More than 20 years ago, the U.S. Congress passed the Freedom of Access to Clinic Entrances (FACE) Act to address escalating threats, harassment, and violence targeting abortion providers and their patients. The law has typically been used to provide civil and criminal remedies for actions like blockading clinics or sending threats to providers. But a reportedly first-of-its-kind lawsuit filed last week in Massachusetts federal court argues the law should apply to online hacking as well.
The lawsuit, which also includes claims that the hackers violated the Computer Fraud and Abuse Act, stems from a 2016 hack of the National Network of Abortion Funds’ (NNAF) National Abortion Access Bowl-a-thon online fundraiser. The complaint details an ongoing and sophisticated operation launched to derail the months-long event, which would ultimately cost the funds hundreds of thousands of dollars, according to the complaint. The purpose of the hack, according to the complaint, was to intentionally disrupt the fund’s work in helping to provide financial assistance for abortions.
The plaintiffs include the National Network of Abortion Funds and five of its members, including the Eastern Massachusetts Abortion Fund, Gateway Women’s Access Fund, Kentucky Health Justice Network, Northwest Abortion Access Fund, and the Preterm Access Fund.
According to the complaint, beginning in April a “malicious actor or actors” identified as John Does 1-15, disabled Bowl-a-thon participants’ fundraising sites through a distributed denial-of-service (DDoS) attack and gained access to donor information. From there the defendants allegedly “impersonated plaintiffs and sent donors deeply disturbing racist, anti-Semitic, and misogynistic emails.”
Sex. Abortion. Parenthood. Power.
The latest news, delivered straight to your inbox.
As detailed in the court filing, shortly after hackers initially gained access to the fundraising platform, some Bowl-a-thon registrants began receiving emails alerting them to donations made by a user identified as “Adolph Hitler.” According to the complaint, the message from the user read: “I believe that the Aryan race is the Master Race; the purest human genetic strain currently available. Consequently, it tickles me to fund abortions for the lower races, such as the Negroes and the Jews. There is no longer any need to send these parasites to my concentration camps – they willingly slaughter their own young if given enough money to afford the ope [sic] I am indebted to feminism and this new opportunity it has provided to cleanse our future generations. Keep it up, NNAF!”’
The complaint also alleges that the Bowl-a-thon website appeared at one time to receive $66 billion in fraudulent donations during a DDoS attack before the website crashed altogether.
As a result of the attack, funds had their fundraising abilities compromised at what the attorneys claim is a critical moment in the stretch of the fundraiser. They also had to spend significant time and energy responding directly to the attack and explaining what was going on to their donors. All of these resources were diverted away from the funds’ core mission of helping patients in financial need access money to help pay for an abortion. And that, the attorneys claim, makes what the John Does did a violation of the FACE Act.
That claim should be a pretty easy one to substantiate in litigation, just given the facts of the 2016 attack: What other purpose would hackers have in crashing an online fundraiser for abortion access, but to try and thwart that access? There is none.
If the judge agrees with the FACE Act or the fraud claim, the litigation will proceed as usual, including a trial. The plaintiffs also hope that the discovery process will confirm the hackers’ identities.
“The damage that the attackers inflicted was intended for us to lose everything: our time, what resources we have, the trust of our supporters, and all of our energy to coping with the trauma, delays, and crisis of the hack,” said Jenni Kotting, communications director at the National Network of Abortion Funds, to Rewire.News in an emailed statement. “Too often, we see anti-abortion extremists make claims about protecting life, but this attack has surfaced the true motives of these anti-abortion attackers: racially motivated hatred and violence. They meticulously planned the attack so their message containing racist content about eugenics, anti-Semitism, and Adolph Hitler would go to as many people as possible. In this way, the attackers made abundantly clear how much anti-abortion extremism is infused with white supremacy.”
NNAF and its members’ FACE Act claim comes at a critical moment where online attacks against abortion providers are on the rise and when the law seems ill-prepared to remedy, let alone prevent, such digital threats. This lawsuit, though, could be an important first step in the courts finally addressing that online harassment.