politics @lemmy.world MicroWave @lemmy.world 10 mo. ago

In the fight over abortion rights, the government bans its first company from tracking medical visits

www.politico.com In the fight over abortion rights, the government bans its first company from tracking medical visits

The settlement is the FTC’s first ban on selling sensitive location data.

The settlement is the FTC’s first ban on selling sensitive location data.

The Biden administration stopped a company from selling data on people’s medical visits on Tuesday, its first settlement on a privacy issue that has many Americans concerned about who can see their most sensitive personal data — particularly visits to abortion providers.

After an investigation, the Federal Trade Commission said it had reached a settlement with Outlogic, a location data broker formerly known as X-Mode Social, which had been collecting information on people’s visits to medical centers.

The settlement is the first major enforcement on location data since a 2022 executive order directed the government to ramp up privacy protections for anyone seeking an abortion.

The FTC has been cracking down on health privacy violations after the U.S. Supreme Court ruled there is no constitutional right to an abortion when it overturned Roe v. Wade in 2022. A Biden executive order in July 2022 directed federal agencies to protect people’s privacy related to reproductive health care services.

16 comments

The Markup found that the data broker was receiving location data from the family-tracking app Life360 as well as dating apps for the LGBTQ community.

Real shame that they'll publicly shame Life360, but not the dating apps selling our their customers. I'm going to assume it's grindr since it's the biggest name that I'm aware of, and surprisingly isn't owned by match group who I was going to throw under the bus.
Wasn't that already illegal due to HIPAA?
- I don't think location data from your cellphone is protected by HIPPA.
- You would really think so right? At this point I’m curious WTF it’s good for.
- This is not the function of HIPAA exactly. HIPAA is primarily used as a way to regulate the sharing of health information, and provides very specific requirements for the sharing of health information, with many caveats.
  
  HIPAA specifically targets healthcare providers (covered entities) and the third-parties (Business Associates) which they work with. More specifically, it provides requirements for the sharing and storage of data from a covered entity to a business associate, and establishes liability in the event of a data compromise for either party.
  
  If the data did not originate from a healthcare provider, likely HIPAA does not apply.
  
  In this instance, the applications identified as sharing the data are not covered entities or even business associates.
- It doesn't contain actual medical data, but a court might be able to conclude that your whereabouts might be protected data from a health privacy perspective.
- HIPAA only applies to Healthcare providers and associated vendors (like insurance companies). If your doctor tells people you had an abortion, it's a violation. If you ask a friend for a ride home from your abortion appointment and they run around telling people, then your friend is a fucking prick but they haven't done anything illegal.
- I really don’t understand why so many people think so many things fall under HIPAA. Just because it is tangentially related to medical information (in this case the fact that your location showed you were close to a medical center), does not mean it falls under HIPAA.
  
  I really don't understand
  
  Because they don't teach anything useful in public schools and it costs $40000 a year to study law
  
  During covid, my company was deemed essential. (Non-healthcare) They would send a email alerting people to the fact that someone had had covid in the building, but refused to name that individual due to it "being a HIPAA violation."
  
  It was so frustrating. I'm like, that's not how that works.
The fact you don't own your device and autonomy is a fundamental human rights violation of what it means to be a citizen. This is feudalism. Our laws lack perspective. This is a fundamental tenor of democracy, the right to ownership autonomy. We have slipped into feudalism. This is a massive regression in human sociopolitical evolution. The rights of ownership and therefore citizenship will require another massive loss of life to reestablish and will take hundreds of years to overcome. This is the new dark ages. Ultimately, we sold ourselves for email and search queries on the internet. This was the catalyst of neo feudalism.
- You had me until the completely assinine assertion that the erosion of privacy has ANYTHING to do with email and internet searches... That is a fucking pathetically ignorant view.
  
  The internet doesn't introduce feudalism. Email doesn't violate privacy. The ONLY thing that has brought this about is capitalism and corporations' endless hunt for more capital.
  
  There is money in violating privacy, and the law failed to keep up. Evil capitalists capitalizing on holes in the law has NOTHING to do with ANY specific technology.
  
  Permanently Deleted
Lina Khan is a rare human being
The US government: Winning where it can for the last 100 years… 🥱
Remember the CAN-SPAM act and how it ended spam forever? Remember how the national Do Not Call registry stopped telemarketing calls once and for all?

Yeah, this is going to do nothing at all.

You've viewed 16 comments.