A location data firm is selling information related to visits to clinics that provide abortions including Planned Parenthood facilities, showing where groups of people visiting the locations came from, how long they stayed there, and where they then went afterwards, according to sets of the data purchased by Motherboard.

The data sale is obviously more important in the context of a leaked Supreme Court draft opinion in which Justice Alito indicated that the court is ready to repeal the decision in Roe v. Wade, the decades-old precedent that has provided federal protections to those seeking an abortion. If that draft does become a formal decision, it would immediately fully or partly ban abortion rights in at least 13 states.

How data collecting intersects with abortion rights, or the lack thereof, is likely to gather more attention in the wake of the draft. The country may also see an increase in vigilante activity or forms of surveillance and harassment against those seeking or providing abortions. With this aggregated location data available to anyone on the open market, customers could include anti-abortion vigilantes as well. Anti-abortion groups are already fairly adept at using novel technology for their goals. In 2016, an advertising CEO who worked with anti-abortion and Christian groups sent targeted advertisements to women sitting in Planned Parenthood clinics in an attempt to change their decision around getting an abortion. The sale of the location data raises questions around why companies are selling data based on abortion clinics specifically, and whether they should introduce more safeguards around the purchase of that information, if be selling it at all.

“It's bonkers dangerous to have abortion clinics and then let someone buy the census tracks where people are coming from to visit that abortion clinic,” Zach Edwards, a cybersecurity researcher who closely tracks the data selling marketplace, told Motherboard in an online chat after reviewing the data. “This is how you dox someone traveling across state lines for abortions—how you dox clinics providing this service.”

Do you work in the location data industry or how know else the data is being used? We'd love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on [email protected], or email [email protected].

In the wake of a near-total abortion ban in Texas, for example, people in Texas seeking abortions have increasingly had to travel to other states where abortion access is easier to get the care they need. With Roe set to fall, people seeking abortions who live in conservative states and can afford to are likely to start traveling to get an abortion. Location data could play into whether and how that travel is identified, making it even more urgent for regulators and lawmakers to consider how location data is collected, used, and sold.

The company selling the data is SafeGraph. SafeGraph ultimately obtains location data from ordinary apps installed on peoples’ phones. Often app developers install code, called software development kits (SDKs), into their apps that sends users’ location data to companies in exchange for the developer receiving payment. Sometimes app users don’t know that their phone—be that via a prayer app, or a weather app—is collecting and sending location data to third parties, let alone some of the more dangerous use cases that Motherboard has reported on, including transferring data to U.S. military contractors. Planned Parenthood is not the organization performing the data collection nor benefiting from it financially.

SafeGraph then repackages that location data and other data into various products. On Tuesday Motherboard reported that the CDC bought $420,000 worth of SafeGraph data for a laundry list of COVID-19 and non-COVID-19 use cases. Google banned SafeGraph from the Google Play Store in June.

SafeGraph classifies "Planned Parenthood" as a "brand" that can be tracked, and the data Motherboard purchased includes more than 600 Planned Parenthood locations in the United States. The data included a week's worth of location data for those locations in mid-April. SafeGraph calls the location data product “Patterns.” In total, the data cost just over $160. Not all Planned Parenthood locations offer abortion services. But Motherboard verified that some facilities included in the purchased dataset do. 

Motherboard also searched the SafeGraph website for “Family Planning,” which returned a relevant result of “Family Planning Centers” that people could then buy data related to.

SafeGraph’s Patterns data aims to answer questions like “how often people visit, how long they stay, where they came from, where else they go, and more,” according to SafeGraph’s website. SafeGraph calculates where it believes visitors to a location live to the census block level. SafeGraph does this by analyzing where a phone is commonly located overnight, the company’s documentation suggests.

SafeGraph’s data is aggregated, meaning it isn’t explicitly specifying where a certain device moved to. Instead, it focuses on the movements of groups of devices. But researchers have repeatedly warned about the possibilities of unmasking individuals contained in allegedly anonymized datasets. 

