Policy

The Texas abortion ban could force tech to snitch on users

From Facebook fundraisers to Google ads, tech companies could be asked to give up user data in legal cases brought on by the Texas law.

Protestors stand at a reproductive rights rally

People gather for a reproductive rights rally in Brooklyn.

Photo: Michael M. Santiago/Getty Images

With the Supreme Court deciding not to block Texas' effective ban on abortion this week, fears have been rightly focused on the people in Texas who will be almost entirely barred from receiving an abortion in the state and the providers who will face grave legal consequences for continuing to provide services there.

But the law's construction creates a far broader surface area of risk than even that, enabling anyone to be sued for — knowingly or unknowingly — aiding and abetting the "performance or inducement" of an abortion. As some have pointed out, that tie could be as indirect as an Uber driver giving a woman a ride to a clinic.

Uber is not alone among tech companies in having to figure out a response to this bill. Because now, the tech sector's many social media platforms, messaging platforms, fundraising platforms and more will also have to decide what they will do if, in the process of one of these lawsuits, they receive a legal request for user data.

How will Facebook respond to a subpoena requesting the IP address of an abortion rights group administrator who's been fundraising on the platform? What will Google do if they receive a demand for information on the name and email address of an advertiser targeting Texas women with information on how to obtain an abortion?

Tech platforms such as Facebook or Google have legal protection under Section 230 for content they host. But that doesn't mean they won't face excruciating decisions about whether to comply with subpoenas for user data — the sort of orders they comply with in lots of other legal cases today.

"This law could lead to an explosion of court requests for user data from tech companies that hold troves of it," said Evan Greer, director of the digital rights group Fight for the Future. "I could see it being abused by anti-abortion groups who could potentially use the discovery process in a civil lawsuit to demand sensitive information about people and organizations providing reproductive justice services and information."

There are broader questions of corporate responsibility for tech companies to answer, too. When Indiana passed a law allowing businesses to deny service to same-sex couples, Marc Benioff canceled all of Salesforce's business in the state. When North Carolina passed its infamous "bathroom bill," PayPal canceled plans to hire 400 people at a new facility in Charlotte. Will the industry's calculus be the same now that rights of women are being curbed not in Indiana or North Carolina, but in the country's second-largest state, home to what some have hailed as the next Silicon Valley?

So far, Elon Musk, who made a big show of moving Tesla to Texas this year, summed up his thoughts in a tweet: "In general, I believe government should rarely impose its will upon the people, and, when doing so, should aspire to maximize their cumulative happiness. That said, I would prefer to stay out of politics."

And what about Uber and Lyft? Would they pay for drivers' legal fees if they're sued for giving women a ride? For now at least, tech companies aren't answering any of these questions.

Protocol reached out to tech platforms (Facebook, Google, Twitter and Reddit), rideshare companies (Uber and Lyft), companies with big offices in Texas (Apple, Palantir, Dell and HPE), companies that have boycotted other states (Salesforce and PayPal), telecom companies and organizations (Verizon, AT&T and USTelecom) and the tech lobbying group TechNet. None responded to direct questions about how they would answer court orders requesting user data or how they're managing the impact on their workers.

Two outliers in the industry were Shar Dubey, the CEO of Match Group, which is based in Texas, and Bumble, the dating app founded by Whitney Wolfe Herd. In a statement Thursday, Dubey said: "I immigrated to America from India over 25 years ago and I have to say, as a Texas resident, I am shocked that I now live in a state where women's reproductive laws are more regressive than most of the world, including India."

She added that she is setting up a fund for Texas-based employees and dependents who "find themselves impacted by this legislation and need to seek care outside of Texas." Doing so, of course, puts her at legal risk under the Texas law.

Bumble also said it would launch a relief fund. "Bumble is women-founded and women-led, and from day one we've stood up for the most vulnerable. We'll keep fighting against regressive laws like #SB8," the company said in a tweet.

'You can't really do this in secret and at scale'

While it may take other companies and their leaders more than a day to process the impact of such an unprecedented law, they won't be able to ignore these questions forever, particularly as they pertain to user data. Whether to respond to requests for this type of data may be a hypothetical now, but it won't be for long.

"Anyone who fundraises for abortion patients, providers or tells someone how to get to a clinic, etc., could be at risk," said Priscilla Smith, a resident fellow at Yale Law School's Program for the Study of Reproductive Justice. "Short answer is they could probably get a subpoena to get Google to turn over information about who bought Google Ads."

