Speaker 0
0:10 – 0:12
Welcome to Tech Talk. Bye.
Speaker 1
0:13 – 1:06
CT. Welcome to CDT's Tech Talk, where we dish on tech and Internet policy while also explaining what these policies mean to our daily lives. I'm Jamal Magby, and it's time to talk tech. With so much happening in many different places, it can be extremely confusing. Here to help us get our head around the current state of play in reproductive data privacy in America and what it means is president and CEO of for CDT, Alex Gibbons, and Jaqua Parooque, deputy director of the Security and Surveillance Project. Jake and Alex, thank you so much for being here today. Kick us off. Alex, there's so much happening across the country when it comes to reproductive rights. What are the tech related threats CDT has been most focused on?
Speaker 0
1:07 – 3:06
So after the Dobbs decision came down in June, we quickly realized that the landscape for reproductive rights and access to information is just very different from the time before the Roe v Wade decision, came down. So we thought a lot about the huge amount of information that we now share in the course of our daily lives that could be used in prosecutions relating to abortion and even the private bounty hunter lawsuits that have been authorized in certain states, under laws that can now go into effect after the overturning of Roe v Wade. What that meant is thinking about, you know, what the tech companies are doing in terms of the amount of information that they collect about people, things like location information, your search history, your browsing history, your purchase history, you know, the content of your text messages or, you know, other communications with friends and family. So, really, how do we tie this to the existing push to better protect people's sensitive health information? Another area we've been really focused on is law enforcement access to data. Of course, CDT has worked on this issue for decades. This is why Jake is on the the meeting with you now. But really tightening here how we think about, how easy it is for law enforcement to access this type of information and what are the appropriate protections that should be in place. And then the final area we've been thinking about is access to reliable information online about access to reproductive care. So how social media platforms are thinking about moderating this type of content, how we push back on the growing number of state laws that have been introduced to limit people's ability to speak about access to reproductive care online. And then also making sure that when people do access information online, it's rely it's as reliable as possible. So really making sure we're thinking about that avenue as well.
Speaker 1
3:08 – 3:17
So I wanna ask you, Jake. We've been hearing a lot about these shield laws. What what are they, and how how do they protect people's health privacy rights?
Speaker 2
3:18 – 6:52
So there are a variety of different, measures that are referred to under this camp of shield laws. The first are a set of, measures, both laws and executive orders, from democratic governors we saw very rapidly in the wake of Dobbs. And most of those focus on basically saying if you want to pursue a, reproductive health care and get an abortion in this state, we're going to make sure you're not prosecuted, at home in your own state. So we're not going to allow law enforcement to cooperate with requests. We're not going to hand out data or information about activities that occur in our state. We're not going to, you know, assist with an arrest of someone who is in our state. We're not going to arrest doctors even if them performing an abortion in our state is, a crime in your state if it's, you know, from a resident of that state. So it's kind of that first camp of saying, you know, we're shielding our own state and our own boundaries. What we've seen since then is an effort to actually extend shield laws to say, we're going to try to shield data, and private information that might reveal reproductive health choices regardless of where those activities occur. And the first of those laws we saw in California last fall. California enacted a law saying any electronic, communication service provider, which companies like, you know, Facebook, Google, Apple that provide email and messaging services, among, you know, many other, important services and many other data pieces of data they collect, that these companies, if they're based in California, cannot, respond to a warrant, subpoena, or other court order from any state if that has to if that warrant or demand for data has to do with an investigation of an unlawful abortion. So, you know, as a hypothetical, let's say a Texas prosecutor is, investigating a woman who they believe received an abortion in Texas where it is illegal. And they maybe were speaking to friends on Gmail about that, and the prosecutor sends a warrant to Gmail saying, we want this person's emails. We believe it all relate to this investigation. Google under California law now has to say, no. We are not allowed to comply with this warrant. Not even we don't want to. We are forbidden from doing so. So that's kind of the status of that law. That's been in, inactive for almost a year now. It came in last fall. Since then, we've seen, several other states follow suit. First, Washington, a few weeks ago passed a similar shield. Well, actually, it was stronger in a couple of ways because it applies to gender affirming care as well as reproductive health care. And it also has a couple other measures, around the edges that we think are good sort of, safety valves for questions that have come up of the California law since it was enacted. Then finally, New York, around the same time as Washington, just a few days later, enacted its own shield law. This one's much more minor. It only applies to warrants. It was included as it wasn't its own law. It was included as an amendment in one of their budget bills. So I think that's why the text might be a little more narrow. But that kind of is the same principle of if you're looking at these certain types of companies, and they are based in these states with these sort of super shield laws that California, Washington, and to some degree, New York have, they are now not allowed to assist in investigations of abortion, again, even if the investigation, the activities that are being investigated incur are entirely in another state.