Sections of the SafeGraph dataset Motherboard purchased handle a very small number of devices per record, theoretically making deanonymization of those people easier. Some had just four or five devices visiting that location, with SafeGraph filtering the data by whether the person used an Android or an iOS device as well.

On the data showing where people traveled to a certain clinic based on their census block, potentially across state borders, Edwards said “SafeGraph is going to be the weapon of choice for anti-choice radicals attempting to target ‘out of state clinics’ providing medical care.” Missouri is considering a law to make it illegal to “aid or abet” abortions in other states.

Tracking visitors to abortion clinics has long been a staple in showing the threat posed by location data. In a 2018 investigation, The New York Times took location data and followed multiple people inside it, and unmasked some of those. One of the people followed visited a Planned Parenthood facility, according to the report.

Recently, a Christian-focused outlet The Pillar published a piece that used location data to track the movements of a specific priest and then outed him publicly as potentially gay without his consent.

Planned Parenthood did not respond to a request for comment. SafeGraph did not respond to a request for comment either, which included the specific question of whether the company would continue to sell location data related to abortion clinics.

Subscribe to our cybersecurity podcast, CYBER. Subscribe to our new Twitch channel.

Placer.ai, a location data firm, offers access to multiple caches of data and heat maps on its website that show users where people visiting Planned Parenthood abortion clinics approximately live, raising concerns about how that information could be used by anyone. The data could be used for research about public health and access to abortion providers, but theoretically can also be used by someone to accuse certain clinics of facilitating interstate abortions. Placer.ai only removed the ability to search for Planned Parenthood related data on its website after Motherboard contacted the company for comment on Wednesday.

Location and other data related to abortion clinics has taken on a new significance as a leaked draft opinion indicates the Supreme Court is ready to repeal the decades-old protections of Roe v. Wade to people seeking abortions and those providing them. Anti-abortion activists have previously used similar types of data to send targeted ads to the devices of people in and around Planned Parenthood clinics. A Missouri official previously said the state reviewed Planned Parenthood patient data, in some cases including their menstrual cycles, looking to identify those who had failed abortions. 

Many companies have access to location data of people who visited abortion clinics, but it is often not generally available to the public. In Placer.ai’s case, the ease of access is what changes the threat the data poses: it takes a few minutes to create an account and start viewing data related to a specific clinic.

The news follows Motherboard’s report on Tuesday that SafeGraph, another company in the location industry, was selling aggregated location data of people visiting Planned Parenthood facilities. On Wednesday SafeGraph announced it was stopping the sale of this data through its online shop and API.

Do you work in the location data industry or how know else the data is being used? We'd love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on [email protected], or email [email protected].

“Unprecedented visibility into consumer foot-traffic,” Placer.ai’s website reads.

Placer.ai sources its location data from having the developers of ordinary apps install the company’s software development kit (SDK) into their apps. On its website Placer.ai claims to have over 20 million active devices and its code in over 500 apps. “WiFi, GPS, Beacons, and user motion all play a key part in determining accuracy,” the website adds.

On Wednesday Motherboard made a free account on Placer.ai and used the company’s website to search for “Planned Parenthood.” The site returned multiple locations Placer.ai already had data for. Selecting one of those results provided a dashboard of relevant location and other data, including likely demographic information of who attended this particular facility. For example, according to Placer.ai the Planned Parenthood facility Motherboard selected at random was likely to be visited by someone who is Hispanic with an annual income of between $75,000 and $90,000. The results also showed what specific businesses or landmarks they came from to the facility and went to after, and the total number of visitors. 

Search results on Placer.ai's website on Wednesday. Redactions by Motherboard. Image: Motherboard.

