Professor discusses personal data risks in post-Dobbs era

When you go shopping or visit the doctor, your smartphone tracks your journey there. It also tracks what we like and share on Facebook and Instagram; what we listen to on Spotify or watch on YouTube; our credit card transactions.

“All of those things create a data trail,” said Duke’s Jolynn Dellinger, who teaches classes on privacy law and ethics and technology at the Law School and Duke Science and Society.

In Dellinger’s course, “Privacy in a Post-Dobbs World: Sex, Contraception, Abortion and Surveillance,” students consider all the traces that people of reproductive age leave online on a daily basis, and how those could potentially be used against them.

Every moment of the day, almost every website, app and device we use is collecting our data: where we go, who we talk to, what we look for on the internet, what we buy.

For people seeking abortions and also for their partners, it’s not hard to imagine how these digital footprints could suddenly become dangerous.

An Instagram search for “abortion pills,” a log of symptoms in a period tracking app, geolocation data, even a Facebook message to a friend or family member—all of that could be turned over to law enforcement, and with little protection from the Fourth Amendment right against unreasonable searches and seizures, Dellinger explained in a recent piece co-authored with Stephanie Pell of the Brookings Institution.

“In some respects, history is repeating itself,” Dellinger and Pell wrote in a 2024 paper, “Bodies of evidence: The criminalization of abortion and surveillance of women in a post-Dobbs world.”

Indeed, since the Dobbs decision, nearly two dozen states have banned or limited access to abortion.

“It’s true we’ve been here before,” Dellinger said in a recent interview with Duke Today. “But we’re not just going back to something reminiscent of the pre-Roe era.”

That’s because so much of our day-to-day life now leaves a digital footprint, she explained.

Your phone reveals more about you than you think

But it’s not just people seeking abortions who have reason to be concerned.

Research shows that the data trails we leave on our smart phones or social media can be used to infer everything from our political and religious beliefs to our medical conditions and sexual orientation.

In one study led by the University of Cambridge, researchers were able use Facebook likes to predict people’s personalities more accurately than their own spouses could.

The data that our devices collect can also be sent to data brokers who may sell it without our knowledge to insurance companies, advertisers and other third parties.

In a study led by Justin Sherman of Duke’s Sanford School of Public Policy, researchers identified more than 500 data broker websites selling information about U.S. military personnel, including their marital status, home addresses, net worth and credit rating, even their interests in gambling and the number and ages of their children.

The researchers were able to buy information about tens of thousands of servicemembers with little to no vetting, often for as little as 12 cents per person, raising concerns that foreign adversaries could easily get their hands on such data and use it to blackmail or target servicemembers.

Another study by Duke student Joanne Kim found that Americans’ sensitive mental health conditions—ranging from depression and anxiety to PTSD, obsessive-compulsive disorder, and personality disorders—are also on the market.

Health data for sale

In her classes, Dellinger said students are often surprised to learn that the U.S. has no federal comprehensive privacy law regulating how our personal data can be collected, shared, used and stored.

We do have laws that cover certain types of data, like HIPAA for health data, or that cover data related to certain populations, like FERPA for student data. But unlike places such as the European Union, “we don’t have a comprehensive privacy law for the country,” Dellinger said.

“Many people also think ‘oh, if it’s health information, it’s going to be protected,'” Dellinger said. “That’s totally understandable. But it’s really, really wrong.”

Let’s say you use WebMD to search symptoms or go to YouTube or ChatGPT for health advice. Or maybe you use a Fitbit or Apple Watch to monitor your heartrate while you work out, or use an app to track your periods. None of these are covered by HIPAA.

Given these realities, it would seem that no digital data can be perfectly private.

“I do agree that it is very, very difficult for folks to completely maintain their privacy,” said Nick Tripp, Interim Chief Information Security Officer at Duke.

“There’s always the option of opting out,” and forgoing things like social media, wearables, and smart gadgets altogether, he added.

“But I don’t expect that most people are going to want to do that,” Tripp said.

However, Tripp said there are things people can do to make their online activities more private.

The Digital Defense Personal Security Guide, for example, offers a checklist of tips to reduce tracking and data collection while browsing the web, using social media, installing apps and other situations.

“But to some extent, if you participate, you are effectively agreeing to give up some of your privacy,” Tripp said.

The burden is on the consumer

Both Tripp and Dellinger agree that most people are unlikely to spend hours tweaking the default settings of every service they use.

“The way our current privacy protection is in the United States, it puts the burden on the consumer to protect themselves,” Dellinger said. “This is a political question that demands a political answer.”

It’s a view that has bipartisan support.

In the post-Roe era, this information environment has had chilling effects on women’s reproductive health, said Dr. Beverly Gray, MD, associate professor of obstetrics and gynecology at Duke.

Those effects were echoed in an oral history project led by Drs. Gray and Jonas Swartz in collaboration with Duke oral historian Wesley Hogan, a research professor in history and the John Hope Franklin Humanities Institute.

In 65 interviews their Bass Connections team conducted with providers in 17 states and the District of Columbia, a picture emerged of reproductive health care in upheaval.

Some doctors described delays in life-saving care for common pregnancy complications, or doubts about their future practicing in states with abortion bans for fear of legal repercussions.

Others expressed concerns that a lack of abortion training could leave new physicians inadequately prepared to manage miscarriages or treat emergencies such as ectopic pregnancies.

Still others worried that as new physicians across specialties start to avoid states with abortion bans for their training, the talent drain could exacerbate provider shortages in rural and underserved areas.

“I think when people really appreciate the extent of the consequences of state laws criminalizing abortion in the wake of Dobbs, it makes them very concerned about their future choices,” Dellinger said. “What jobs they can take, and where they can live safely and have access to health care in their reproductive years.”

“It’s a perfect storm of privacy problems,” she said. “Twenty-first century surveillance puts this in an entirely different ballpark.”