Post-Roe world: Facebook ceded messages in Nebraska abortion case

ADVERTISEMENT

The post-Roe digital dragnet is here: Nebraska’s criminal abortion case shows risks from online footprints are real

The case of a Nebraska teenager and her mother who are facing felony charges related to the teen’s abortion is raising new questions about data-sharing between Facebook and law enforcement in a post-Roe v. Wade world.

As the Lincoln Journal Star first reported, prosecutors initially charged the unnamed teen and her mother, Jessica Burgess, for removing, concealing or abandoning a body after learning the pair buried a fetus they said was delivered in an at-home stillbirth in April. The mother is accused of helping her daughter obtain pills for a medication abortion beyond Nebraska’s 20-week abortion limit.

Crucially, two charges, performing or attempting an abortion on a pregnancy at more than 20 weeks and performing an abortion as a nonlicensed doctor, were added retroactively after Facebook gave law enforcement access to direct messages between the mother and daughter.

The case has compounded fears about how prosecutors and law enforcement could harness now-ubiquitous technology — such as texts, direct messages, web searches and cellphone location data — to enforce new state laws banning or strictly limiting abortion. Adding to the risk, some of the newest abortion laws have opened the door to charging anyone who assists with an abortion, even in cases where that involves helping a person travel to a state where the procedure is legal.

ADVERTISEMENT

“A lot of people assume the messages they send on social media platforms are private. But generally, unless the platform states otherwise, they aren’t,” said Allan Liska, an intelligence analyst at the cybersecurity firm Recorded Future. “This means that social media companies can use messages for targeted advertising, and they can share any messages with law enforcement without notifying the user.”

While Facebook offers an option to encrypt a user’s direct messages “end to end” on a mobile device, making them unreadable to the company or law enforcement, that protection is not enabled by default — and its existence may not be obvious to most users. Court documents in the Nebraska case suggest that the teen and her mother were not using the end-to-end encryption feature.

“Why do I advise people seeking abortions to use end-to-end encrypted messaging with disappearing messages turned on? Because of cases like this one, where Facebook messages are being used as evidence,” tweeted Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation, on Tuesday.

The data landscape

The Supreme Court’s decision in late June to strike down Roe v. Wade, and with it end the national right to abortion, drastically remade the legal landscape for reproductive care. Warnings from abortion supporters about the risk of using period-tracker apps quickly expanded to the sea of digital data that is now routinely tracked and sold.

Concerns over how companies might share information with law enforcement over the issue of abortion led Google to announce it will delete location data when someone visits an abortion clinic.

ADVERTISEMENT

Facebook, meanwhile, has made no such promises.

“Nothing in the valid warrants we received from local law enforcement in early June, prior to the Supreme Court decision, mentioned abortion,” said Facebook spokesperson Andy Stone in a series of tweets. “The warrants concerned charges related to a criminal investigation and court documents indicate that police at the time were investigating the case of a stillborn baby who was burned and buried, not a decision to have an abortion.”

Stone added: “Both of these warrants were originally accompanied by nondisclosure orders, which prevented us from sharing any information about them. The orders have now been lifted.”

Facebook has not yet responded to questions about whether it has established policies governing what data it will or will not share in law-enforcement requests related to abortion.

More generally, its parent, Meta, has discussed making end-to-end encryption the default for Messenger — but not until at least 2023.

But questions about how far law enforcement will dip into digital data to investigate potential violations of abortion laws goes well beyond one social media company — even an industry leader like Facebook. “This incident will be the first of many that we see across the country and really the world, where creeping authoritarianism and the surveillance state unite to target human rights and eliminate freedoms,” said David Chaum, the founder of XX network, a privacy-focused messenger and application ecosystem. “People across the world should take notice how your communication devices — mobile phones — are susceptible to pathological authorities.”

The foundational pivot that the Supreme Court’s decision has wrought cannot be overstated. The digital environment that we live in today did not exist when abortion was previously illegal. The Nebraska case is bringing into stark contrast how digital messages can be retroactively criminalized in a post-Roe world.

“While using any social media’s messaging platform is not ideal for sending sensitive messages, as opposed to a purpose-built, encrypted app such as Signal, whenever possible people should enable end-to-end encryption to provide themselves with better protection,” said Liska.

Thanks to Lillian Barkley for copy editing this article.

  • Benjamin Powers
    Benjamin Powers

    Technology Reporter

    Benjamin Powers is a technology reporter for Grid where he explores the interconnection of technology and privacy within major stories.