US Government Sues Data Broker, Saying It Sold Abortion Clinic Visitors’ Data

On Monday, the Federal Trade Commission (FTC) filed a lawsuit accusing an Idaho-based data broker of selling location data from over a hundred million phones that could be used to identify abortion providers and where they live, potentially putting them in danger.

According to the FTC, data broker Kochava Inc., has been selling data that reveals people’s visits to locations like abortion clinics, domestic abuse shelters and places that could divulge a person’s LGBTQ identity — sensitive information that could expose people to violence, stalking, harassment, and more.

Further, the FTC says that the data is not anonymized; the company has allegedly been selling data tracking people’s movements and places they regularly visit with time stamps, which could be used to figure out a user’s home address and identity. Kochava even appears to advertise as such on its marketplace, where it suggests “household mapping” as a use for its data, the FTC notes in its lawsuit. The company also offers a free trial for people to access its data.

The FTC said in a statement that it is seeking to get the company to delete the “sensitive” geolocation information that it has posted for sale in order to “protect people’s privacy.” The agency argues that the company could do so without taking major hits to its profits.

“Where consumers seek out health care, receive counseling, or celebrate their faith is private information that shouldn’t be sold to the highest bidder,” FTC Bureau of Consumer Protection director Samuel Levine said.

The company seems to exercise little control over who is able to access its location data, while users are often unaware that their data is being sold, the FTC says. As a result, users can’t take “reasonable steps” to avoid the sale of their sensitive information.

Since the overturn of Roe v. Wade, politicians and abortion advocates have raised concerns that, as criminalization of abortion is increasing, abortion seekers and providers could be inadvertently incriminating themselves through information collected by their phones or phone apps.

Several data brokers have already faced scrutiny for selling data that could be used to identify and harass abortion seekers. Even before the overturn of Roe, tracking data had been used to prosecute people for seeking an abortion.

It’s not solely data brokers that are responsible, however; Facebook, for instance, has been willfully collecting data about people who visit websites of so-called crisis pregnancy centers, organizations that are largely run by anti-abortionists who are trying to dissuade pregnant people from seeking out abortions. Last month, the company also turned over private messages to police to prosecute a woman in Nebraska whose teenage daughter allegedly got an abortion, which is illegal past 20 weeks in the state.

After President Joe Biden signed an executive order in July directing federal agencies to implement guidelines to protect abortion seekers, the FTC said it would crack down on data brokers selling sensitive abortion-related data, including, allegedly, Kochava. The agency also announced this month that it is exploring new guidelines to crack down on data sales and commercial surveillance.