Following the US Supreme Court’s decision to overturn Roe v. Wade, the ripples continue to spread.

The ruling removes the constitutional right to an abortion, leaving individual state legislatures to decide whether and under what circumstances a woman may have the procedure.

And in many states, those circumstances are limited or non-existent, meaning that those seeking abortions will be criminalized.

Unsurprisingly, women are scared. Even before this decision, there were prosecutions for ‘feticide’ under homicide and child-abuse laws – as many as 1,300 since 2006, according to National Advocates for Pregnant Women (NAPW).

And there are now serious fears that data from period-tracking apps, online searches, text message, and location, for example, could be subpoenaed in the pursuit of such prosecutions.

My Body My Data

In light of this, a bill restricting the collection and retention of personal reproductive health data has already been introduced in the Senate and House of Representatives.

The My Body My Data Act would limit the personal reproductive and sexual health data that can be collected, retained, used, or disclosed to only what is needed to deliver a product or service. It would protect personal data collected by other entities, such as apps, mobile phones, and search engines, and would also allow people to access or delete their personal data if they choose to.

Similarly, and again in light of the reversal of Roe v. Wade, a new bill, the Health and Location Data Protection Act, has been introduced aiming to ban data brokers from selling health and location data.

Opinions are divided as to the bills’ chances. Both are sponsored by Democrats only (plus independent Bernie Sanders), and are clearly tightly tied to the issue of abortion, which is highly contentious in the US. Neither is likely to get much in the way of Republican support.

Will anything change?

However, there is other legislation making its way through the system that might have a similar effect. The American Data Privacy and Protection Act (ADPPA) was recently approved by a House subcommittee with no dissent, and now moves to the full Energy and Commerce Committee for a vote.

While there’s no specific mention of reproductive data, the Act would give a great deal of protection – and could possibly be amended to specifically tackle the issue. As it stands, though, it limits the collection, processing, and transfer of data to only that which is reasonably necessary.

This covers ‘information that identifies or is linked or reasonably linkable to an individual or a device that identifies or is linked or reasonably linkable to one or more individuals, including derived data and unique identifiers.’

Transfers of this data to third parties are subject to opt-outs and enhanced requirements, and individuals have broad rights to correct, delete, access, and port their personal data.

Sounds familiar? The ADPPA has a lot in common with the EU’s GDPR.

Privacy protections in the US have long lagged behind those in the EU and many other developed nations. And while this has been widely accepted in the past, attitudes are changing. An Ipsos poll earlier this year revealed, for example, that seven in ten Americans agree that controlling who can access their online personal information has become more challenging, and only a third believe that companies generally do a good job of keeping their users’ personal information secure.

Now, following the Supreme Court decision, the issue of data privacy has been firmly dragged into the limelight. And while the link with abortion may make it a more contested issue, privacy legislation may now be more likely to pass now that people have seen such a clear example of why it’s needed. my-body-my-choice