Speaker 1
6:53 – 6:56
So it sounds like, Jake, these laws are pretty effective.
Speaker 2
6:57 – 9:20
So far, it seems like they have been. From the from, you know, talking to companies, they haven't seemed to have gotten these requests. And how do we know? I think an important question, from that is kind of, you know, how how can we know when a lot of the time, investigations of abortion are actually enforced under facially neutral laws? And by that, I mean, it's not, you know, a, crime on the book saying, you will face penalties if you get an abortion. It will be prosecutors going after women for things like child endangerment laws or unlicensed medical procedures or, you know, again, things like that that on their face could have nothing to do with abortion, but in that case, are actually trying to prosecute someone getting reproductive health care. Now because of that, the California and the Washington law have what's called an attestation requirement as part of responding to any warrant or court order. Now these companies have to basically get an attestation from law enforcement saying this order has nothing to do with abortion. And it has to do it in that sort of plain language, which is really important because, again, you know, it wouldn't be enough for a prosecutor or a law enforcement officer to say, oh, this is actually a, child endangerment case because maybe that child endangerment case is actually prosecuting, a woman for an abortion and labeling it under that, you know, under that statute. Because it uses more broad language, it can actually sort of flush out whenever there's actually an attempt, to pull up data for reproductive health choices. Now what we've heard from companies so far is that they haven't really actually gotten a request in this field. So, hopefully, it is a measure that's working. It might be just a matter of, you know, these laws are coming into effect slowly. Bands are sort of steadily taking form, and, law enforcement might be steadily working out what sort of other enforcement mechanisms and tools they want to use against women. But, hopefully, these measures will be quite effective. I mean, one thing we do know for sure is that the companies that are, now under the onus of these shield laws are fully intending to comply with them. You know, they ask these questions that the attestation requires. And as far as we know, they believe they would be legally prohibited from, actually complying with a law enforcement demand that would violate the shield law. So, Alex, I wanna turn to you and ask you, without new legislation,
Speaker 1
9:21 – 9:28
is there anything the federal government can do to prevent reproductive health data from falling into the hands of law enforcement or or prosecutors?
Speaker 0
9:29 – 11:27
Yeah. So we've seen some interesting leadership from the Biden administration on this. You know, knowing that there isn't much that that Congress would do specifically on this issue because it is so politically polarized. They have clearly been trying to think about steps that they can use using executive authority. One area where there was movement quite quickly, and it's actually unfolding, you know, now around the one year anniversary of the Dobbs decision, is the Department of Health and Human Services updating something that is called the HIPAA privacy rule. And what they've done is issue a proposed rule that would make clear that when somebody is engaging with their doctor and creating medical records for a medical procedure that is lawful in that jurisdiction, those records are protected from an out of state abortion prosecution. What they're trying to do here is make clear that if people are in a state, you know, engaging in a private dialogue, they don't have to fear what might be, you know, politicized investigations coming from across the border, or if an abortion seeker is you know, leaves their home state, goes to access medical care in a place where that medical care is authorized, that those records are protected, making it much clearer for doctors about the important privacy priorities at stake. So that is now, a proposed rule. It is out for comment. The comment period closed on June 16. And the most interesting thing we'll be seeing kind of how that process unfolds, how they respond to the public comments, and hopefully get that implemented soon. That's been one big push. There's been another area where CDT has been very active, that hasn't yet made progress, but we hope will. And that's looking at how federal investigative resources can be used by states in prosecutions. But Jake's been leading that work, actually. So, Jake, why don't you talk a little bit more about what we're doing and the groups that have joined us in making that call?
