Yesterday, I edited Chatrie v. United States (2026) for my casebook, INFORMATION PRIVACY LAW, which Paul Schwartz and I are in the process of updating right now. The U.S. Supreme Court held that there is a reasonable expectation of privacy in geolocation data obtained via a geofencing warrant (which compels a company to turn over data about cell phones located in a particular area). This means that the Fourth Amendment applies, which is the first step for Fourth Amendment protection.
Chatrie was decided this week, so the ink is still wet, but here are some early thoughts on the case, plus my edited version. The opinion with concurrences and dissents clocks in at more than 70 pages, but I cut it down to the essentials. First, my thoughts, then the edited case.
1. The Reasonable Expectation of Privacy Test
The Court makes several important points about what constitutes a reasonable expectation of privacy for purposes of determining the applicability of the Fourth Amendment:
- The length of time of surveillance isn’t a dispositive factor. The Court quoted the concurring opinion of Justice Sotomayor in Jones to state that: “‘[E]ven short-term monitoring” of a person’s physical movements can provide ‘a wealth of detail about [his] familial, political, professional, religious, and sexual associations.’”
- The court also stated: “Still more fundamentally, we have never understood Fourth Amendment protections as kicking in only once an intrusion ‘goes too far.’”
- The fact that surveillance doesn’t turn up intimate data won’t eliminate a reasonable expectation of privacy because, as the Court states, the Fourth Amendment applies “regardless of the quality or quantity of information’ the government obtains.”
- The Court noted: “Whether something is a search does not depend on what it finds. An officer, after all, cannot know the fruits of a given surveillance in advance.”
- Even surveillance in public doesn’t eliminate a reasonable expectation of privacy.
2. The Slow Death of the Third Party Doctrine
Chatrie makes further limitations on the third party doctrine. The Court notes that there is “‘a world of difference’ between the ‘exhaustive chronicle of location information casually collected by wireless carriers” and “the limited types of personal information addressed in Smith and Miller.’”
The Court also argues that because smartphones have become an “indispensable . . . part of daily life,” users aren’t “to be viewed as sharing private information with third parties.” But phone numbers dialed in Smith and banks in Miller were also indispensable to daily life, and people weren’t freely sharing their data with these companies.
The Court emphasized an important distinction that might play a big role in the future of the third party doctrine.
Location History records implicate those privacy interests still more than [cell site location data in Carpenter] because the former is more the individual’s own. . . . The records thus serve as a personal journal of a user’s movements, which that user consults (and even can edit) for his own purposes. In that way, Location History resembles other private materials—think of emails, documents, photographs, or calendars—that even if stored on Google’s servers, a user reasonably views as his own. And as a result, that he reasonably expects to be shielded from the “inquisitive eyes” of the government.
The Court is saying that if users view their data as their own, then its being in the hands of a third party shouldn’t eliminate their expectation of privacy.
I can pull out at least three big limitations on third party doctrine:
- If the data constitutes an “exhaustive chronicle” of one’s life, then the third party doctrine might not apply.
- If sharing data or using a device that gathers data is an indispensable part of daily life, then this isn’t to be viewed as sharing data with third parties, and the doctrine likely doesn’t apply.
- If a person views their data with a third party as their own, then the third party doctrine likely doesn’t apply.
These rules would make much data maintained by companies today no longer subject to the third party doctrine. The Court appears to be on the verge of scuttling the third party doctrine. Instead of killing it, the Court is just shrinking the zone to a point where the doctrine will be very narrow and rarely applicable.
3. Personal Data as Property?
Justice Gorsuch has his own theory, using the word “effects” under the Fourth Amendment to advance a property theory that holds that people’s data is their own. I’m skeptical of property theories (see here) but Gorsuch’s property theory works under the Fourth Amendment more than it does more generally for consumer privacy. The big issue is whether people really do have the kind of property rights in their data that Justice Gorsuch assumes.
4. Is the Reasonable Expectation of Privacy Test the Right One?
Justice Gorsuch also critiques the reasonable expectation of privacy test.
As the Court has candidly admitted, it has never been able to identify a “single rubric” that might “definitively resolv[e] which expectations of privacy are entitled to protection.” Maybe Katz poses an empirical question, tagging reasonable expectations of privacy to those privacy expectations “people actually have.” Or maybe the question is a normative one, asking what expectations reasonable people “should . . . have.” In truth, nobody knows and, either way, this Court is the wrong body for the task. We aren’t equipped to make empirical assessments about what most Americans think. Nor is it our job to enforce our own normative judgments, as opposed to those embodied in the Constitution and laws.
