Privacy vs. Security: Will SCOTUS Leave the (Third) Party in 2018?
If the government obtains information about your past locations from your wireless provider, is that a search? If so, is it a search that requires the government to obtain a warrant? Courts have held that, because companies collect this kind of data in the ordinary course of business, consumers who voluntarily provide information to these third-parties have no reasonable expectation of privacy in it. A string of robberies may prompt the Supreme Court to reconsider this doctrine.
Timothy Carpenter was accused of a series of armed robberies in Detroit, Michigan. In making their case against him, prosecutors used nearly 13,000 pieces of information revealing the location of his cell phone, all obtained from private companies.
A participant in the crimes had confessed to his involvement and given the FBI the cell phone numbers of other participants. The FBI then used this information to apply for orders from magistrate judges to obtain “transactional records” of the cell phone numbers. Under the Stored Communications Act, the government needed to show only reasonable suspicion and not probable cause to compel disclosure of these records. Carpenter’s cellphone provider produced 127 days of transactional records, which included the date and time of calls as well as the approximate location where those calls began and ended based on their connections to cell towers, data known as cell-site location information (CSLI). (This may sound familiar to any listeners of the podcast Serial.) At trial, prosecutors used this CSLI to show where Carpenter’s phone was in communication with cell towers, comparing his locations with the timeline of the robberies.
Carpenter challenged the government’s use of CSLI. He moved to suppress the records, arguing that the more stringent Fourth Amendment standard should have been applied. His motion was denied based on the government’s argument that Carpenter had no reasonable expectation of privacy as to this information under the third-party doctrine. The Sixth Circuit agreed with the government’s position.
Implication for Consumers and Providers
The Supreme Court will now decide whether the government violated the Fourth Amendment’s protection against unreasonable searches and seizures, which requires the government to seek a warrant based on probable cause before obtaining CSLI. The Court could use this opportunity to decide only if warrants should be required to access records of mobile phone location records during criminal investigations. But the decision could implicate privacy issues that go far beyond the details of this case.
Under the “third–party doctrine” as currently interpreted, if you voluntarily provide information to a third-party, you have no legitimate expectation of privacy from warrantless government access to that information. See Smith v. Maryland; United States v. Miller. In other words, the government can get an order from the court and access all of this information without showing probable cause that a crime has been committed. If the Court relies on and upholds that third-party doctrine, then consumers could be found to have no reasonable expectation of privacy regarding any of their personal information exposed to third-party equipment.
Who and what could this affect? While this case deals with cellphone users and telecom providers, at oral arguments, several justices expressed concerns about what the case might mean for other kinds of collected data. Given the way the world has changed since the creation of this doctrine, it could logically expand to include everything from emails to cloud storage, to search terms, to information generated by a fitness tracker.
There are other possibilities beyond the elimination of the third-party doctrine, of course. The Court could limit the doctrine in any number of ways. It could hold that courts need to impose a ceiling on the amount of data shared or the amount of time covered beyond which a warrant for CSLI is necessary. Mindful of the needs of law enforcement, the Court could also decide that, even if third-party doctrine is still good law in some scenarios, a higher standard should apply to cell phone data.
Justice Sotomayor has questioned the continuing validity of the third- party doctrine, writing that it “may be necessary to reconsider the premise that an individual has no reasonable expectation of privacy in information voluntarily disclosed to third parties.” United States v. Jones (Sotomajor, J., concurring). Now that the court has the opportunity to reconsider, the implications are serious. If the third-party doctrine is not limited, all of us need to bear the potential expansiveness of this doctrine in mind when using our electronic devices.
Kelly Landers Hawthorne contributed to this post.