Most notably, Placer.ai presented a heat map that showed what approximate physical location visitors lived in. For example, for a Planned Parenthood facility in California that Motherboard verified offered abortion services, the heat map showed attendees’ calculated homes were in a city to the south of the clinic, another area to the south east, and in close proximity to the facility itself. 

To then access more detailed data from Placer.ai about the specific Planned Parenthood location, a client needs to schedule a meeting with a company sales representative. But the heat maps are available to anyone who takes a few minutes to make a free account.

The concern with showing where people are traveling from to clinics under the looming changes around abortion’s legality is that the data could reveal which clinics are providing out-of-state abortions, something which is set to become a crime in many states if the Supreme Court does repeal Roe v. Wade.

“It's bonkers dangerous to have abortion clinics and then let someone buy the census tracks where people are coming from to visit that abortion clinic,” Zach Edwards, a cybersecurity researcher who closely tracks the data selling marketplace, previously told Motherboard in an online chat after reviewing similar data from SafeGraph.

On Thursday Senator Ron Wyden, who has proposed stronger legislation around the sale of location data and whose office has extensively investigated the data trading market, told Motherboard in a statement that “The threat to women’s privacy and safety is not hypothetical—it’s already here.”

“Shady data brokers have already tracked women to and from Planned Parenthood clinics, and sold their information to anyone with a credit card. It has been obvious for years that location data leeched from phone apps is ripe for abuse. Now that the right to legal abortion is under threat, these shady data brokers are putting people’s lives at risk. Every company that collects, stores or sells personal data should be aware that they could soon be a tool for a radical far-right agenda that is trying to strip women of their fundamental privacy rights,” he added.

Placer.ai responded to an emailed request for comment from Motherboard on Wednesday, but ultimately did not provide a statement. Overnight, Placer.ai quietly removed the ability to search for Planned Parenthood from its website.

Updated: This piece has been updated to include a statement from Senator Ron Wyden.

Subscribe to our cybersecurity podcast, CYBER. Subscribe to our new Twitch channel.

SafeGraph, a location data broker, has stopped offering data related to Planned Parenthood and other similar family planning centers after Motherboard found it was possible to buy information on how many people were visiting the facilities, where they came from, and where they went afterwards, something that experts saw as highly concerning in the wake of the Supreme Court’s potential plan to repeal Roe v. Wade.

SafeGraph’s response Tuesday night shows that location data brokers do and can make decisions about what specific sets of data to make available for purchase.

“In light of potential federal changes in family planning access, we're removing Patterns data for locations classified as NAICS code 621410 (‘Family Planning Centers’) from our self-serve ‘shop’ and API to curtail any potential misuse of its data,” Auren Hoffman, SafeGraph’s CEO, wrote in a blog post published on SafeGraph’s website on Wednesday.

Do you work in the location data industry or how know else the data is being used? We'd love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on [email protected], or email [email protected].

SafeGraph sells access to several different types of data. Those include information on where businesses or other points of interest are physically located in the world; aggregated transaction data on how much money people spend at them; and aggregated location data showing where groups of people who visited these points of interest came from on a census block level, and what other businesses they went to afterwards. That last set of data is based on location information harvested from ordinary apps installed on peoples’ smartphones.

On Tuesday Hoffman tweeted that “we don’t sell any data on individuals.” But in some cases SafeGraph also sells device-specific location data. Activist organization the Electronic Frontier Foundation previously found that SafeGraph sold disaggregated location data to the Illinois Department of Transportation.

On Tuesday Motherboard searched the SafeGraph online shop for “Planned Parenthood” and found the broker had already listed the organization as a “brand” that it had data on. Motherboard also searched for “Family Planning,” which returned a relevant result of “Family Planning Centers.” Motherboard then paid just over $160 for a week’s worth of aggregated location data and other information related to Planned Parenthood facilities.

Zach Edwards, a cybersecurity researcher who closely follows the data trading marketplace, reviewed the SafeGraph data Motherboard purchased and said “It's bonkers dangerous to have abortion clinics and then let someone buy the census tracks where people are coming from to visit that abortion clinic.”