If this weren’t trouble enough, we’ve also adorned Katz with an equally indefensible qualification called the third party doctrine. . . .
Much as with Katz itself, this Court has never offered a persuasive justification for its offshoot. . . . Do we seriously mean to suggest that most Americans think they have no “reasonable expectation of privacy” in records held for them by their banks or pharmacists or doctors or technology companies? If not, on what authority might we rule that the American people should not reasonably expect privacy in materials like those? Really, the third party doctrine amounts to little more than a “doubtful application of Katz that lets the government search almost whatever it wants whenever it wants.” . . . .
I generally agree with his critique. A while ago, I wrote an article, Fourth Amendment Pragmatism, 51 B.C. L. Rev. 1511 (2010), about why the Fourth Amendment would better protect privacy without the reasonable expectation of privacy test, and why this test has an overly-narrow and wrong view of the purpose and scope of the Fourth Amendment. The Fourth Amendment doesn’t contain the word “privacy”—it protects against “unreasonable” searches and seizures. Invading privacy without a sufficient justification and controls is unreasonable, but so are many other things. I thus argued:
The Fourth Amendment should regulate government information gathering whenever it causes problems of reasonable significance. Government information gathering often poses significant problems affecting freedom and democracy. Government information gathering activities can invade privacy and inhibit freedom of speech and association. They make people more frightened to explore ideas. They allow the government to amass enormous quantities of citizens’ personal information, which gives the government a vast amount of unchecked power and discretion. They can lead to abuses by law enforcement officials. The Fourth Amendment should provide coverage whenever any of these problems might occur—or when any other problem of reasonable significance might occur.
5. The Scope of Geofencing Warrants
I suppose the Court will go quiet again on the Fourth Amendment. Lately, it barely decides Fourth Amendment cases, acting like a turtle, taking little steps and popping its head out every now and then. Its last big Fourth Amendment case was Carpenter v. United States, 585 U.S. 296 (2018).
The Court punted on the issue of whether the special geofence warrant satisfied the particularity demands of the Fourth Amendment, as geofence warrants are quite like general warrants or dragnet searches. The second part of the Fourth Amendment states that “no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”
I don’t think geofence warrants are consistent with the Fourth Amendment. It’ll be up to the lower courts to figure this out, and maybe eight or ten years from now, the Supreme Court will get around to addressing the issue when they want a breather from interpreting away the rest of the Constitution and laws.
6. Are Warrants Enough?
Recently, I wrote a post about geofence warrants and warrants generally. I asked: Are warrants enough? An empirical study revealed that “Ninety-eight percent of warrant reviews eventually result in an approval, and over 93% are approved on first submission. . . . [T]he median time for review is only three minutes.” Warrants really don’t offer much protection.
Another limitation of warrants is that the government can control what activities are criminalized, and warrants authorize searches for evidence of whatever crimes there are. As states criminalize abortion, or as federal or state governments prosecute certain protests or other activities, prosecutors can obtain warrants.
My colleague, Andrew Ferguson, in his great new book, YOUR DATA WILL BE USED AGAINST YOU (2026) argues that other types of protections are needed because so much intimate data about us can be gathered in the digital age: “[T]he safeguards built into our legal system—search warrants, judicial oversight, concepts like probable cause—are too weak to protect us from the self-surveillance system we are building.” He discusses a case where a person’s pacemaker data was used to prosecute him.
Here’s a video of me discussing his book with him:
Below is an initial draft of an edited version of the Chatrie majority opinion from the next edition of the casebook.
Chatrie v. United States
— U.S. – (2026)
Kagan, J. In recent years, law enforcement officers have employed so-called geofence warrants to obtain information that technology companies collect about their users’ cell-phone locations. Suppose that investigators know a crime was committed at a particular place and time, but do not have a suspect. They may draw a “geofence”—a virtual perimeter—around the crime scene and get a warrant compelling a company to hand over data about the cell phones located in that area near the time of the crime. Following a process specified in the warrant, the company will turn over the cell-phone data and eventually identify by name one or more of the users thus disclosed.