Speaker 2
11:28 – 13:23
Yes. So we, have partnered with a very large number of reproductive, rights groups as well as other privacy and civil liberties groups, that focus on tech like CDT does, to look at different types of aid that the government the federal government, provides to state and local law enforcement. And this takes a lot of various forms. It comes through providing sort of, forensics experts on how to, you know, open up and use data in electronic devices like phones or laptops. This comes from, Endacac, which is a, FBI service that focuses on helping local law enforcement basically, get warrants and court orders, to communication services, sort through, which communication services to talk to and what data they can pull from them, and a lot of other similar activities where there's simply, you know, a lot of very complex, investigative needs in the modern ecosystem based around how often we use electronic tools, devices, and services. And, the federal government can basically provide a lot of expertise that state and local law enforcement themselves don't have. A big question that we and these other groups asked is, wait. You know, you're providing all this assistance. Could this assistance end up going to enforcement of abortion bans in states that are are now doing that. So far, unfortunately, we haven't seen a lot of progress from the administration. You know, we've heard that they kind of have heard these concerns that we have raised, but we haven't seen any new policies that would change how these resources can be deployed or sort of set conditions of, okay. You can, you know, use these resources to solve a murder, an assault, a robbery, a serious crime, but you can't use them to investigate or prosecute reproductive health care choices. So that's something that, hopefully, in the future, we'll see the administration get a little more active on.
Speaker 1
13:24 – 13:43
So we've talked about state and and federal laws, but but there's a third category I know that we have here. And, Alex, I know and and that's the private companies. And, Alex, I know CDT has been very focused on how private companies can better protect their users' reproductive information. Can you talk a little bit more about that work?
Speaker 0
13:44 – 19:41
Sure. So CDT has said for years that companies need to do a better job protecting their users' sensitive information. And the current conversation and and fact patterns we're seeing around reproductive data just shine a light on how serious that can be and how much it can impact people's lives. You know, more generally, we are seeing data brokers who can have vast profiles on people, categorizing their mental health, you know, lists of people experiencing depression or ADHD that can then be sold on the open market. Early after the Dobbs decision, we saw reporters by location data that showed where the people visiting a planned parenthood clinic had been immediately before they went there and where they went immediately after. And they could buy that on on the open market, and that information obviously is highly revealing of somebody's personal information as something that could lead to someone being identified. In your intro, you also talked about some of the cases we've seen where, you know, the private communications between a mother and a daughter were used in a state prosecution against that mother for helping her daughter figure out how to purchase abortion medication. So the issues at stake here are really real, and the tech companies are in the middle of it because of the role that they play gathering this type of information, in the course of providing their daily services. So we've been very focused on what they can do about that, and this ties to the types of efforts that we've also been pushing for in legislation, which is limits on how much companies collect. That they should only be collecting the information that is necessary for the delivery of services, and then they need to think really carefully about how long they are keeping that information and when, especially, they are sharing it and who they are sharing it with. So when we see companies hold on to this information for a longer period of time or, you know, passing it along to data brokers or sharing it in the open market, all of that creates new vulnerabilities for their users to be targeted. And companies need to focus on this for a couple of reasons, but the first one is just user trust. The second is, man, there's nothing worse for your brand than being in the midst of one of these very, very controversial prosecutions. And so it really seems not only like the right thing to do in terms of protecting people's privacy, but also like the smart business thing to do, to avoid reputational and legal risk. So CDT has been very involved on this. We do a lot of work behind the scenes direct to company advocacy, and then we recently published a public facing best practices guide for companies that are navigating this to think about these core questions of what they're collecting, how long they're keeping it for, and when they're sharing it. And our goal here wasn't just talking to the big tech companies, some of the examples that I just surfaced now, but also the vast array of small and midsize companies who maybe without even thinking about it suddenly have access to huge amounts of really sensitive information. To give a couple examples of what I mean by that, you know, small app developers now, you know, can gather and collect location data in the course of delivering services and not really think about the fact that actually you might be another area where we've seen it is even in good faith health care providers getting trapped or inadvertently, harming their users because they have marketing pixels on their website that capture who is