Tech platforms and telecom giants routinely respond to requests for data from both government bodies and civil litigants when those requests comply with the law. In the second half of 2020 alone, Facebook received government requests for data on more than 300,000 users and complied with more than 70% of those requests. Google received government requests for user information on more than 235,000 accounts last year, 76% of which it complied with. Google also receives thousands of so-called geofence warrants every quarter, which demand data on phones that were located in a certain place at a certain time. Telecom companies including Verizon and AT&T also field hundreds of thousands of criminal and civil demands every year in the U.S. alone.

Federal law limits the breadth of what, exactly, either government bodies or civil litigants can obtain through a subpoena. The law, for instance, would prevent a company like Facebook or Google from sharing the contents of communications, including private messages or emails, in response to a subpoena in a civil suit unless they had the user's consent. But they can share so-called metadata that includes other identifying details, like names, email addresses and IP addresses.

"If there's an identifiable defendant who's being sued, then the usual rules of civil discovery apply here, just as they would in any other case brought under a law that gives people a private right of action," said Riana Pfefferkorn, a research scholar at the Stanford Internet Observatory. "If the identity of the defendant who's being sued for their online speech is unknown — say, a pseudonymous social media account — then there are legal processes for plaintiffs to attempt to obtain identifying information about a user from Google, Facebook, etc."

Pfefferkorn said it's likely that these cases would get tied up in courts, given the tangled knot of free speech issues involved in suing people over something like a Facebook post. "I bet we'll see private plaintiffs sue people for sharing information on abortion access and then fight it out later in the courts as to whether that's 'aiding and abetting' or protected free speech," Pfefferkorn said.

Even so, all of this could wind up having a chilling effect on basic communications regarding abortions in Texas — which is, of course, at least part of the point. There are encrypted platforms where advocates and providers can continue to communicate with people seeking abortions without leaving a paper trail. But relegating these discussions to those platforms also limits their reach. "You can't really do this in secret and at scale," said Nikolas Guggenberger, executive director of the Information Society Project at Yale Law School.

Tech platforms on the receiving end of these subpoenas could fight back too. And it's possible they will. These same companies have always insisted that the only thing that would make them share data is a subpoena, court order, warrant or other valid legal mechanism. They tout that policy as if to say, "Your data is safe with us, except in extreme circumstances." But the Texas bill presents a different kind of extreme circumstance — one in which the law is so broad and so sweeping that yesterday's advocacy could be tomorrow's lawsuit.

Entertainment

Niantic’s future hinges on mapping the metaverse

The maker of Pokémon Go is hoping the metaverse will deliver its next big break.

Niantic's new standalone messaging and social app, Campfire, is a way to get players organizing and meeting up in the real world. It launches today for select Pokémon Go players.

Image: Niantic

Pokémon Go sent Niantic to the moon. But now the San Francisco-based augmented reality developer has returned to earth, and it’s been trying to chart its way back to the stars ever since. The company yesterday announced layoffs of about 8% of its workforce (about 85 to 90 people) and canceled four projects, Bloomberg reported, signaling another disappointment for the studio that still generates about $1 billion in revenue per year from Pokémon Go.

Finding its next big hit has been Niantic’s priority for years, and the company has been coming up short. For much of the past year or so, Niantic has turned its attention to the metaverse, with hopes that its location-based mobile games, AR tech and company philosophy around fostering physical connection and outdoor exploration can help it build what it now calls the “real world metaverse.”

Keep Reading Show less
Nick Statt

Nick Statt is Protocol's video game reporter. Prior to joining Protocol, he was news editor at The Verge covering the gaming industry, mobile apps and antitrust out of San Francisco, in addition to managing coverage of Silicon Valley tech giants and startups. He now resides in Rochester, New York, home of the garbage plate and, completely coincidentally, the World Video Game Hall of Fame. He can be reached at nstatt@protocol.com.

Every day, millions of us press the “order” button on our favorite coffee store's mobile application: Our chosen brew will be on the counter when we arrive. It’s a personalized, seamless experience that we have all come to expect. What we don’t know is what’s happening behind the scenes. The mobile application is sourcing data from a database that stores information about each customer and what their favorite coffee drinks are. It is also leveraging event-streaming data in real time to ensure the ingredients for your personal coffee are in supply at your local store.

