“When was your last period?” health-care professionals ask patients during routine gynecological exams. Menstrual tracking can help a person achieve or avoid pregnancy, understand fertility, anticipate premenstrual syndrome, and detect cycle irregularities that serve as early warning signs of health problems. But when that information is logged on a smartphone app, it could be used as evidence of criminal activity in states where abortion is restricted.

In the weeks following the Supreme Court’s overturn of Roe v. Wade—the nearly 50-year federal right to abortion access—digital privacy advocates warned of government access to and weaponization of private health information found on period-tracking apps.

Now, some colleges are warning students that the government is not the only entity that may seek to surveil reproductive health information, and period-tracking apps are not the only digital means for doing so. College students’ intimate partners, parents, dorm mates and their colleges, in addition to the government and hackers, may gain access to digital trails that paint a picture of reproductive health decisions. Further, web search histories, text messages and location tracking, in addition to apps, all hold potential to expose students’ private health information.

As colleges adapt to the post-Roe landscape, many have offered students a range of direct, indirect and sometimes outdated messaging about how to protect their virtual privacy.

Direct Messaging

“If we’re living in a system where the act of abortion is defined as a crime, people will get paid to do their job to investigate and prosecute the crime,” said Anton Dahbura, executive director of the Johns Hopkins University Information Security Institute. His message is posted on a university webpage titled “Deleting your period tracker won’t keep your health data private.”

Stanford University also offers an informational page in which the health policy and law professor Michelle Mello reminds the university community that internet service providers may share data with law enforcement for use in criminal prosecutions. These commercial data, which are often sold or shared with third parties, could be used as evidence for enforcing antiabortion laws, according to Mello.

Kelly Martin, a marketing professor focused on digital privacy at Colorado State University, has also spoken about the need for students to safeguard digital reproductive information. She told Inside Higher Ed that students should know that personal health data stored on apps is not protected by HIPAA, the Health Insurance Portability and Accountability Act.

“I might not even consider all of the digital exhaust I’m leaving on the web and the potential incrimination that I’ve created for myself,” she said, suggesting that college women’s health centers discuss that with students.

Jessa Lingel, an associate professor of communications at Pennsylvania State University, said that students should be aware of the ways in which colleges surveil them. For example, colleges may track students’ location with ID cards that provide access to campus facilities, monitor websites students visit while connected to campus Wi-Fi and record the types of phones or laptops students use. Such information could be problematic for students at institutions that do not provide birth control or a range of reproductive health services.

“We have … legislation around student records, and so students have this sense that universities are going to be caretakers of information,” Lingel said. “But searching for … basic information about reproductive health options is not protected in the same way that students might assume.”

A Student Voice survey for Inside Higher Ed last year revealed that students do not know a lot about what their colleges do with their data, and experts advised institutions to help them think more critically about data privacy.

Indirect Messaging

Most universities provide information on safeguarding digital privacy, and most also provide information on reproductive health. But that information is not always paired, which places a burden on students.

“Leaving it to students to connect the dots is a dangerous strategy,” Lingel said. “It’s really important that universities don’t [rely on] students to connect the dots by having information about privacy in one place and reproductive health in another.”

That said, universities have options if they seek to address the moment without politicizing online privacy programming.

“Use the Roe v. Wade decision as a way of saying, ‘Here’s an instance where you really should take this seriously,’ but there are other instances, too,” Lingel said. “That may actually be more effective than trying to make it first and foremost a political issue.” This way, universities provide important information on privacy safeguards while still engaging with a range of people who hold varied opinions or are in the process of making unanticipated health-care decisions.

Both Martin and Lingel suggest that the current moment offers an opportunity for campus health employees and digital privacy workers to collaborate. These offices offer the right portfolio of expertise and resources for highlighting that the government and hackers are not the only threats. Parents who pay for cellphone plans or intimate partners, friends and peers with different values may attempt to access private health information.

“I would love to see this information pulled into orientation guides and [residential] life training,” Lingel said about small steps students can take to enhance control over their data.

“To the greatest extent possible, women can keep conversations about their reproductive health concerns off-line and face-to-face with only very trusted partners,” Martin said. “That is really the safest place they can be right now.”

Outdated Messaging

Some institutions’ messaging on reproductive health privacy hails from an earlier era, which could be problematic for students who view college websites as trusted sources of health information, according to experts.

For example, a still-live 2014 webpage at the University of Illinois at Urbana-Champaign highlights the value of using an app for menstrual tracking.

“Whether your goal is to simply keep track of when you get your period or you are actively trying to conceive, I encourage you to try out one of the many period tracking apps out there!” the website notes. “Here is a list of period tracking apps to get you started!”

Martin called such outdated messaging “scary,” as her research indicates that some period-tracking apps have “loose to nonexistent” privacy policies. Information about safeguarding privacy should be kept up-to-date and in a place where students will find it when and where they need it.

“If I’m a young student, in trouble and worried about … my health, I might not necessarily look back to my university’s digital privacy explanation that I got at the beginning of this semester,” Martin said.