Get all your news in one place.
100’s of premium titles.
One app.
Start reading
The Guardian - US
The Guardian - US
Technology
Johana Bhuiyan

Google promised to delete location data on abortion clinic visits. It didn’t, study says

Building with Planned Parenthood sign and brick walls.
The Planned Parenthood Fairview Heights health center, an abortion clinic in Fairview Heights, Illinois, on 6 May 2022. Photograph: E. Jason Wambsgans/Chicago Tribune via Getty Images

A year and a half has passed since Google first pledged to delete all location data on users’ visits to abortion clinics with minimal progress. The move would have made it harder for law enforcement to use that information to investigate or prosecute people seeking abortions in states where the procedure has been banned or otherwise limited. Now, a new study shows Google still retains location history data in 50% of cases.

Google’s original promise, made in July 2022, came shortly after the supreme court’s decision to end federal abortion protections. The tech giant said it would delete entries for locations deemed “personal” or sensitive, including “medical facilities like counseling centers, domestic violence shelters, and abortion clinics”. It did not provide a timeline for when the company would implement the new policy. Five months after that pledge, research first reported by the Guardian and conducted by tech advocacy group Accountable Tech in November 2022 showed that Google was still not masking that location data in all cases.

At the time, Google said it prioritized user privacy and that it had implemented the changes to its location retention policies in early 2022 “as promised” but that the system must not have detected that the user had visited a Planned Parenthood clinic in some of the cases.

In its newest study, which the Guardian reviewed exclusively, Accountable Tech found that the company still wasn’t deleting location history in all cases as promised, though Google’s rate of retention improved slightly. The rate of retention of location information decreased from 60% of tested cases, a measurement taken five months after Google’s pledge, to 50% of tested cases in the most recent experiment. The director of product of Google Maps, Marlo McGriff, disputed the findings of the study.

“We are upholding our promise to delete particularly personal places from Location History if these places are identified by our systems – any claims that we’re not doing so are patently false or misguided,” McGriff said in a statement.

Accountable Tech replicated its 2022 study to measure Google’s progress. Researchers used a brand new Android device to direct themselves to abortion clinics then tested what location data was stored about their trip. This time the researchers ran eight tests in seven states: Pennsylvania, Texas, Nevada, Florida, New York, Georgia and North Carolina. In four out of eight of the tests, the route to the Planned Parenthood was retained in the device’s location history, though the name of the clinic was scrubbed. Data on searches for for abortion clinics was still retained in the web and activity history as in the researchers’ first test.

“With the same odds as a coin flip, an abortion seeker’s location data might still be retained and used to prosecute them,” the study reads. “On top of that, as we’ve seen through the experiments, Google still retains location search query data, and likely other incriminating data as well – from email to Google search data.”

In examples from the study the Guardian shared with Google, McGriff said the system did not detect a visit to Planned Parenthood and thus did not delete the route. In another case, Accountable Tech researchers visited the Central Harlem Sexual Health Clinic run by New York City Health and Hospitals. Google said a general health facility that provides several services other than abortion care may not be categorized as a “personal” location under the new policy, meaning the information could be retained.

Google’s policies governing the storage of location and other user data sparked renewed concern in the wake of the Dobbs v Jackson Women’s Health case that reversed Roe v Wade. The company receives and responds to tens of thousands of law enforcement requests for access to its vast troves of user data and complies with 80% of those requests with some level of information, according to the company’s government transparency report.

Police and law enforcement agencies have also made increasing use of a novel category of search warrant called “reverse search warrants”. In that category are geofence location warrants, which police use to come up with a list of suspects by seeking out information on all users whose devices have been detected in a certain place at a certain time. Many activists worry law enforcement would use these search warrants to collect data to find and prosecute or investigate those seeking abortions.

Just weeks ago, Google announced that it planned to change the way it stored location history data for all users in a way that could render responding to geofence warrants effectively impossible. The changes include storing location data on users’ devices by default; encrypting any location data that is backed up to Google’s cloud storage and deleting location data after three months.

While Accountable Tech felt Google’s announcement is a “step in the right direction”, the group said the company’s inability to follow through on previous commitments to protect location data shows Google “cannot be trusted to meet its public commitments on the timeline it promises”.

“We cannot take the company on its word,” the group wrote in its study.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.