The geofence warrant at issue here was directed to Google, and used to solve a bank robbery. Hundreds of millions of Google users have activated a service called Location History, which records the location of a user’s cell phone every two minutes or so. Through a geofence warrant, police officers required Google to turn over Location History data revealing cell phones within the vicinity of a bank at around the time it was robbed. At the end of the multi-step process described in the warrant, Google gave the police three names. The Federal Government soon charged one of the individuals thus identified, petitioner Okello Chatrie, with committing the crime. . . .
This case concerns a form of cell-phone location data called “Location History,” which Google apps collect and store. Location History is what it sounds like—a timestamped record of every place a cell phone has been. Every two minutes or so, Location History draws from an array of sources to log a cell phone’s location. Those sources include nearby Wi-Fi networks, Bluetooth beacons, and cell sites, as well as GPS and IP address information. When combined, the signals tracked can determine a cell phone’s location within 20 meters. They can also ascertain a phone’s elevation, and thus reveal which floor within a building the phone is on. By all accounts, those features make Location History “the most sweeping, granular, and comprehensive tool” existing today for collecting and storing location data. . . .
Google stores all Location History data in the cloud, rather than on a user’s device—though that choice makes no real difference to the user. . . .
In the last decade, Google’s Location History data has also served another function, though this one unknown to most users: That data, as obtained through a geofence warrant, can enable law enforcement officers to solve hard-to-solve crimes. Such a warrant, as earlier described, seeks information about the cell phones located in the vicinity of a crime scene at around the time the crime was committed. The goal, put simply, is to find out who was there and so who might have done it. . . . And the mechanism is to use the offender’s cell phone as an identifying device. The warrant specifies a timeframe and maps an area (with the geofence as its perimeter), and demands information about the cell phones—and their users—present within it. . . .
As [law enforcement] demands began to proliferate, Google worked with law enforcement officials to develop a three-step protocol to govern geofence warrants. At the first step, Google produces anonymized (i.e., no names attached) location data for all cell phones (or other devices) within the geofence—typically, a circle with a designated radius surrounding a latitude/longitude coordinate—during a specified timeframe. That data generally includes each phone’s latitude/longitude coordinate and corresponding timestamp; an estimate of that information’s accuracy; and a description of the information’s source (e.g., a Wi-Fi network, a cell site, or some other). The data at this stage shows each user’s location, every two minutes or so, within the geofence. At the second step of the process, officials review the data produced and typically ask Google to provide additional information for a subset of still-anonymized users. That new data is usually for a longer timeframe than first specified; it also shows the user’s location outside, as well as inside, the geofence. Finally, at the third step, officials demand the identities of a further subset of users— their names, email addresses, and phone numbers. Thus, the geofence warrant is designed to eventually produce a select number of identified users suspected of committing the crime under investigation. . . .
On May 20, 2019, at about 4:50 p.m., a man robbed a credit union in Midlothian, Virginia. The robber presented a teller with a handwritten note demanding $100,000, threatening to hurt her and her family if she did not comply, and warning her that he had “boys on the lookout outside.” When the teller replied that she did not have access to that amount of money, the robber brandished a firearm. He ordered everyone in the bank to the ground, and forced the bank’s manager to open a safe and put $195,000 into a bag. The robber then left on foot with the money.
Local police officers responded to the scene and began an investigation. They learned, from witness interviews and surveillance-camera footage, that the robber had approached the credit union from a corner of an adjacent church, while appearing to talk on a cell phone. But they could not find out anything more, and the robber remained at large.
On June 14, the police officers thus applied to a Virginia magistrate for a geofence warrant directed to Google. The application described the cell-phone location data Google collects, and explained how that data could lead to identifying the robber, his possible accomplices, or additional witnesses to the crime. Success was particularly likely here, the application stated, because the robber appeared to be using his phone when he entered the credit union, and may even have been speaking with an accomplice. The officers’ proposed geofence was a circle with a radius of 150 meters surrounding the credit union. . . .
[With the geofence warrant, the police narrowed the list to three users by the third step, one of whom was Chatrie.] The location data showed that he entered the geofenced area about ten minutes before the robbery, and headed toward a residential area of town immediately after leaving the bank. . . .
According to Chatrie, the officers had acquired that data through a Fourth Amendment search, and the warrant ostensibly authorizing that search was invalid. . . .
Whether an expectation of privacy counts as legitimate is less the result of any fixed set of rules than of “guideposts” stretching back to the Fourth Amendment’s beginnings. From the founding onward, we have explained, the Fourth Amendment has sought to secure the “privacies of life” against the exercise of “arbitrary power.” Boyd v. United States, 116 U. S. 616 (1886); see Carpenter, 585 U. S., at 305. So too we have recognized, and repeatedly, that the Amendment was designed “to place obstacles in the way of a too permeating police surveillance.” United States v. Di Re, 332 U. S. 581, 595 (1948). . . .