“SafeGraph is going to be the weapon of choice for anti-choice radicals attempting to target ‘out of state clinics’ providing medical care,” he added.

In his blog post, Hoffman wrote “We don’t have any indication that this data has ever been used for bad purposes. We have had many academics that have used this type of data for really good purposes. Taking away this data will impact many academics that want to study this topic (like understanding the impact of legislation on family planning visits). We acknowledge that our decision to take down Patterns for family planning centers could negatively impact this valuable research, but we think this is the right decision given the current climate.”

SafeGraph stands out in the location data industry because it does make the data very easy for anyone to buy, with a self-serve shop that requires no verification on who the buyer is. This could benefit businesses who may only want to buy a small slice of data. But that raises that risk of those who want to abuse the data more readily getting their hands on it.

“Part of democratizing access to data means making it available in a self-serve way. But of course, making data convenient and accessible also has drawbacks. It means we aren’t able to fully control who buys the data. But we’ve never tried to censor or hide anything,” Hoffman’s blog post added.

Motherboard noticed that results for Planned Parenthood and Family Planning had been removed from the SafeGraph store on Tuesday. SafeGraph’s press email address and the company’s CEO Auren Hoffman did not respond to requests for comment on why this was the case on Tuesday. On Wednesday, SafeGraph published its blog post. On Tuesday, Motherboard reported that the CDC developed a long list of COVID-19 and non-COVID-19 related use cases for $420,000 worth of location data it bought from SafeGraph in 2021.

“These decisions are never easy and there will certainly be more conflicting situations in the future,” Hoffman added.

Subscribe to our cybersecurity podcast, CYBER. Subscribe to our new Twitch channel.

Sen. Elizabeth Warren and a group of other Democratic lawmakers have introduced a bill that would essentially outlaw the sale of location data harvested from smartphones. The bill also presents a range of other powers to the Federal Trade Commission (FTC) and individual victims to push back against the multibillion-dollar location data industry.

The move comes after Motherboard reported multiple instances in which companies were selling location data of people who visited abortion clinics, and sometimes making subsets of that data freely available. Such data has taken on a new significance in the wake of the Supreme Court’s looming vote on whether to overturn the protections offered by Roe v. Wade. The bill also follows a wave of reporting from Motherboard and others on various abuses and data sales in the location data industry writ large.

“Data brokers profit from the location data of millions of people, posing serious risks to Americans everywhere by selling their most private information,” Warren told Motherboard in a statement. “With this extremist Supreme Court poised to overturn Roe v. Wade and states seeking to criminalize essential health care, it is more crucial than ever for Congress to protect consumers’ sensitive data. The Health and Location Data Protection Act will ban brokers from selling Americans’ location and health data, rein in giant data brokers, and set some long overdue rules of the road for this $200 billion industry.”

Do you work in the location data industry? Do you know about any more abuses of location data? We'd love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on [email protected], or email [email protected].

Cosponsors of the bill are senators Ron Wyden, chair of the Senate Finance Committee; Patty Murray, chair of the Senate HELP Committee; Sheldon Whitehouse; and Bernie Sanders, chair of the Senate Budget Committee.

The Health and Location Data Protection Actis hugely ambitious in its scope, in that it will rather unambiguously “ban data brokers from selling or transferring location data and health data” barring some limited exceptions, according to a summary sheet of the bill shared with Motherboard by Warren’s staff. Those exceptions include activities that are compliant under HIPAA, the federal law used for protecting healthcare data, and First Amendment speech, the summary adds.

The bill itself more specifically says “it shall be unlawful for a data broker to sell, resell, license, trade, transfer, share, or otherwise provide or make available any of the following forms of data, whether declared or inferred, of an individual.” It then lists location and health data.

The bill defines location data as “data capable of determining the past or present physical location of an individual or an individual’s device.”

