DeGette, Trahan, Lee Demand Answers From Companies To Protect Users’ Data Privacy
Lawmakers Push Top Messaging and Telecom Companies on Post-Roe Metadata Policies
DENVER, CO – Yesterday, Congresswoman Diana DeGette, co-Chair of the House Pro-Choice Caucus, along with Congresswoman Lori Trahan and Congresswoman Barbara Lee sent letters to the nation’s top messaging and telecommunications companies regarding their metadata collection and disclosure practices which could jeopardize women’s ability to seek out abortion care following the Supreme Court’s decision to overturn Roe v. Wade.
The metadata specified in the letters refers to the data companies are able to collect about communications conducted using a device or application, for instance the time of a message or call, the duration of a conversation, and related phone numbers. Since this metadata refers to information about the communication rather than the content of a message or call, it is generally viewed as less sensitive and has led to widespread bulk collection by companies with relatively less scrutiny. However, as more states enact laws to criminalize abortion care, lawmakers are concerned that the metadata collected by these companies could pose harm for some users.
“Phone call and messaging metadata analysis could reveal a user’s plans to obtain information about and seek abortion care by analyzing the timing, duration, and frequency of calls to abortion providers,” the lawmakers wrote. “In a post-Roe world, phone call and messaging metadata could be used as evidence to establish probable cause that someone has sought an abortion.”
The letters, sent yesterday, were addressed to leaders at Messenger, WhatsApp, Apple, Google, Verizon, and AT&T. The lawmakers demanded answers to the following questions by September 12:
- Do you collect metadata about calls made or messages sent from an individual’s device? If so, how is that metadata used, how long is it stored for, and who has access to it?
- What kinds of controls do users have to view and delete their existing metadata? Can users opt out of future metadata storage? Can users restrict third party access to their metadata? How accessible are these controls?
- What additional measures, if any, have you taken to secure the storage of this metadata?
- Do you alert users when third party companies request phone call and messaging metadata access? Do you alert users when law enforcement requests phone call and messaging metadata access?
- Has your company adopted any policies to restrict the disclosure of metadata that could be used to prosecute or otherwise harass those seeking reproductive healthcare to law enforcement or private actors? What steps do you take to enforce those policies?
- Who is authorized or can be authorized to access the metadata you collect? Are there any limits on who can obtain access to metadata that can be used to prosecute people seeking reproductive healthcare?
A digital copy of the letters can be accessed here.
###