On Wednesday, the U.S. Supreme Court hears oral arguments in a case that is widely seen as a test of just how far the government can go to pry personal data generated by cell phones and other digital devices.
The case, known as Carpenter v. United States, pits law enforcement interests against the privacy rights of individuals.
At issue is whether law enforcement authorities need a search warrant to obtain historical cell-site records known as cell service location information (CSLI). The data are kept by phone companies to determine roaming charges and weak spots in their networks and show the cell tower a user connects with at any given time.
The facts of the Carpenter case are straightforward.
Between 2010 and March 2011, Timothy Carpenter engineered a series of robberies of several cell phone stores in Ohio and Michigan. After Carpenter and his accomplices were arrested, the FBI requested and received several months of Carpenter’s cell-site records.
Such requests are routinely granted by cell phone companies when law enforcement authorities can show that there are “reasonable grounds” the information is “relevant and material” to criminal investigation.
The information showed that Carpenter’s cell phone had connected with cell towers near the stores during the time of the robberies, leading to his conviction on 11 counts of armed robbery.
Carpenter appealed his conviction, arguing that the government had unlawfully obtained his cell phone records without a search warrant. The U.S. Court of Appeals for the Sixth District ruled against him.
The court argued that that customers who voluntarily turn over their information to third parties such as cell phone companies, banks and other institutions have no “expectation of privacy.”
In two previous cases in the 1970s, United States v. Miller and Smith v. Maryland, the Supreme Court upheld the so-called “third party doctrine.”
But privacy advocates say the third party doctrine is not suitable for the digital age, arguing that increasingly sophisticated cell phones have become repositories of data that the government should not be able to access without probable cause.
Andrew Ferguson, a professor of law at the University of the District of Columbia, joined a group of 42 criminal procedure and privacy scholars who filed a brief in support of Carpenter.
In an interview with VOA, Ferguson discussed the case and its implications for privacy rights.
What is at issue in Carpenter v. US?
There is both a narrower issue and a broader issue that is potentially at play in Carpenter. The narrower issue is whether an exception to the Fourth Amendment, called the Third Party Doctrine, should survive the digital age. And the broader issue is, what does the Court do with a Fourth Amendment that was created in an era of small data when we are in a new world of surveillance?
If the court decides the Fourth Amendment doesn’t require a warrant for this data, it means police can actually, without any constitutional limitations, obtain all our personal data for really any reason they want. There are obviously legislative restrictions but as a constitutional matter it wouldn’t be a Fourth Amendment requirement to get a warrant, to obtain any of this personal information, be it your smart pacemaker, your smart Fitbit data that can tell whether you’re excited or not excited, and whether any of your information including where you’ve been via your cell phone and any other tracking technology.
What is the government’s argument?
The government essentially says you the consumer have no expectation of privacy in the information you give up to the third party cell provider. In fact, you probably don’t know how it works. The records that are created by these companies, they’re not your records, they’re the companies’ records.
Why would you have an expectation of privacy on the records that these companies did? If they were selling the data to other companies and made a profit, would you have a claim to the profit?
No. So what’s the difference between getting the information to the government? The government is getting it like any other party. Why would you be able to claim any sort of expectation of privacy over that information? The government’s position is that the Third Party Doctrine makes sense. It works well for law enforcement and this should just be an easy case of expanding and extending the Third Party Doctrine to the next question, which is the cell site locations.
What is the counterargument?
The counterargument is that the precedent that the government is relying on deals with a different context. So the phone information that was at issue in the original Smith v. Maryland was not very revealing; it was basically the number you called. It wasn’t going to show where you’d been, who you’d visited, the places you’d gone the last few times. It was a situation where you at the time of the old fashioned phone calls voluntarily giving up the information. You knew you were making phone calls. Here, whether or not you use your cell phone, your cell phone is giving off that information so you can’t say it’s voluntary relinquishment of your expectation of privacy because if you’re on the phone, that’s the way it works. So there is something about the private nature of this data.
There is something about the Fourth Amendment controls locations and the ability to go places without the government surveillance and oversight. And these old fashioned cases should be left in the past because the new world is too invasive, too revealing of digital clues, and the fourth amendment needs to adapt.
In the brief you and a group of scholars filed in the case, you argue that an extension of the so called Third Party Doctrine “could eliminate citizens’ privacy in the modern age.” Are the stakes that high?
I think they are. If you don’t require a warrant to get this kind of information, and there is not legislation protecting it, there is no constitutional barrier for police to obtain information even about the justices themselves or about individuals who they sort of suspect but don’t have great reason to suspect. It’s going to chill First Amendment association and the ability to get together for political activism. And it’s going to reveal a whole host of intimate details that most of us would like to keep private from our government.
What if the court rules in favor of Carpenter?
If the court rules in favor of Carpenter, and says police are required to get a warrant before doing it, I think it will just settle into a status quo where police get warrants for their criminal investigation.
There may be some here they won’t be able to do that, and it will be an impediment to law enforcement, but by and large they’re doing it already. Right now, most private companies say, look we follow the law. If the law requires a warrant, we require a warrant, and if the law doesn’t require a warrant, we don’t require a warrant.
Are there any international ramifications?
Europe is far more protective of data privacy than the U.S. has ever been and has moved there quicker and in more robust fashion. So in many cases, the U.S. has lessons to learn from Europe as opposed to if you care about data privacy and how to protect it. So it may be in a case that people around the world will see this as an American phenomenon, wrestling with what the fourth amendment means.
Generally speaking, it raises big questions because most of the tech companies are global companies, most of the issues involved privacy, which is certainly not a uniquely American concern, and the technologies are going to be used and sought after by governments in lots of repressive governments that are going to see the ability to use big data surveillance technology, big data policing technologies, to control their citizens. And one way you can see a lot of the rise of big data policing is as a measure of social control.