Facebook social media app logo from Meta on mobile phone screen showing message encryption

Message Encryption Not Used in Nebraska Felony Abortion Case Involving Subpoena of Facebook Messenger

Most of the major instant messenger services now enable message encryption by default; Facebook Messenger is the one major holdout that does not, requiring the user to proactively find and activate it in its menus. That design decision paved the way for a 41-year-old woman in Nebraska to be charged with a felony for assisting her teenage daughter in taking abortion pills. Both women are facing charges relating to concealing a death after the daughter claimed the fetus was stillborn.

The case is unusual in that it coincidentally happened to play out just before the overturn of Roe v. Wade in late June, with police initially investigating it as a false report and mishandling of remains rather than an illegal abortion. However, in the wake of the Roe decision state law enforcement and prosecutors have expanded powers to legally request such information from online platforms.

Facebook’s opt-in message encryption ensnares Nebraska abortion seeker

Norfolk resident Jessica Burgess and her daughter Celeste face charges primarily due to evidence obtained from their Facebook Messenger conversations. The pair appear to have not enabled the optional message encryption, which might have stymied law enforcement efforts. Instead, Facebook was served with a legal warrant and returned a set of messages in which mother and daughter (who was 17 at the time) discuss how to properly use abortion pills.

The daughter also made reference to “burning the evidence” in one of the messages. The abortion took place in April, about two months prior to the overturn of Roe, and was not illegal at the time. The police appear to have been investigating the case as a mishandling of human remains when the Dobbs v. Jackson ruling that overturned Roe came down. After that decision, Nebraska reinstated its pre-Roe state law that bans abortions after 20 weeks; Celeste had been 23 weeks pregnant when it was done. Madison County Attorney Joseph Smith subsequently filed illegal abortion charges and is trying the girl as an adult.

It is unclear if the state abortion law charges will hold up in court, as members of the Supreme Court opined that retroactively charging someone in this manner was a likely violation of the Due Process Clause or the Ex Post Facto Clause. Mother and daughter still face separate serious charges in the concealment of the abortion, however, which were used as the basis for the June 7 warrant that led to the turnover of their Facebook messages. Parent company Meta has indicated that the warrants were valid at the time under Nebraska state law and that it was legally compelled to cooperate.

In addition to messages dating back to April 15, the Nebraska police asked Facebook for images Jessica Burgess was tagged in, wall postings, her profile information and friend contact lists. Meta says that the warrants were accompanied by non-disclosure orders and the information that it can share is limited.

Should message encryption be the focus, or removing data from big tech’s hands?

Over the years Facebook has maintained that it pushes back against “bad” or “overbroad” law enforcement requests, but that the ultimate layer of security for users is end-to-end message encryption that prevents it from seeing what they type. However, it continues to have its message encryption off by default even as it becomes the out-of-the-box setting of most of its major competition.

That would have not necessarily changed the outcome of this particular case, as if message encryption had been enabled the mother and daughter likely would have had their phones and devices searched for messages as the next move. Some privacy advocates argue that big tech should not be holding this much information for this long in the first place, particularly as laws change to create situations that might be abusive to individuals.

That would mean less data to feed the economic engine of companies like Meta, however, which is likely the reason that Facebook’s message encryption is not only off by default but relatively complicated to access (it must be manually enabled for each individual conversation and does little to remind users to turn it on each time the service is used).

While Facebook may not have been legally able to refuse the warrants in this case (and while they came prior to the Roe decision), the obtuse design of Facebook Messenger’s privacy settings and its seeming lack of resistance to the search are not earning the company any good will. A small movement popped up on other social media sites in the wake of the news calling on supporters of Roe v. Wade to delete Facebook. Meta has responded to the incident by promising a feature called “secure storage” that protects already-sent messages with a PIN known only to the user, removing them from company visibility.