visiting their website and sometimes even the information that those people are typing in when they try to book an appointment. And those health care providers aren't thinking about the fact they're using an off the shelf packet. You know, it can often have these marketing pixels embedded within it. And lo and behold, they're sharing really sensitive information, with massive marketing networks. So we've been trying to put out best practices, guides for how companies can address this, and advising them on how to do so. And we've seen some results in this. I think some are behind the scenes. Companies are making small changes, not necessarily wanting to put a big target on their back by talking about it publicly. But then we've also seen some efforts, unfortunately, you know, where there's there's kind of been a good start, but a lot more to be done. One area that some companies have talked about, for example, is in trimming down, kind of creating a white list so that they don't save a record if somebody visits a location that is sensitive. For example, a reproductive clinic, but also a a religious institution or something similar to that. So we've looked at ideas like that, supported and congratulated the companies that have done it, but then also noted that that's kind of the tip of the iceberg. There are so many other ways in which this information can be gathered and really making sure that the companies are are making good on those, commitments. The last thing I'll say on this, so we've been, you know, at this for a year after the Dobbs decision, you know, at it for much longer in terms of this broader effort to protect people's, broader health care privacy. And while the work is happening, it's it's not happening fast enough. And so that's why in addition to working with the companies, we really are just more convinced than we've ever been before of the essential need for a federal privacy legislation. Because this needs to not just be companies doing it out of the good of their heart when they suddenly see some news stories that motivate them. This needs to be the rule of the road. The baseline way in which companies operate is when you're gathering sensitive information from which people's health care choices and information can be gathered. You need to be protecting that information every step of the way. So we're pushing forward on legislation in addition to the direct to company work that we do too.
Speaker 1
19:42 – 20:02
That is yes. I mean, federal privacy legislation, I think we could have a whole another episode on how bad, or how necessary that that is needed. But one question I do wanna ask is is, Jake, what should companies do to responsibly handle law enforcement requests? I mean, they're gonna come, and and so what should they do? What what guidance would you give them?
Speaker 2
20:03 – 22:19
Yeah. So this is actually something we have a, training that we, develop with data protocol coming out, soon on, but kind of to give a little rundown of sort of some of the basic steps. The first real item is is kind of going to what Alex said. Starts right before the law enforcement request comes in, which is, you know, think about what data you're going to have in your storehouses. You know, whatever legal demands you get, you cannot hand over data that you do not possess. So it's really important that companies think about the retention practices, about their collection practices. Are they gathering and holding on to data that they truly need to make the product work and to make a better user experience? Or is this just kind of built in automated, you know, standards of, yeah, let's just grab it, grab it. Why not? Because if it's the latter, you might wanna change those practices because that's the most basic step you can take to, you know, stop law enforcement from getting data is just not to have it. Now as far as, let's say, if it is something that's, you know, integral to the service you provide and there are law enforcement requests, it's really important to look at the nature of the demand and to know what's legally obligated under it. So for warrants, that's something that requires probable cause, of wrongdoing and that you'll get you know, that the demand will return evidence. It also requires particularity. You can't go on a fishing expedition where you're saying, give me all the data about this person or all the data about everything you have. It has to be tailored to returning that evidence that you're supposed to be seeking, and it has to be do so in the most narrow and reasonable way possible. So those are things that companies should look for. And if, legal demands don't meet those requirements, if, you know, there doesn't seem to be cause or justification, if things don't seem to be in order, or if, there is not particularity, if it's not a reasonably no request, then the company should, you know, take that to court and say, hey. We don't think that this is a proper, you know, legal demand, and we're not going to follow it until it's, you know, either backed up by due cause or properly narrowed in. You know, of course, doing that means knowing a lot about these laws, having a lot of experience, and ideally having, staff and resources to do it. And I think that's something that companies to keep in mind is that, having this practice means, you know, investing in protecting users' privacy.
Speaker 0
22:20 – 22:39
And I think the one thing to add to that is that now that these state shield laws are starting to pass, companies in those jurisdictions are really gonna have to pay attention and make sure that they're complying. So there's an awareness component to this too as these laws go into effect, for companies to make sure that they have the right infrastructure in place to be protecting information like those laws call for.
