With all the attention focused on the FCC's upcoming vote to dismantle net neutrality protections, it's easy to have missed an upcoming hearing that has the potential to reshape electronic privacy protection. Today, the Supreme Court is hearing arguments in Carpenter v. United States — and at issue is cellphone tower location data that law enforcement obtained without a warrant.
Defendant Timothy Carpenter, who was convicted as the mastermind behind two years of armed robberies in Michigan and Ohio, has argued that his location data, as gathered by his cell phone service provider, is covered under the Fourth Amendment, which protects citizens against "unreasonable searches and seizures." Thus far, appeals courts have upheld the initial decision that law enforcement didn't need a warrant to acquire this data, so the Supreme Court is now tasked with determining whether this data is deserving of more rigorous privacy protection.
This case has been going on for years, so let's get some background details out of the way. Amy Howe, formerly a reporter and editor for SCOTUSblog, details how law enforcement asked cell phone service providers for details on 16 phone numbers tied to the crimes, including Carpenter's number and that of a co-defendant. That data included months of "cell-site-location information" (CSLI) that shows precise GPS coordinates of cell phone towers plus the date and time that a phone tried to connect to the tower in question. The FBI used this to create a map of where the phone and its owner were at any given time. The FBI received multiple months of data, not just data for the days, and was never asked to produce a warrant.
The FBI's explanation, that the courts have thus far backed up, relies on a legal principle known as the "third-party doctrine." Jennifer Lynch from the Electronic Frontier Foundation explains that the third-party doctrine states that information you voluntarily share with "someone else" isn't protected by the fourth amendment, because third parties aren't legally bound to keep that info you shared with them private. And the definition of "someone else" is quite broad — in this case, the courts view the data that cell phone providers collect as something customers are voluntarily sharing, simply by using their services.
Carpenter has argued that the third-party doctrine was not intended to be applied to things like cell phones. That's largely because the legal backing of the third-party doctrine is based on two Supreme Court cases from the 1970s, years before the first cell phone even went on sale to the public. Simply put, the way courts are ruling on third-party doctrine just doesn't make sense in an age where so much sensitive information is bound up in our cell phones.
There's also a 2012 Supreme Court case that could back up Carpenter's argument. In United States v. Jones, the Supreme Court unanimously ruled that it was a fourth amendment violation to attach a GPS unit to a car without a search warrant. The FBI had planted the GPS onto a car parked on private property and used it to track its position every ten seconds for a full month — that's more granular than the location info you get from a cell phone, but the cases do have some similarities.
After the court's decision, Justice Sonya Sotomayor wrote that the third-party doctrine as "ill suited to the digital age" and expressed her opinion that privacy caselaw was failing to keep up with the rapid changes that smartphones and other technology are making to how we as a society view privacy. "People disclose the phone numbers that they dial or text to their cellular providers, the URLS that they visit and the e-mail addresses with which they correspond to their Internet service providers, and the books, groceries and medications they purchase to online retailers," she wrote. "I would not assume that all information voluntarily disclosed to some member of the public for a limited purpose is, for that reason alone, disentitled to Fourth Amendment protection."
Some of the world's biggest tech companies, including Apple, Facebook, Microsoft, Google, Twitter and even Verizon agree with Sotomayor. In August, a total of 15 companies filed an Amici Curiae brief related to the Carpenter case in which they argue that "fourth amendment doctrine must adapt to the changing realities of the digital era" and that "rigid analog-era rules should yield to consideration of reasonable expectations of privacy in the digital age." Of course, this argument may not win over the Supreme Court, but its ruling in the 2012 GPS case shows that the Justices could be in favor of stronger privacy protection.
Unfortunately for those who believe in expanded privacy rights, lower courts have so far sided with the third-party doctrine when it comes to CSLI. Lynch writes that "five federal appellate courts, in deeply divided opinions, have held that historical CSLI isn't protected by the Fourth Amendment — in large part because the information is collected and stored by third-party service providers." We'll find out soon whether the Supreme Court is ready to break with those past rulings, a move that could lead both to freedom for Timothy Carpenter and a new precedent for privacy in the age of the smartphone.
- This article originally appeared on Engadget.