Digital Dragnet: How Prosecutors Are Using Your Phone to Enforce Abortion Bans

Sara Geoghegan of the Electronic Privacy Information Center warns that America’s surveillance infrastructure—built for advertising and national security—is now being used to criminalize abortion care

As the legal landscape around abortion continues to fracture after the fall of Roe v. Wade, a new threat looms for patients and providers alike: digital surveillance. Sara Geoghegan, senior counsel at the Electronic Privacy Information Center (EPIC), says the once-distant fear of Big Brother has become a genuine, daily concern for people seeking or providing reproductive care.

“We live in a surveillance state, and we don't live in a pre-Roe world, even though we've lost the protections of Roe,” Geoghegan said.

Geoghegan outlines a sobering array of tools now available to prosecutors. Through subpoenas, law enforcement can access location data from mobile phones, Google Maps history, search queries, and even medical records. Two particularly invasive techniques—geofence and reverse keyword warrants—enable authorities to identify individuals who were near abortion clinics or searched for abortion-related information. Cell tower data, license plate readers, and even surveillance camera footage can then be layered to create a detailed timeline of someone’s movements.

The targets of such investigations vary depending on the state, Geoghegan explains. Patients, providers, and even those who help others obtain abortions may be charged. Some states are now criminalizing assistance across state lines, creating a chilling effect that has led some providers to close down services entirely out of fear of prosecution.

Legal protections for patient privacy are increasingly uncertain. Although HIPAA generally prohibits unauthorized sharing of medical records, a federal rule that barred the disclosure of information related to lawful reproductive care was recently overturned by a Texas court. That decision has sown confusion among providers, many of whom now feel pressured to comply with law enforcement requests even when they may not be legally required to do so.

Telehealth services, which have become a lifeline for abortion access in restricted states, are also in the crosshairs. While they are generally subject to HIPAA regulations, conflicts between state shield laws and out-of-state subpoenas are setting up new legal battles, with some attorneys general refusing to comply with data requests from other jurisdictions.

Another underreported risk is the use of third-party website trackers. Many health providers unknowingly embed cookies or pixels that share user data with tech companies, including social media platforms. While some groups have halted the practice after being made aware, Geoghegan emphasizes that the best practice is to eliminate all unnecessary third-party tracking on websites where patients seek information or book appointments.

“They should have sites that only have tracking devices that are functionally necessary,” Geoghegan said. “And any of the information collected that is functionally necessary is limited for those necessary purposes and is deleted shortly after.”

Perhaps most disturbing is the growing role of data brokers—companies that legally buy and sell sensitive information. Anti-abortion groups have already begun acquiring data that could potentially be used to harass or target individuals. Geoghegan points to documented cases in other contexts, like domestic violence, where abusers have purchased personal data to locate or harm their victims. The same tools are now being used to surveil abortion seekers.

“This is a highly dangerous practice that data brokers are facilitating,” Geoghegan said.

Geoghegan argues that meaningful protections must come from legislative action. Federal and state laws should explicitly require law enforcement to obtain a warrant under Fourth Amendment standards before accessing personal data. Regulations must also limit how tech companies store and process reproductive health information and require its deletion when it is no longer necessary. Closing what she calls the “Data Broker Loophole” is also crucial to prevent circumvention of constitutional protections.

But Geoghegan also emphasizes that this is not an entirely new problem. She cautions against framing the current crisis as unprecedented, noting that networks of women and activists have long provided abortion care under threat of surveillance and criminalization. What’s new, she says, is the scale and technological reach of the surveillance tools now being deployed.