How a Hacking Case Could Shape Protections For Abortion Clinics
The day of the Bowl-a-Thon, the Eastern Massachusetts Abortion Fund’s biggest event of the year, coordinator Elizabeth Miller woke up to a flood of frantic text messages from fellow volunteers. Coordinators, donors and participants had been receiving emails from the organization’s accounts with pictures of fetuses. Miller sprang into action, sending out emails warning participants not to open the messages. The EMA Fund had been hacked.
“By 5:30 in the morning I was on 11 different text threads with people throughout the organization and everyone was really feeling a level of personal threat that we hadn’t felt before,” Miller said.
FRONTLINE’s 2019 film The Abortion Divide showed how security at abortion clinics has tightened as intimidation against patients and providers has increased — cameras, bulletproof glass. But there are other looming threats to clinics that can’t be stopped by physical barriers: online hacking.
“Our client was the victim of a pretty extreme and abusive computer crime in the middle of their most consequential online fundraising campaign of the year,” said attorney Carrie Goldberg. Goldberg is representing the National Network of Abortion Funds (NNAF) and five of its member organizations attacked in April 2016 — including the EMA Fund — in a civil lawsuit. Experts said that the case, which begins with oral arguments on Sept. 11, could demonstrate how abortion access is protected in the digital age.
According to the civil complaint, alleged hacker Matthew James Davis and 15 unnamed suspected accomplices disabled the NNAF and its member organizations’ fundraising pages through a Distributed Denial of Service (DDoS) attack — a technique in which multiple computer systems target a website and block access for other users. The attack included forging large donations under false names like “Adolf Hitler” and obtaining access to the donor list, which allowed hackers to send registrants emails containing offensive content. According to the complaint, one such message read: “It tickles me to fund abortions for the lower races, such as the Negroes and the Jews… I am indebted to feminism and this new opportunity it has provided to cleanse our future generations.”
The complaint states that the NNAF had to redirect over $200,000 of their funds to crisis management, including hiring legal counsel and an IT security team to deal with the fallout. The five individual state organizations also suffered substantial financial losses. On the day of the hack, the EMA Fund only raised around $10,000. In previous years, it had raised around $25,000.
The plaintiffs are arguing that the alleged attackers violated the Computer Fraud and Abuse Act and the Freedom of Access to Clinic Entrances (FACE) Act. The FACE Act is traditionally used to protect patients and providers from the use of force or physical obstruction that could block access to an abortion clinic. The legislation was passed in response to a hike in violent attacks against abortion care providers in the 1990s, including the murder of a doctor in 1993.
The FACE Act has been used in a few cases involving the internet, but never in a hacking incident. Krysten Connon, an attorney and the co-author of the book Living in the Crosshairs: The Untold Stories of Anti-Abortion Terrorism, thinks it’s a unique use case for the law.
“We’re connected in ways that we haven’t been before,” Connon said. “That has implications in the ways that people access reproductive health services or use anti-abortion harassment violence and other tactics in these spaces that didn’t exist or weren’t conceptualized previously.”
Connon believes that the case will be consequential in highlighting how protective laws like FACE should be interpreted going forward.
“I think there are numerous ways that the law could be strengthened to protect abortion providers online. This lawsuit is helpful in raising awareness around the need to think about some of the laws that are currently on the books as relevant to where we are in 2019,” Connon said.
According to the 2018 statistics gathered by the National Abortion Federation, there were almost 5,500 more reported cases of anti-abortion internet harassment from the previous year. Overall, these numbers have been on the rise since 2015.
Although those statistics only include incidents of email harassment and doxxing (publishing private information about an individual to the internet), Dr. Katherine Ragsdale — interim president and CEO of the federation — said she thinks that the internet is escalating and evolving the ways in which anti-abortion groups target providers. “The rise of the internet has enhanced everyone’s ability to chime in and participate,” Ragsdale said.
There have been a number of successful attempts to hack abortion care providers’ online services since 2014, including incidents at Whole Woman’s Health and Planned Parenthood, according to Wired. The NNAF is the first organization to seek legal action against their alleged hackers, which Goldberg, the lawyer, said she hopes will act as a deterrent.
The plaintiffs are seeking a trial by jury, but the Massachusetts District Court must first decide on the defendant’s pending motion to dismiss.