d]ata brokers from which we purchase data to supplement the data we collect,” though it does not disclose the identity of any of its partners.
The data that powers the dashboard we used contains clues to the source of INRIX’s points of interest (POI) data.
We observed the autocomplete function on INRIX’s dashboard making a call to the API for location data company HERE, which provides location results for a boundary specified by the map coordinates.
There also appears to be a HERE-provided unique ID for each location in the data.
HERE spokesperson Kasey Farrar told The Markup in an email that the company “… maintains robust ‘privacy by design’ data practices with strict terms and conditions for data usage by customers. HERE does not collect origin-destination data of individuals.”
Farrar noted the company’s “privacy charter,” which details some of the specific measures taken to protect user privacy.
The business review site Yelp also makes an appearance in the POI data. Yelp is listed as the “supplier” within the data powering INRIX’s dashboard.
Yelp spokesperson Julianne Rowe said that the company does not have a partnership with INRIX and that businesses “can obtain Yelp content and data through our free API or from an approved partner.”
She noted that the business location, hours, and contact information are all publicly available, including on Planned Parenthood’s website.
There are several categories assigned to the Planned Parenthood locations we found on INRIX. Categories included “Medical Services/Clinics,” “Hospital or Health Care Facility,” and “Consumer Services.”
While most of the data we could see on INRIX’s dashboard appeared to be aggregated, risks do remain for users.
Many companies in the multibillion-dollar location data industry highlight that user privacy is protected, due to the fact that they only sell aggregated data, such as a certain number of people visiting a particular business during a specific week.
Daymond said INRIX does not sell data that is tied to individual users. “INRIX is not a data broker…. We don’t store personal identifiers that can be tied back to an individual to help ensure no personal data is discovered.”
On the industry-wide use of aggregated data to protect user privacy, EFF’s Barnett said that even aggregated data carries risks for user privacy, and individuals can still be identified in some circumstances.
INRIX’s Daymond said, “Our terms of use explicitly prohibit our customers from using our products in a way that violates laws and regulations.”
While business location and visitor traffic may seem innocuous, Barnett said, the context matters. “These seemingly … observed-in-a-vacuum, harmless datasets don’t exist in vacuums. They can be snowballed together too.”
Written By Jon Keegan
Also published here
Photo by Alina Grubnyak on Unsplash