Zach Edwards, a privacy researcher who has followed the location and related industries closely, told Motherboard in an email after reviewing the bill that “This legislation would impact location data brokers and big tech companies who make location data for end users available to their partners in unsafe ways.” He added that the phrasing of the bill “makes it clear that organizations who collect location data would have a new responsibility to not expose that location unsafely to their own partners.”

The location data industry is a complex web of companies that fulfill different roles and which provide services to a wide range of clients and use cases. This industry includes ordinary apps that collect the data in the first place and may sell their users’ information directly to other firms; companies that create software development kits (SDKs), which are bundles of code that harvest the data and which they then sell the data onwards; data brokers who act simply as middlemen for other parts of the ecosystem; and companies that package the data into their own products and whose clients sometimes include law enforcement, military, and intelligence agencies.

Uses for location data vary include real estate companies sourcing it to determine how much foot traffic a plot of land may receive, hedge firms to predict if their investment will pay off, and local governments to work out transportation issues. Motherboard previously reported that the Centers for Disease Control and Prevention (CDC) sourced data on millions of phones to see if Americans followed COVID-19 lockdown orders.

Law enforcement and intelligence agencies, including Immigration and Customs Enforcement (ICE), Customs and Border Protection (CBP), the Drug Enforcement Administration (DEA), and the Federal Bureau of Investigation (FBI) have all purchased surveillance products that ultimately rely on the harvesting, transfer, and sale of location data from smartphones. Sen. Wyden has proposed his own legislation, called the Fourth Amendment is Not for Sale Act, that would require agencies to obtain a warrant to get this sort of data. At the moment, agencies can bypass the need for a warrant by purchasing location information from a third party.

The industry is also home to startling abuses. Last year a Christian-aligned publication used location data to allegedly out a homosexual priest without his consent.

“This legislation would impact location data brokers and big tech companies who make location data for end-users available to their partners in unsafe ways.”

Beyond the ban on the sale of location data, the bill includes other mechanisms around enforcement, such as $1 billion in funds for the FTC over the next decade to perform its existing responsibilities and new ones around this law, and powers for the FTC and state attorneys general to sue to enforce the law. Individual people could also sue for damages and injunctions under the bill.

Because the bill goes far beyond banning just the sale of location data related to abortion clinics, and instead encompasses the sale of such data in general, it is likely to face fierce opposition from the massive location data industry. X-Mode, a company that Motherboard revealed was harvesting location data from a Muslim prayer app and which had U.S. military contractors among its clients, paid lobbying group Franklin Square Group $30,000 in 2020 (X-Mode has since rebranded as Outlogic, and was acquired by Digital Envoy in 2021). Venntel, a firm that The Wall Street Journal first reported provided location data based products to U.S. law enforcement, paid $160,000 in 2020, $320,000 in 2021, and so far $80,000 in 2022 on lobbying efforts. Venntel paid that money to lobbying firm Alpine Group.

Other lawmakers have recently proposed another piece of somewhat related legislation. The My Body My Data Act from congresswoman Sara Jacobs (CA-53) aims to stop the collection and transfer of reproductive health data. It also would give consumers the ability to launch lawsuits against companies that violated the practice, the Washington Post reported earlier this month. As the Post added, the bill is unlikely to become federal law given broad Republican opposition to expanding abortion protections and an evenly split Senate. Jacobs told the Post, “We think this can be a model for states as they are trying to figure out how they can best protect people’s right to abortion.”

Edwards, the privacy researcher, added, “This bill from Senator Warren is long overdue, and while it's becoming clearer every day to Americans that their personal lives and decisions are for sale to the highest bidder, it's clear that Senator Warren has a plan to turn the tables on data brokers, and Congress would be wise to pass some version of this important legislation.”

Subscribe to our cybersecurity podcast, CYBER. Subscribe to our new Twitch channel.