Speaker 2
22:40 – 24:41
Yeah. And I'll I'll hop on just to say that that was one really interesting aspect of the Washington law. So I spoke previously about how these laws apply to, electronic communication services and remote communication services. You know, the people that store and help you transmit electronic messages. The Washington law, even though that's mainly who it applies to, had an interesting extra provision where basically they said, even though you're forbidden if you're one of those electronic communications providers from complying, that said any Washington entity is not obligated to comply with, a demand related to an abortion investigation. That seemed to me to strike a really great balance of, you know, understanding that the local mom and pop shop that might have a security camera, that you know, across the street from a planned parenthood that might take footage that one day it gets demanded. They might not know about this, and, you know, you don't wanna throw a huge liability burden on them for, you know, not keeping up to date to a law that they can never expect to apply to. But if you have a company that's outside of that electronic communication service role, but still really cares about this issue, then that gives them a means of saying, wait. I have a provision in this law too. I want to, you know, object to handing over data or compliant with this warrant. So, yeah, I think it's, you know, it's an important balancing act for something like those shield laws because these entities like Facebook and Google, they certainly, you know, should be aware that these types of demands will be coming and have the resources to deal with them and to, account for these new laws. Potentially, if you're applying it to, you know, every company or everyone who might have some sort of data or respond to a warrant in an entire state, that might be so broad it's hard to to keep track of. And I think the Washington law really did a good job threading the needle there, sort of giving a shield to people beyond just the electronic communications providers, but also recognizing that, you know, if you're a a small company, if you're, you know, a very small business that you might not have, you know, the the legal department that someone like Microsoft does to to account for and to learn these rules and how to respond to them in response in a clear manner.
Speaker 1
24:42 – 25:04
One thing I wanna do, I I wanna switch gears just for a second and and, Alex, and and talk about something that I think is really important. And and, Alex, I I pose this question to you. CDT recently formed a task force on protecting reproductive health data immediately after the Dobbs decision came down. What has that group achieved over the past year, and and what are its plans going forward?
Speaker 0
25:04 – 27:40
Yeah. So we created the task force in the wake of the Dobbs decision because we quickly saw that there would be a whole bunch of stakeholders in the holders in the broader tech ecosystem trying to navigate this landscape, particularly as new state laws, and prosecution efforts went into effect. So the task force pulled together folks from reproductive rights groups, health data privacy experts, civil liberties experts, former prosecutors, and then folks from the major tech and telecom companies as well as smaller kind of health service providers really just to create a space that we could break down silos, share information, and form new pathways for community. When we describe those different constituents, they don't spend a lot of time hanging out together. There are many shared tables that have all of those groups together, and we wanted a place, that created some structure and some informal support for just more pathways of communication. I think that's been really successful. The task force is gonna continue going forward, but a lot of the work has been pretty behind the scenes and organic, which is to say we have meetings where we get people together to kind of share information and latest updates and get feedback. But it's also been a lot of one to one bridge building, relationship building, kind of finding the right pathways of entry, to help people address different issues as they think about their own responses. The other piece I'll say is that the the group of folks that we've assembled have just been an incredible resource as CDT has developed its own materials and positions on these topics. So that's everything from when we published guidance for how companies could better protect reproductive health data to our analysis of these state shield laws and how well they are working, what some of the implementation challenges might be, to work that we've done thinking about, the, the HIPAA privacy rule changes, for example, and kind of of what what comments we wanna give HHS and how that could really work in practice. So it's been incredibly useful having a sounding board. Now astute listeners will hear from the groups that I described. Not everybody is on the same page all the time, or from it, but that's actually the point. Right? These are very different perspectives in the ecosystem, and our goal is to create kind of half healthy pathways for conversation even if there isn't always agreement through doing so. And for all of that, CDT's advocacy gets better and sharper because of the relationships that we're able to forge through a group like that.
