The U.S. Supreme Court recently issued a decision in Carpenter v. United States, an important Fourth Amendment case that was eagerly awaited by many. The decision was widely cheered as a breakthrough in Fourth Amendment jurisprudence — hailed as a “landmark privacy case” and a “major victory for digital privacy.” In the NY Times, Adam Liptak referred to Carpenter as a “major statement on privacy in the digital age.”
Although I agree with the outcome of the decision, I ultimately find it to be disappointing. True, the Supreme Court finally took a step forward to bring the Fourth Amendment more in line with the digital age. But this was only a step in the year 2018, when the Court should have walked more than a mile.
Despite the fact that the various opinions in Carpenter total 119 pages, Carpenter only resolves a narrow issue and leaves many open questions. When something is the length of a Tolstoy novel, the plot should advance quite a lot more. The basic holding of the case is that the Fourth Amendment applies when the government “accesses historical cell phone records that provide a comprehensive chronicle of the user’s past movements.” But a lot more was at stake in the case. This was the prime opportunity of the Court to overrule the Third Party Doctrine, under which the Court has held that that there is no reasonable expectation in privacy for information known or exposed to third parties. The Third Party Doctrine was forged in the 1970s in cases involving bank and phone records. In United States v. Miller, 425 U.S. 435 (1976), the Court held that there is no reasonable expectation of privacy in financial records maintained by one’s bank because “the Fourth Amendment does not prohibit the obtaining of information revealed to a third party and conveyed by him to Government authorities.” In Smith v. Maryland, 442 U.S. 735 (1979), the Court concluded that there was no reasonable expectation of privacy when the government obtained a list of phone numbers a person dialed from the phone company because people “know that they must convey numerical information to the phone company” and cannot “harbor any general expectation that the numbers they dial will remain secret.”
As I argued in an earlier post about Carpenter, the Third Party Doctrine is deeply flawed and eviscerates Fourth Amendment protection in today’s digital age where so much of our information is in the hands of third parties. Carpenter would have been the ideal case to get rid of the Third Party Doctrine. Instead, the Supreme Court did what it has often done in recent years — tiptoe weakly like a mouse, nibbling around the edges of issues rather than directly resolving them. Rather than overrule Smith and Miller, the Carpenter Court just stated that these cases don’t apply to cell-site location records: “We decline to extend Smith and Miller to cover these novel circumstances. Given the unique nature of cell phone location records, the fact that the information is held by a third party does not by itself overcome the user’s claim to Fourth Amendment protection. ” This is a partial victory, as the Third Party Doctrine finally has a stopping point, but there are an endless series of situations involving the Third Party Doctrine, and the Court has provided scant guidance about when the Third Party Doctrine will apply.
The U.S. Supreme Court will be hearing arguments this week in Carpenter v. United States, which is one of the most important Fourth Amendment cases before the Court. The case involves whether the Third Party Doctrine will remain viable. If so, the Fourth Amendment will fade into obsolescence in today’s digital age.
In this post, I provide 10 reasons why the Third Party Doctrine should be overruled. Before doing so, here’s some background.
Carpenter [6th Circuit case on cert to the Supreme Court] involved the investigation of a string of robberies of Radio Shack. The FBI obtained cell phone records of the defendants pursuant to the Stored Communications Act (SCA), which requires “specific and articulable facts” to demonstrate that there are “reasonable grounds to believe” that the records are “relevant and material to an ongoing criminal investigation.” 18 U.S.C. § 2703(d). This standard is far short of what the Fourth Amendment would require, which is a search warrant based upon probable cause.
Ransomware is on a rampage! Attacks are happening with ever-increasing frequency, and ransomware is evolving and becoming more powerful.
Several major media sites, such as the New York Times, BBC, AOL, and the NFL, were recently infected with malware that directed visitors to sites attempting to install ransomware on their computers.
Ransomware has the potential to attack the Internet of Things. In one instance, a researcher was able to infect a TV with ransomware.
Ransomware is now attacking smart phones.
Last month, one hospital paid $17,000 in ransom when ransomware attacked its computer system. The computer network was down for more than a week, and patients had to be transferred to other hospitals.
A dramatic legal battle is taking place that will have dramatic implications for the future of technology, privacy, security, and the extent of government power. The FBI obtained an order from a magistrate judge to force Apple to develop software to help the FBI break into an encrypted iPhone.
I’ve long been saying that privacy need not be sacrificed for security, and it makes me delighted to see that public attitudes are aligning with this view. A Pew survey revealed that a “majority of Americans (54%) disapprove of the U.S. government’s collection of telephone and internet data as part of anti-terrorism efforts.” The anti-NSA surveillance sentiment is even stronger in other countries, as is shown in this chart below.
According to the survey, “74% said they should not give up privacy and freedom for the sake of safety, while just 22% said the opposite.”
As I wrote in my book, Nothing to Hide: The False Tradeoff Between Privacy and Security (Yale U. Press 2011):
The debate between privacy and security has been framed incorrectly, with the tradeoff between these values understood as an all-or-nothing proposition. But protecting privacy need not be fatal to security measures; it merely demands oversight and regulation.
By Daniel J. Solove
Next year, there will be a milestone birthday for the Electronic Communications Privacy Act (ECPA) – the primary federal law that regulates how the government and private parties can monitor people’s Internet use, wiretap their communications, peruse their email, gain access to their files, and much more.
This is no ordinary birthday for ECPA. In 2016, ECPA turns 30. Little did anyone think that in 1986, when ECPA was passed, that it would still remain largely unchanged for 30 years. In 1986, the Cloud was just something in the sky. The Web was what a spider made.
by Daniel J. Solove
One of the most well-known classic privacy books is George Orwell’s 1984, and it has been published in countless editions around the world. I enjoy collecting things, and I’ve gathered up more than 50 book covers of various editions of the novel. I find it interesting how various artists and designers try to capture the novel’s themes. I thought I’d share the covers with you.
Orwell’s 1984 chronicles a harrowing totalitarian society, one that engages in massive surveillance of its citizenry. Everywhere are posters that say “
NSA Big Brother Is Watching You.” From the novel:
By Daniel J. Solove
Co-authored by Professor Paul Schwartz
This post is part of a post series where we round up some of the interesting news and resources we’re finding. For a PDF version of this post, and for archived issues of previous posts, click here. We cover health issues in a separate post.
Mayer Brown survey of executives: 25% of organizations lack both a CPO and CIO (March 2015)
By Daniel J. Solove
The U.S. Court of Appeals for the 2nd Circuit just issued a 97-page ruling limiting the NSA’s power to sweep up data about people’s phone calls. The case is ACLU v. Clapper, and the court held that the USA Patriot Act Section 215 doesn’t authorize the kind of sweeping collection of phone call metadata that the NSA has been engaging in. The court’s holding is limited to statutory interpretation — the scope of data collection authorized by Section 215. The court doesn’t base its holding on the Fourth Amendment, though it does note the uncertain status of current Fourth Amendment law.
The bottom line is that the NSA has been gathering a lot more data than it has been authorized to gather.
by Daniel J. Solove
In a recent AP story, actress Jennifer Lawrence had some rather extensive and passionate quotes about her loss of privacy. Not too long ago, Lawrence’s nude photos were stolen and leaked on the Internet by a hacker who hacked into her iCloud account. In her comments for the AP story, she lamented how much paparazzi were harassing her: “I knew the paparazzi were going to be a reality in my life. . . . But I didn’t know that I would feel anxiety every time I open my front door, or that being chased by 10 men you don’t know, or being surrounded, feels invasive and makes me feel scared and gets my adrenaline going every day.”