In recent decades, this Court has often confronted the challenge of adhering to those principles in the face of new technologies. . . . Most recently, in Carpenter v. United States, this Court held that accessing a form of cell-phone location information other than Location History is a Fourth Amendment search given individuals’ reasonable expectations of privacy. . . .
The resemblances between [cell site location information] CSLI and Location History, in their relationship to personal privacy, practically leap off the page. Everything Carpenter relied on to find that law enforcement officers conducted a Fourth Amendment search when they accessed wireless carriers’ CSLI records applies as well or better to the police’s accessing of Google’s Location History data. First, Location History provides an even more fine-tuned picture of a person’s movements than CSLI. . . . Or here is another measure: CSLI logged Carpenter’s location an average of 101 times a day, whereas Location History commonly records a person’s location every two minutes, for a daily average of 720 chartings.
Or finally, a third: Unlike CSLI, Location History can estimate a phone’s elevation—so, for example, can tell whether someone has gone into a doctor’s office on the first floor of a multi-story building, or a private apartment on the tenth. Of course, the accuracy of each of the two techniques may vary in different places and at different times. But across the board Location History is the far more precise measure. When the Carpenter Court said that CSLI provides a “detailed” and “encyclopedic” portrait of a person’s whereabouts, it did not know what further technology was on the horizon.
And next, Location History also allows police officers to reconstruct “retrospective[ly],” and with no real effort, people’s comings and goings in any area.. . . .
Indeed, Location History records implicate those privacy interests still more than CSLI data because the former is more the individual’s own. . . . The records thus serve as a personal journal of a user’s movements, which that user consults (and even can edit) for his own purposes. In that way, Location History resembles other private materials—think of emails, documents, photographs, or calendars—that even if stored on Google’s servers, a user reasonably views as his own. And as a result, that he reasonably expects to be shielded from the “inquisitive eyes” of the government. . . .
The Government, not much contesting any of the above, principally argues on a different ground: that accessing only a short amount of cell-phone location information (whether Location History or CSLI) does not count as a Fourth Amendment search. . . . Recall that Carpenter involved seven days’ worth of location data. And in deciding that case, this Court reserved the issue whether there was a more “limited period for which the Government may obtain” such data “free from Fourth Amendment scrutiny.” The Government now claims that the answer is yes, and that the two hours’ worth of Location History acquired here falls within the Constitution-free zone. In the Government’s view, a person has no reasonable expectation of privacy in “that short a time window” of location data, because his “short-term” movements will “reveal[] little about the details of [his] personal life.” . . . .
But to begin, the Government is wrong about the incapacity of short-term location information to reveal private matters. . . . Return here to another of Jones’s insights: “[E]ven short-term monitoring” of a person’s physical movements can provide “a wealth of detail about [his] familial, political, professional, religious, and sexual associations.” 565 U. S., at 415 (opinion of Sotomayor, J.). Consider just a few trips that a person is apt to think “indisputably private”: to “the psychiatrist, the plastic surgeon, the abortion clinic, the AIDS treatment center, the strip club, the criminal defense attorney, [or] the by-the-hour motel.” And unlike a GPS device, Location History enables police officers to focus on precisely those sites—to see, in a given time block, who shows up. Similarly, Location History—even two hours of it—allows officers to target one-off events of potential interest: a gun show, say, or a political rally.
Still more fundamentally, we have never understood Fourth Amendment protections as kicking in only once an intrusion “goes too far.” Where the Fourth Amendment applies, it applies—regardless of “the quality or quantity of information” the government obtains. So, for example, this Court held [in Kyllo] that thermal imaging qualified as a search even though it did not, and was not likely to, detect “private activities” or “intimate details.” The Amendment, we analogized, makes “no exception” for the officer “who barely cracks open the front door and sees nothing but the nonintimate rug on the vestibule floor.” And likewise, the Amendment does not give agents a pass if their wiretap is of limited duration and thus less likely to intrude on private matters. Indeed, in our seminal wiretap case, the police obtained only 18 minutes of recordings. See Katz. . . .