Speaker 2
27:42 – 29:35
I I'll say from my experience, I I found the task force to be incredibly helpful in a number of ways. I mean, just what I've learned in the last year from talking to, you know, the reproductive rights groups and advocates about sort of the nature of prosecutions in this, what they worry most about, where we need to be focused on has been, you know, really valuable. I mean, just, you know, going back as one example, what I talked about kind of how so often these prosecutions occur under facially neutral laws. I mean, that's something that I think, you know, as someone who didn't work in the space wouldn't have naturally occurred to me, and being able to talk to advocates about that has been really helpful in sort of, you know, raising flags of, hey. Here's what we should be concerned about when we think of things like the shield laws. Here's why something like an attestation rule would be so important. And, yeah, I think at the same time, it's also it's been a really great convenient tool for you know, I mentioned, this the, you know, 50 plus groups we got to sign on to that letter to the administration about federal aid. You know, that I don't think we would have gotten that strong broad set of support without, the task force and all, the ability to sort of network and talk to other groups and learn from people in this space and learn who we should be reaching out to from that. It's also been really helpful for us to sort of play, you know, the role of helping, other groups get informed by each other. You know? On on the flip side, we're often we talk to companies a lot. We've talked to them about sort of how to, comply with the shield laws, how to work on those, what are best practices to engage in. And we've been able to realize kind of, hey. Here's what we're hearing from those companies about what they're doing, about, you know, whether they've gotten requests or as we've seen, generally haven't gotten requests, through reproductive health advocates in a way that hopefully is very helpful for them. So, it's been a great way to learn. It's been a great way to, you know, convene broad sets of stakeholders in ways that can hopefully move the ball and highlight issues. And it's also been, I think, a really valuable way for us to relay information from, you know, various stakeholders to each other. That's fantastic.
Speaker 1
29:36 – 29:55
So and we're at we're at time. So before before I let you both go, and continue doing the fantastic work that you both are doing, I I just would like to hear, are there any final thoughts or anything that, that keeps you hopeful that that, that, you know, we're protecting people's rights and and their health care decision?
Speaker 0
29:56 – 34:15
Well, I realized that we've talked a lot about the privacy issues at stake and not so much about the access to information work that CDT is doing. So I'll spend a minute on that because I think it's just a huge issue, and it's only gonna ramp up in the year to come. So the issues that we're focused on here is how people are able to access reliable, trustworthy information about how to access reproductive care online no matter where in the country they sit, how people are able to exercise their basic first amendment rights. And this is both a legal issue because there's laws being introduced, and litigated and, a company policy issue too. And so CDT is working on both fronts. On the legislation front, we've seen a number of state bills introduced. Fortunately, none yet passed. We've been very active against them that literally do try to ban websites from talking about access to abortion, in a particular state jurisdiction. Obviously, this raises huge first amendment questions. It raises public health questions, and is really just dangerous. You know, no matter how you feel about the actual merits of abortion, limiting people's ability to understand what their options might even be is just is deeply problematic. And so we've really been working in a coalition with a number of groups, to push back on those state laws and show just how plainly unconstitutional they would be. The other area where we've been focusing is, a number of state laws that are not reproduction focused, but do threaten the climate in which reproductive information can be shared. So, for example, in Texas right now, a social media law has gone into effect, is on the books, but is currently being held, because it's been litigated all the way up to the Supreme Court that would require, social media companies to moderate content basically with viewpoint neutrality. And we think that makes it deeply problematic for platforms flexibility and their own rights to be able to take down misinformation about reproductive care as well as, to be honest, hate speech, racial abuse, other types of disinformation. This law touches on many different aspects of society and the type of content moderation that companies rightly want to do, and I think many consumer advocates want companies to be able to do. So that's an instance of a broader online social media kind of governance law that has an effect on these reproductive justice issues. And CDT is there with other, allies and advocates filing amicus briefs in the supreme court watching that litigation as it moves forward. The last piece in that access to information work is really how the companies are responding to this moment. And that's both how they're thinking about their content moderation policies. So when abortion advocates or resource providers, abortion funds are posting information, making sure that that's not being improperly taken down. There's quite a lot of political pressure in some jurisdictions for that content to be taken down. But if it's not violating the platform's terms of service, it should it should be staying up, and they need to be clear about how they're making how they're making those decisions. And another area where I think the companies, are spending time and probably need to be spending more time is pushing back on misinformation or misleading resources. So for example, some of the companies have been undertaking efforts that if you search for abortion in search results, the sites that come up do actually provide abortion services. Like, they're responsive to the query the person is putting in and aren't misleading, you know, maybe crisis pregnancy centers that have a very different goal. If something were appropriately labeled, that's one thing. But if the site is trying to mislead people by running ads or showing up in search results in a in a way that could trick people, into clicking on the wrong links, that's hugely problematic too. So I surface that because it's yet another body of work that's very core to CDT's mission. We believe in this theory of people being able to access the information they need across the board, and it's surfacing in this reproductive justice space as well and is is something we're deeply focused on.
