It’s been just over one year since the fall of Roe v. Wade, and 25 million women now find themselves living in states with abortion restrictions or outright bans. The impact of these restrictions has been devastating – miscarrying women have been denied life-saving medical care by doctors afraid to intervene. Patients have been forced to pay thousands of dollars to travel out of state for care. Millions of Americans have lost their fundamental right to control their own bodies or plan for their family’s future.

These scenes evoke the days prior to the 1973 Roe v. Wade decision. But in today’s world of smartphones and endless data collection, prosecutors looking to enforce restrictive abortion laws have an ally they couldn’t have imagined 50 years ago: Big Tech.

To understand what I mean, let’s zoom in on Idaho and Washington – two states that, despite their shared border, have taken dramatically different approaches on both abortion access and tech regulations.

A tale of two states — Washington and Idaho

Earlier this year, Washington state passed the My Health, My Data Act (MHMDA). The law provides consumers with a suite of important health data protections, including prohibiting tech companies from retaining search or location data from user trips to abortion providers.

MHMDA’s passage was a monumental victory for data privacy broadly. Big Tech companies track virtually everything we do, giving them massive stockpiles of intimate user data that they sell to advertisers. This surveillance advertising model has always been toxic, but it’s particularly dangerous in the post-Roe era. Earlier this year, Accountable Tech found that Google broke their promise to users and is continuing to track and retain sensitive location history data from abortion seekers – potentially aiding in their criminal prosecution.

Thankfully, under the new Washington law, abortion seekers’ sensitive health information will be kept private. Their data can’t be collected by Big Tech companies without explicit consent – meaning it won’t be stored by default (and therefore cannot be turned over to law enforcement in the event of a subpoena).

But just over the state’s border in Idaho, it’s a very different story. 

Last month, Idaho took its attack on reproductive rights to a new extreme when Governor Brad Little signed a new measure restricting out-of-state travel for some abortion seekers. And to date, Idaho has no data privacy laws on the books, meaning that search queries and location data are fair game for companies to collect, store, and turn over to  law enforcement. 

Here’s how it could play out: You live in Idaho and need to travel out of state to access abortion care. So, as one of Google Maps’ more than hundreds of millions of regular users, you begin to do your research on their app. “What’s the nearest place where you could access the care you need?” You find an abortion facility in neighboring Washington state. You map out your route and navigate to your destination. It’s the same pattern you’ve followed a million times before on Google Maps – only this time it’s different. Once you arrive in Washington, your location data is protected by MHMDA. But before you cross the border, Google is not only tracking and saving your location data, they’re saving your Google Maps search queries for “Planned Parenthood” or “abortion provider” as well. And if Idaho law enforcement decides to prosecute you for abortion, they can subpoena Google for this data – and use it as evidence of a crime. 

Because Google is still collecting and storing sensitive health data, a patchwork of state-based privacy laws isn’t enough to protect abortion seekers. States like Washington are right to pass laws protecting health privacy. But as you can tell from the example above, a state-by-state patchwork of laws simply won’t cut it. 

We can help protect abortion seekers by ending Big Tech’s toxic surveillance advertising business model – and that means passing meaningful, national privacy legislation. 

U.S. Representative Sara Jacobs has already taken steps in this direction. Rep. Jacobs recently re-introduced the My Body, My Data Act, which would create a new national standard for reproductive health data privacy. Like the Washington bill and another similar bill passed in California, it would protect search queries related to obtaining health services like abortions, and create a geofence around sensitive health locations to keep Google from tracking visits to abortion clinics. But unlike in Washington state, this standard would apply to the whole nation – with no loopholes.  

We urge policymakers to continue this push for national health policy protections. As long as companies like Google can stockpile sensitive user data so they can continue profiting billions of dollars through their surveillance advertising business models, abortion seekers will remain unsafe.