Knotts does not support the view that accessing two hours of Location History is not a search. There, police officers put a beeper in a car to help them follow it from Minnesota to Wisconsin. The Court decided that the beeper did not turn the tail into a search, but was explicit in keeping its holding cabined to that rudimentary technology. . . . [The Court stated] that if technology progressed so as to allow more sophisticated surveillance, “different constitutional principles” could well apply. And three decades later, five Justices in two opinions found that they did. When faced in Jones with a GPS device—which unlike the beeper allowed remote monitoring—they decided, notwithstanding Knotts, that privacy was implicated and a search had occurred. . . .
And still another feature of Knotts makes it inapt here: that the surveillance there was confined to public roads. . . . By contrast, the movements that Location History reveals are not limited to public streets. Recall what Carpenter observed: A “cell phone faithfully follows its owner beyond public thoroughfares and into private residences, doctor’s offices, [and] political headquarters.” . . . . Whether something is a search does not depend on what it finds. An officer, after all, cannot know the fruits of a given surveillance in advance. . . .
The Government has an additional argument, which in Carpenter was its “primary” one—that the so-called third-party doctrine precludes Chatrie from invoking the Fourth Amendment’s protections. . . . The problem for the Government—and presumably the reason that its primary assertion in Carpenter has here become a secondary one—is that Carpenter refused to apply the third-party doctrine to CSLI, and no good reason exists to reach a different result for Location History. . . .
There is “a world of difference” between the “exhaustive chronicle of location information casually collected by wireless carriers” and “the limited types of personal information addressed in Smith and Miller.” The former thus “implicates privacy concerns far beyond” the latter. And second, the Court continued, “[c]ell phone location information is not truly ‘shared’ as one normally understands the term.” Because “cell phones and the services they provide” are “such a pervasive and insistent part of daily life”—“indispensable to participation in modern society”—a person can hardly help but generate a “trail of location data.” “[I]n no meaningful sense,” the Court thought, does that mean a person “voluntar[il]y expos[es]” to any third party a “comprehensive dossier of his physical movements.”
As noted above, Location History is even more “revealing” than CSLI, because it provides a yet more precise record of an individual’s movements. . . . And for Location History, that surveillance is based on information that a user reasonably understands as his own, even though stored on Google’s servers—much like his emails, photos, and calendar entries. Likewise, the information is “not truly shared,” in the normal sense of wanting a third party to see or use it.. The exposure of that information to Google is merely what happens when a user avails himself of one of the services on his cell phone. Or said a bit differently, it is the automatic price of conventional cellphone usage. . . .
The point of carrying smartphones is to use what is on them—as Carpenter said, to use the apps and “services they provide.”. That is what has become a “pervasive and insistent”—even “indispensable”—“part of daily life.” And so that is what Carpenter insulated from the third-party doctrine. A cell-phone user is not to be viewed as sharing private information with third parties—which then can be freely passed on to the government—just by doing the ordinary things cell-phone users do. . . .
For all those reasons, we hold that police officers invade a cell-phone user’s reasonable expectation of privacy when they access his Location History.. . .
When officers have obtained a warrant, as they did here, a search’s legality will thus depend on whether a magistrate has properly found probable cause to support a particularly described search. . . .
The warrant issued here, as described earlier, was an uncommon, multi-step one. . . .
Chatrie analogizes the first step to an “unconstitutional general warrant,” and argues that in any event the search at that step was both insufficiently described by the warrant and lacking in probable cause. As to steps two and three, Chatrie contends that the warrant left too much authority to police officers—and too little to the magistrate—to define the search’s scope and determine whether cause for it existed. The Government, for its part, defends the warrant at every step as seeking “particularized information from Google’s database” based on “probable cause to believe that Google had information” that would help solve a crime. And the Government urges that the discretion given to the officers at steps two and three fell within the bounds of reasonableness.
We leave all of those questions to the Court of Appeals to decide in the first instance. Because the Fourth Circuit panel concluded that no search had occurred, it did not address whether the geofence warrant issued here validly authorized each stage of the search process. . . .
* * * *
Daniel J. Solove is the Bernard Professor of Intellectual Property and Technology Law at the George Washington University Law School. He is the founder of TeachPrivacy, a company that provides workforce privacy, cybersecurity security, and AI training to companies and organizations around the world. He is the author of 10+ books and 100+ articles.
You can follow his events, writings, training, cartoons, and resources by subscribing to his free weekly newsletter.
Subscribe to Solove’s Free Substack
A supplement to Solove’s regular newsletter with more in-depth discussions