Anti-abortion centers are surveilling clients and may help criminalize them

Clinics across the country have been looking for ways to expand access to abortion care since the Supreme Court overturned Roe v. Wade in June. However, the ruling and potential for the criminalization of abortion raises significant privacy concerns around so-called “crisis pregnancy centers,” which do not offer abortions but use deceptive language around abortion care to mislead clients. 

In a covert effort to serve the anti-abortion mission, these anti-abortion centers amass large quantities of data from those seeking abortion or pregnancy-related services. Advocates worry that with Roe’s fall, anti-abortion centers will release sensitive information to law enforcement to incriminate people who have received an abortion or experienced a stillbirth or miscarriage. 

“We now live in an abortion surveillance state,” explained Jenifer McKenna, the program director of The Alliance and co-author of Designed to Deceive: A Study of the Crisis Pregnancy Center Industry in 9 States. The Alliance recently reissued its 2021 report to include a warning about the proliferating anti-abortion center or “crisis pregnancy center” (CPC) industry, which is well-positioned to act as a surveillance tool. 

How do anti-abortion centers harvest data?

People who go to anti-abortion centers fill out a detailed questionnaire and medical history before accessing the free services they claim to offer, like free pregnancy tests or ultrasounds. The problem? Anti-abortion centers are non-medical facilities, so they’re not bound by federal data protections such as Health Insurance Portability and Accountability Act (HIPAA). 

Tara Murtha, the director of strategic communications at Women’s Law Project and co-author of Designed to Deceive, raised concerns about the lack of transparency from anti-abortion centers. 

“When people agree to share their personal and medical information with CPC volunteers, how many realize their local CPC is affiliated with large anti-abortion groups that will collect and store their data?” Murtha said.

Anti-abortion groups provide the digital strategies and centralized platform that individual centers use to target abortion-minded women.

“Then CPCs feed client information into a mega-database using a client management platform owned by the global anti-abortion group, Heartbeat International,”  McKenna said. 

Privacy International, a group that defends global privacy rights, found in 2020 that Heartbeat International had developed Next Level Center Management Solution, a system that streamlines data collection from individual centers to a cloud. Heartbeat International’s site boasts to ensure 

“no client ever falls through the cracks from the moment you say ‘Hello’ and “we believe we are better together, and our center management software reflects that.” 

The types of data the system collects include name, address, email address, ethnicity, marital status, living arrangement, education, income source, alcohol, cigarette, and drug intake, medications, medical history, STI history, name of referral, pregnancy symptoms, pregnancy history, medical testing information, and eventually ultrasound photos. McKenna explained that Heartbeat International creates digital dossiers of people, essentially digital footprints. 

Heartbeat International markets the system to more than 2700 anti-abortion centers. The industry also has its own software company, called eKYROS, which maintains digital files on clients, McKenna said.

While many anti-abortion center sites claim to keep data confidential, there is no oversight binding them to these assurances. Thrive Women’s Clinic, an anti-abortion center in Texas, has a privacy policy that openly says they reserve the right to disclose information to help law enforcement officials. Centers also incessantly call former clients to keep tabs on them, which raises similar concerns. 

“eKYROS links CPCs to centralized call centers run by [Heartbeat International] and Care Net (another major anti-abortion group steering the CPC industry) that also feed client data into a central database,” McKenna said. 

By calling the support lines, speaking to a chatbot that connects to Next Level Center Management, filling out an online form that might include questions about seeking abortion care, or exchanging information in person, clients unwittingly feed anti-abortion centers data they can hoard. People don’t even have to enter the clinic.

Then there’s digital preying, where centers target advertisements to people in the area through geofencing, the practice of creating a geographic boundary around a certain area through software. Some anti-abortion centers have used geofencing by sending anti-abortion smartphone ads to people in abortion clinics. Massachusetts is the only state to ban anti-abortion firms from geofencing women in reproductive health facilities. 

But that’s not all. 

A recent investigation by Reveal and The Markup found that Facebook is collecting troves of data on people who visit anti-abortion centers. Reveal analyzed nearly 2,500 anti-abortion center sites and found at least 294 shared visitor information with Facebook, such as whether or not someone was considering abortion. 

Facebook siphons data from Meta Pixel, an advertising tool that works regardless of whether someone is logged in to their account and can be stored for years. Using this data, centers can deliver targeted advertising to dissuade someone from seeking an abortion. The data could also be weaponized against abortion-seekers in states with abortion restrictions. 

Why advocates are sounding the alarm

What anti-abortion centers are doing with data post-Roe is unclear, which is cause for concern for many reproductive rights advocates. Heartbeat International’s mission to “reach and rescue as many lives as possible” and Next Level’s mission of “taking pregnancy help to the next level,” compounded by the proliferation of centers post-Roe, creates a dismal landscape, fraught with potential for data exploitation. 

“Given its anti-abortion mission, why should anyone trust that Heartbeat International would not share personal data it is storing with law enforcement investigating women where pregnancy and abortion are criminalized?” Murtha said.

Purvaja Kavattur, the research and program associate at National Advocates for Pregnant Women, recalled Latice Fisher, Purvi Patel, and Jennie McCormack, three people whose cases involved digital data weaponization. Kavattur could not mention current cases due to confidentiality but said communities of color are more likely to have their devices subpoenaed and searched. Those who sit on the borderlines of class disparities are also more likely to head to anti-abortion centers for free services, exposing them to potential data exploitation.  

Kavattur explained that through NAPW’s tracking of pregnancy criminalization, most cases don’t start with a scan of digital data—they stem from healthcare providers, friends, and family reporting them to law enforcement. 

In a recent case, law enforcement uncovered a Facebook message exchange about abortion pills between a mother and daughter in Nebraska after a warrant. 

This is congruent with If/When/How’s latest report on the criminalization of self-managed abortions, where healthcare providers and acquaintances comprise the largest portion of how cases garnered law enforcement attention. 

“That, for us, is the primary scare or worry regarding how our digital data can be used against us,” Kavattur said.

Policies in play

Law enforcement can glean data directly from bills like the Every Mother Matters Act (EMMA) in Oklahoma, which would create a call center for those considering abortion and create state registries and subject callers to anti-abortion counseling before receiving care. 

Human Coalition, a partner of EMMA, uses digital strategies to intercept people seeking abortion information online and diverts them to a virtual clinic and contact center where they are referred to anti-abortion centers across the country.

“In some versions, pregnant people forced to go to a CPC would be assigned a ‘unique identifying number’ on their medical record for up to seven years,” Murtha said. 

At the federal level, the House of Representatives is considering a first-of-its-kind bill called the My Body My Data Act, which would protect the privacy and safety of reproductive health data. So far, the San Diego County Board of Supervisors has voted to support the bill, and it is currently gaining momentum in Congress.

Without HIPAA-like protections, anti-abortion centers are free to keep collecting, aggregating, and using data about pregnant people with impunity, McKenna said. 

“It goes without saying in this post-Roe landscape, there will be an uptick in pregnancy criminalization of all sorts, to include people’s online data,” Kavattur said. 

Xenia Ellenbogen (she/they) is a freelance reproductive rights and mental health writer. She focuses on reproductive health and justice, LGBTQIA+ issues, menstrual equity, and trauma. She has a BA in writing...