You are using an outdated browser.
Please upgrade your browser
and improve your visit to our site.

The Supreme Court Cares About Your Digital Privacy

Friday's ruling was the latest to apply the Fourth Amendment to technology.

Drew Angerer/Getty Images

The Supreme Court handed down a major decision on digital privacy on Friday, ruling in Carpenter v. United States that Fourth Amendment protections from “unreasonable searches and seizure” apply to cell-phone location data. In short, police need a warrant to electronically retrace a cell phone owner’s steps in a criminal investigation.

“We decline to grant the state unrestricted access to a wireless carrier’s database of physical location information,” Chief Justice John Roberts wrote for the 5-4 majority, citing the “deeply revealing nature of [cell-site location information], its depth, breadth, and comprehensive reach, and the inescapable and automatic nature of its collection.” Justices Ruth Bader Ginsburg, Stephen Breyer, Sonia Sotomayor, and Elena Kagan joined the opinion.

Friday’s ruling extends what has become a theme for the Roberts Court: ensuring that Americans’ privacy rights keep pace with technological advances. In the past six years, the justices have also ruled that cops need a judge’s permission to attach GPS tracking devices to suspects’ cars and to search a person’s cell phone during an arrest. Friday’s decision continued the court’s trend.

“By recognizing that we have Fourth Amendment protections in cell-phone location information, Carpenter appears to be a sweeping decision in favor of civil liberties and privacy,” Elizabeth Joh, a UC Davis law professor who specializes in the Fourth Amendment and digital privacy, told me. “The majority opinion avoids a mechanical interpretation of the law and instead recognizes the ‘seismic shifts brought about by digital technology.’”

For most of American history, there were practical limits on the government’s ability to systematically invade its citizens’ privacy. Tracking the movements of every person at all times in the nineteenth and early twentieth centuries would have required feats of manpower and bureaucracy beyond all but the most despotic regimes’ dreams. Modern technology, for all its benefits, has also changed that calculus by making vast quantities of personal information available at a moment’s notice.

“Here the progress of science has afforded law enforcement a powerful new tool to carry out its important responsibilities,” Roberts wrote, referencing an earlier court ruling. “At the same time, this tool risks government encroachment of the sort the Framers, ‘after consulting the lessons of history,’ drafted the Fourth Amendment to prevent.”

Friday’s ruling is also good news for Timothy Carpenter, the case’s titular namesake. He was one of four men convicted by a federal jury in 2011 for participating in a series of robberies targeting electronic stores in Michigan and Ohio. To prove that Carpenter was at the scenes of the crimes, federal investigators sought what’s known as historical cell-site location information (CSLI), from Carpenter’s cell phone.

What is historical CSLI? As part of their everyday functions, cell phones regularly transmit data to nearby cell towers, like submarines using sonar to navigate the ocean depths. In denser urban areas, a cell phone will ping multiple towers at the same time, making it possible to triangulate the source with increasing precision. Each cell tower records those pings and who sent them, storing the information in databases maintained by each telecommunications company.

With enough data from enough towers, anyone with access to the database could stitch together a comprehensive account of when and where each cell phone has been. At least 95 percent of Americans have personal cell phones, many of whom rarely step away more than a few feet from them. As a result, tracing where a cell phone has been is no different from tracking where a person has been. The privacy implications are inescapable.

“Whoever the suspect turns out to be, he has effectively been tailed every moment of every day for five years, and the police may—in the Government’s view—call upon the results of that surveillance without regard to the constraints of the Fourth Amendment,” Roberts wrote. “Only the few without cell phones could escape this tireless and absolute surveillance.”

Instead of seeking a search warrant to obtain Carpenter’s data, federal investigators used a provision in the federal Stored Communications Act to obtain what’s known as a 2703(d) order. The distinction is a crucial one. A warrant requires investigators to show they have “probable cause” to believe the search will uncover evidence of a crime, while 2703(d) orders have a lower threshold under federal law: Police need only offer “specific and articulable facts” that the records sought will be “relevant and material to an ongoing criminal investigation.”