Speaker 2
34:16 – 35:32
Yeah. I I think that's a great summary of kind of the range of work that's going on. I'll I'll I'll just add that, you know, when we sort of started engaging on this in the wake of Dobbs, I think a big mentality for CDT is we're sort of thinking of long term activities like the task force or the reports that we've, you know, started to roll out or other plans is that this is, a marathon, not a sprint. We didn't want to, you know, engage with the hot topic of the month. We wanted to lay the groundwork for what we expect is going to be an incredibly important digital rights issue for a long, long time. And I think we've, you know, certainly seen that borne out by, you know, how things have gone. And I think also, it it plays a lot into what we're looking to going forward. You know, just in my space, like I've mentioned, we haven't really seen cases where the shield laws have kind of proven necessary yet to, press up against demands. We haven't seen cases where federal resources have been flagrantly used for abortion investigations. But, from what we hear from allies, like, this is something that will probably start take time and, you know, just because it hasn't yet, I think we're still keenly awaiting for when it will be happening forward and sort of laying the groundwork for what will our steps be then, what will our next, activities be, what will sort of the next phase of this be. And, yeah, I I think we are kind of still in the early stages of that marathon and preparing for a long run ahead.
Speaker 0
35:33 – 37:21
And then the last thing I'll say, Jamal, like, you know, this is kind of an interesting example of how CDT, like, views its role in the ecosystem. And so, I think a lot about that and how well we're showing up to this conversation. And what I mean by that is that we really do view this work as supporting leaders who have deep subject matter expertise in the precise questions of reproductive rights, but we're also conscious of the resource constraints that they face and the gaps that they face. So what I mean by that is that, obviously, there are reproductive health care providers, reproductive rights groups, who have been working on these issues for a long time. But they might not have the time and bandwidth or be quite as deep to go as specific on the commercial data privacy practices, the online content moderation issues, the law enforcement access to data issues that CDT has been working on for thirty years. And then on the flip side, the tech companies who we spend a lot of time, you know, advocating to, talking to, you know, may not have that many channels to actually hear from the reproductive rights people and, you know, service providers who are doing this work on the ground. So if we're able to step in to help build those bridges, to help supplement people's efforts, to help add some subject matter expertise from the tech angle to support the really important work of folks who are doing this every day on the ground. That means the world to me, and, like, that's how I view CDT contributing to the ecosystem. You know, in this space, we follow this model in other spaces too. But that's deeply important. And to me, it was rewarding that CDT has been able to step up in this space, but also really good motivation to Jake's point of all the work that there is to do, in the months and year ahead.
Speaker 1
37:23 – 37:52
Yeah. As Jake alluded to, it's a it's, well, as he said, it's a marathon, not a sprint. Well, Jake and Alex, as always, it it's been a pleasure having you both, and thank you thank you for joining us. For all our listeners, to keep up with all the work that CDT's policy teams are doing, please visit us at cdt.org and follow us on Twitter, Facebook, and Mastodon at and LinkedIn at Send Them Tech. I'm Jamal Magby, and thank you for talking tech.
Speaker 3
37:56 – 38:22
Hi. I'm Ridley Shetty. I work on the privacy and data project here at CDT. Recently, we've been advocating for stronger federal and state guidance and regulations against consumer data harms that limit economic opportunity. You can support this and all we do here at CDT by going to cdt.org/techtalk and donating. Every donation matters. Thank you for enhancing civil rights and civil liberties in the digital age.