If Project 2025 becomes a reality under a second Trump term, there are several ways it plans to further restrict and surveil abortion access nationwide, including criminalizing the mailing of abortion pills and forcing states to turn over abortion data to the federal government.
Many of these proposals have received wide media coverage thanks in part to Democrats’ aggressive campaigning on Project 2025. But there has been far less attention on how major technology companies—which have increasingly helped people access abortions across state lines in light of bans nationwide—could play a role. In fact, some warn that tech would be key to implementing Project 2025’s anti-abortion goals.
Advocates are now working to preemptively thwart such cooperation. Last week, 15 civil liberties groups sent a letter to the CEOs of eight of the biggest tech companies—including Meta, Apple, TikTok, and Google, among others—demanding they explain how they would protect users’ data and privacy, as well as combat abortion-related misinformation on their platforms if Project 2025’s anti-abortion recommendations were set in motion. “As written, Project 2025 would rely heavily on your companies to further its extreme agenda,” states the letter, which Mother Jones is the first to report. The signatories—which include Accountable Tech, GLAAD, and The Tech Oversight Project—warn that Project 2025’s anti-abortion policies would lead to “heightened surveillance and an increase in the trend of law enforcement using criminal subpoenas to weaponize the consumer data your companies collect and store.”
Many of these concerns have already been realized. Last year, a Nebraska woman was sentenced to two years in prison after Meta gave law enforcement the Facebook messages in which she and her pregnant teenage daughter—who was reportedly past the state’s then-20-week gestational limit (that has since been further restricted to 12 weeks)—discussed obtaining abortion pills and disposing of “the evidence.” Sen. Ron Wyden’s (D-Ore.) office in February accused a data broker of allegedly tracking visits to almost 600 Planned Parenthood locations nationwide and then selling that information to anti-abortion advertisers. Meanwhile, abortion rights advocates say tech platforms have censored their initiatives.
All this, advocates say, makes it critical that tech companies prepare for how they could be deputized to criminalize abortion-seekers if Trump is reelected in November. “These companies are already mechanized to be the stewards of a nightmarish plan like Project 2025,” Daly Barnett, a staff technologist at Electronic Frontier Foundation, a civil liberties group focused on digital rights, told me.
I spoke with Barnett over Zoom this week to discuss how abortion rights advocates can better protect themselves and their privacy online and how tech platforms could protect users in another Trump era.
This interview has been lightly condensed and edited.
What kind of failures or inadequacies have you seen from some of these tech platforms in terms of protecting users’ privacy and data relating to abortion?
There are a lot of passive surveillance technologies, like ad tracking technologies that collect browsing data on people that can be combined with other personally identifiable information and used against people. We have examples of commercial platforms like Google Search and Facebook Messenger used to actually criminalize women in different cases, either for their own pregnancy outcomes or, in the case of Facebook Messenger logs, a woman helping her daughter navigate self-managed abortion.
So these communication platforms or these messaging features on social media apps that aren’t employing good privacy and security practices are suddenly dangerous to people, and I think the tech industry at large has yet to realize how culpable they are.
Can you say more about what sort of digital threats or barriers abortion seekers are facing now, even without Project 2025 being in place?
I tend to break it down into three distinct threat models that people need to be aware of: people navigating healthcare and trying to seek abortion; their allies and advocates; and healthcare workers.
There’s digital evidence being used in abortion-related cases, so these [social media companies] that don’t think of themselves as culpable in abortion access can still be used against people when they have bad privacy. I also think of doxxing. Healthcare workers, especially, those whose information is subject to public records requests and FOIA, information could be used against them if they’re in reproductive healthcare. There are data brokers—which is an unregulated, vampiric nightmare industry that needs to be curtailed yesterday—that are constantly being weaponized against people. It contributes so much to the amount of data that can be collated and collected and used against people to create these vastly sophisticated portraits of who you are, what you’re doing online.
One example I think of with data brokers is [Sen. Wyden’s investigation]. That’s just an example of what happens when you have this unregulated industry that every tech company contributes to because it generates profit for them.
If there were a federal ban on abortion and abortion medications were suddenly outlawed, the surveillance of the mail service or of services that distribute medications like that would be under a newly focused threat of surveillance. Basically every aspect of our lives could potentially be used against us, depending on where we are in the abortion access struggle.
If Project 2025 were implemented under another Trump term, what would it actually look like in practice for some of these platforms to be involved with carrying out some of its anti-abortion aims?
As long as these tech companies have piss poor privacy and security policies—specifically privacy policies—around user data, ad tracking and collection, behavioral tracking of users’ data, they are already mechanized for some really dystopic consequences—Project 2025 or not. We need comprehensive federal data privacy legislation yesterday.
In the meantime, users have to fight for themselves to keep their information and their dignity and safety intact.
As long as communication platforms and messaging features on social media apps— as long as the status quo is not to have good data retention or to not have end-to-end encryption—all of those records are subject to law enforcement requests to enter subpoena, and that will impact users’ safety. We already have examples of this, quite literally, in criminal evidence, so it will only increase in that potential landscape.
What are some of the concrete ways that tech companies can and should bolster privacy and data protection for abortion seekers now and under another potential Trump administration?
I’m glad you asked this; this is the most important thing. I think tech companies need to realize that they are culpable because our lives are connected online, and the industry at large is already mechanized to connect everything about us into one profile and to sell that data to anyone who wants it, including law enforcement.
Everyone needs to take their position seriously in the tech industry. That can start with better data retention policies. You need to have solid encryption at rest so that when law enforcement comes knocking, if you do have anything to hand over, you can be compliant without actually handing over anything that’s useful to the criminal investigations. But also, you can just delete old data. Having good encryption is great, but if you have really good deleting policies, deleting anything that isn’t absolutely essential to operations, that keeps you safe from both law enforcement requests and subpoena, but also data breaches—that’s huge.
Another big thing: stop tracking users on web and mobile platforms. The ad industry is corrupt, and users are wisening up to it. People are already more likely to choose platforms that respect their privacy now, because the overall understanding of privacy is normalized, thankfully, and now that we have a better understanding of how dangerous the data broker industry is, it’s imperative that tech companies do better for people.
Lastly, I would say all of these policies—data retention, not ad tracking, users, etc.—[companies have to] make these things transparent. You need to make it known that you’re a privacy-first alternative to the otherwise dangerous status quo,
How can abortion seekers protect their data and privacy online now, particularly if they are living in states with abortion bans?
Step one is definitely threat modeling. You have to take a serious point of view about what activities you’re up to, who you are in the space, and the risky behaviors or communications or aspects of your life that need to be compartmentalized away from other things. From there, you can begin to take some more meaningful approaches—like compartmentalizing that data, so maybe having multiple browsers and saving a privacy-forward browser like Tor, or maybe Brave, or Firefox with some settings turned up on it, as opposed to a more privacy-invasive one like Chrome.
Knowing when to compartmentalize sensitive communications to a more privacy focused platform [is also important]—so moving off of social media chat applications and onto end-to-end encrypted ones. Knowing how to attend protests safely; knowing what to look for if you’re on the ground and you’re escorting people to and from clinics; getting to know automatic license plate readers; getting to know how your device might be tracked. There’s a litany of measures people can take to protect themselves. Go learn more at Surveillance Self-Defense, where we have a bunch of different educational resources for people to look at.