Investigators ultimately obtained 127 days of cell-site records from two different mobile providers, which yielded 12,898 location points that revealed Carpenter’s movements. A federal agent testified that those points placed him near four of the robbery locations during the robberies in question. A jury found him guilty on multiple robbery and firearm-related charges and sentenced him to more than 100 years behind bars.

Carpenter asked lower courts to throw out the evidence on Fourth Amendment grounds. But they declined, citing two Supreme Court precedents dating back almost four decades. In the 1976 case United States v. Miller, the court upheld a whiskey bootlegger’s conviction after prosecutors obtained his bank records without a warrant. Three years later in Smith v. Maryland, the court signed off on the warrantless use of a pen register, a device that recorded which phone numbers were dialed on a particular telephone line.

Taken together, Miller and Smith established what’s known as the third-party doctrine. The Supreme Court often uses a “reasonable expectation of privacy” test to determine whether a police method counts as a Fourth Amendment “search,” and therefore whether a warrant is needed. Under the third-party doctrine, Americans lose a reasonable expectation of privacy if their personal information is stored by a third party, as with the bank records in Miller; or made readily available to a third party, as with Smith and the telephone company.

Applying that doctrine to modern technology, which is far more pervasive and ubiquitous than it was when Smith and Miller were decided in the 1970s, is an uneasy proposition. In 2012, the justices ruled in United States v. Jones that federal agents had violated the Fourth Amendment when they attached a GPS device to a car without a warrant. Justice Sonia Sotomayor wrote a concurring opinion in which she called on the court to revisit the third-party doctrine in light of technological advances.

“This approach is ill suited to the digital age, in which people reveal a great deal of information about themselves to third parties in the course of carrying out mundane tasks,” she wrote. “People disclose the phone numbers that they dial or text to their cellular providers; the URLs that they visit and the e-mail addresses with which they correspond to their Internet service providers; and the books, groceries, and medications they purchase to online retailers.”

Monday’s ruling in Carpenter began to move the court in that direction. It explicitly carves out an exception of sorts from the third-party doctrine for historical CSLI, citing its unusually intrusive nature. “After all, when Smith was decided in 1979, few could have imagined a society in which a phone goes wherever its owner goes, conveying to the wireless carrier not just dialed digits, but a detailed and comprehensive record of the person’s movements,” Roberts wrote.

Roberts explicitly stressed that the court’s ruling was narrow, but the underlying logic seems hard to contain. “Carpenter suggests that the third-party doctrine is less of the bright-line rule that the cases suggest and more of a fact-specific standard,” Orin Kerr, a University of Southern California law professor who specializes in computer law, wrote for Reason. “At the very least, that is going to invite a boatload of litigation on how far this new reasoning goes.”

This isn’t the first time the court has bent past rulings to meet the challenges of the digital age. In Jones, Justice Antonin Scalia wrote a majority opinion in which he found warrantless GPS tracking unconstitutional by citing Entick v. Carrington, a 1765 English court case on trespassing. Justice Samuel Alito scoffed that the court “has chosen to decide this case based on 18th-century tort law.” Scalia was unamused. “That is a distortion,” he wrote. “What we apply is an 18th-century guarantee against unreasonable searches, which we believe must provide at a minimum the degree of protection it afforded when it was adopted.”

In 2014, the justices again took technological changes into account in Riley v. California. Generally speaking, the courts have found that the Fourth Amendment doesn’t stop police from searching suspects during an arrest, citing the need to secure evidence and ensure officer safety. But the court drew a line when it came to searching a suspect’s cell phone under that exception. The immense amounts of personal data on a phone placed it beyond the exception’s scope. “The fact that technology now allows an individual to carry such information in his hand does not make the information any less worthy of the protection for which the Founders fought,” Roberts wrote for a unanimous court.

Previous generations of Supreme Court justices were often too willing to bend the Fourth Amendment when new technologies made it possible. In the 1928 case Olmstead v. United States, the Supreme Court ruled that wiretapping didn’t require a warrant at a time when telephone technology was still relatively new. It took 39 years for the court to reverse course. Roberts and his colleagues have made clear that they’re not eager to make the same mistakes again.