Applications like this power our daily lives, and if they can’t access massive amounts of data stored in a database as well as stream data “in motion” instantaneously, you — and millions of customers — won’t have these in-the-moment experiences.

Keep Reading Show less
Jennifer Goforth Gregory
Jennifer Goforth Gregory has worked in the B2B technology industry for over 20 years. As a freelance writer she writes for top technology brands, including IBM, HPE, Adobe, AT&T, Verizon, Epson, Oracle, Intel and Square. She specializes in a wide range of technology, such as AI, IoT, cloud, cybersecurity, and CX. Jennifer also wrote a bestselling book The Freelance Content Marketing Writer to help other writers launch a high earning freelance business.
Climate

Supreme Court takes a sledgehammer to greenhouse gas regulations

The court ruled 6-3 that the EPA cannot use the Clean Air Act to regulate power plant greenhouse gas emissions. That leaves a patchwork of policies from states, utilities and, increasingly, tech companies to pick up the slack.

The Supreme Court struck a major blow to the federal government's ability to regulate greenhouse gases.

Eric Lee/Bloomberg via Getty Images

Striking down the right to abortion may be the Supreme Court's highest-profile decision this term. But on Thursday, the court handed down an equally massive verdict on the federal government's ability to regulate greenhouse gas emissions. In the case of West Virginia v. EPA, the court decided that the agency has no ability to regulate greenhouse gas pollution under the Clean Air Act. Weakening the federal government's powers leaves a patchwork of states, utilities and, increasingly, tech companies to pick up the slack in reducing carbon pollution.

Keep Reading Show less
Brian Kahn

Brian ( @blkahn) is Protocol's climate editor. Previously, he was the managing editor and founding senior writer at Earther, Gizmodo's climate site, where he covered everything from the weather to Big Oil's influence on politics. He also reported for Climate Central and the Wall Street Journal. In the even more distant past, he led sleigh rides to visit a herd of 7,000 elk and boat tours on the deepest lake in the U.S.

Fintech

Can crypto regulate itself? The Lummis-Gillibrand bill hopes so.

Creating the equivalent of the stock markets’ FINRA for crypto is the ideal, but experts doubt that it will be easy.

The idea of creating a government-sanctioned private regulatory association has been drawing more attention in the debate over how to rein in a fast-growing industry whose technological quirks have baffled policymakers.

Illustration: Christopher T. Fong/Protocol

Regulating crypto is complicated. That’s why Sens. Cynthia Lummis and Kirsten Gillibrand want to explore the creation of a private sector group to help federal regulators do their job.

The bipartisan bill introduced by Lummis and Gillibrand would require the CFTC and the SEC to work with the crypto industry to look into setting up a self-regulatory organization to “facilitate innovative, efficient and orderly markets for digital assets.”

Keep Reading Show less
Benjamin Pimentel

Benjamin Pimentel ( @benpimentel) covers crypto and fintech from San Francisco. He has reported on many of the biggest tech stories over the past 20 years for the San Francisco Chronicle, Dow Jones MarketWatch and Business Insider, from the dot-com crash, the rise of cloud computing, social networking and AI to the impact of the Great Recession and the COVID crisis on Silicon Valley and beyond. He can be reached at bpimentel@protocol.com or via Google Voice at (925) 307-9342.

Enterprise

Alperovitch: Cybersecurity defenders can’t be on high alert every day

With the continued threat of Russian cyber escalation, cybersecurity and geopolitics expert Dmitri Alperovitch says it’s not ideal for the U.S. to oscillate between moments of high alert and lesser states of cyber readiness.

Dmitri Alperovitch (the co-founder and former CTO of CrowdStrike) speaks at RSA Conference 2022.

Photo: RSA Conference

When it comes to cybersecurity vigilance, Dmitri Alperovitch wants to see more focus on resiliency of IT systems — and less on doing "surges" around particular dates or events.

For instance, whatever Russia is doing at the moment.

Keep Reading Show less
Kyle Alspach

Kyle Alspach ( @KyleAlspach) is a senior reporter at Protocol, focused on cybersecurity. He has covered the tech industry since 2010 for outlets including VentureBeat, CRN and the Boston Globe. He lives in Portland, Oregon, and can be reached at kalspach@protocol.com.

Latest Stories
Bulletins