Tag: privacy

Patel: Right Result, Wan Rationale

Making short work of the idea that facial challenges aren’t available under the Fourth Amendment, the Supreme Court ruled today in Los Angeles v. Patel that a city may not require its hotels to turn over their business records without some opportunity for review of the government’s demands. It’s the right result, but the Court was too quiet about its treatment of Fourth Amendment doctrine, and it did not take the opportunity to fully address situations like the case presented, in which the government dragoons private businesses into surveillance on its behalf.

Justice Sotomayor, writing for a 5-4 majority, held: “the provision of the Los Angeles Municipal Code that requires hotel operators to make their registries available to the police on demand is facially unconstitutional because it penalizes them for declining to turn over their records without affording them any opportunity for pre-compliance review.” Justice Scalia led one bloc of dissenters believing it was reasonable to institute this kind of regulation on business owners suspected of no substantive crime because their facilities are sometimes used for crime. Justice Alito dissented as well, arguing that there should be no facial challenge to the statute because constitutional applications of it exist.

Had the stars lined up, the Court might have used the Patel case to address simmering issues around current Fourth Amendment doctrine, as the Cato Institute’s brief for the Court suggested. The Court indeed eschewed the backward “reasonable expectation of privacy” test, which finds that Fourth Amendment interest exists when people reasonably feel that it does. It instead examined whether the government’s scheme was reasonable, which is where the language of the Fourth Amendment focuses courts’ attention. But the Court did not broadcast the inapplicability of “reasonable expectation” doctrine, so most lawyers and lower courts will probably not realize that another in a growing line of cases is applying the Fourth Amendment in a new and better way, by hewing more closely to the text.

Part of the reason the Court didn’t take all the constitutional bait was the unusually narrow challenge the hoteliers brought. They attacked the collection of information by the government, granting for the sake of argument in this case that the government has the power to require them to collect information about their customers for the government’s later use. Had the Court considered the totality of what we called “the warrantless search scheme,” it would have had to assess whether it is reasonable in our constitutional system for private businesses to be dragooned into wholesale, comprehensive surveillance on behalf of the government. That scope might have brought the Court’s conservatives off the sidelines and into defending the degree of privacy against government that existed when the Fourth Amendment was adopted. (Surely, the government couldn’t have conscripted businesses into mass surveillance of the public at the time of the framing.)

Folks who are paying attention will recognize that the “reasonable expectation of privacy” test continues to recede in importance. We will continue to wait, though, for the case that clearly and articulately applies the right against unreasonable seizures and searches to information as such. While Patel is a technical win, some later case or cases will have to truly address how the Fourth Amendment is to be administered in the modern era.

#TakenInByDHS

Are journalists across the nation working to establish a national ID in the United States? Most would object, “Certainly not!”

But in reporting uncritically on the Department of Homeland Security’s claimed deadlines for implementing the U.S. national ID law, many journalists are unwittingly helping impose a system that the federal government may one day use to identify, track, and control every American. Today I’ve started Tweeting about news articles in which this occurs with the hashtag #TakenInByDHS.

Under the terms of the REAL ID Act, which became law more than ten years ago, states were supposed to begin issuing licenses according to federal standards by May of 2008. States that didn’t follow federal mandates would see their residents turned away at airports when the Transportation Security Administration declined their drivers’ licenses and ID cards.

The DHS failed to issue implementing regulations timely, and backed off of the statutory deadline by regulatory fiat. No state was in compliance with REAL ID on deadline, and no state is compliant with REAL ID today. Over the years, the Department of Homeland Security has declared a variety of milestones and deadlines in a fairly impotent effort to bring state driver licensing policy under federal control. Many states have resisted.

The reason for DHS’s impotence is that making good on the threat to prevent Americans from traveling would almost surely backfire. If already unpopular TSA agents began refusing Americans their right to travel, it would be federal bureaucrats and members of Congress getting the blame—not state legislators.

But most state legislators haven’t done this calculation. They are reluctant to create a national ID, and they don’t want to expend taxpayer funds on a program that undercuts their constituents’ privacy. But told of their potential responsibility for bedlam at local airports, they will accede to such things.

OECD Scheme to Boost Taxes on Business Sector Will Hurt Global Economy and Enable Bigger Government

Citing the work of David Burton and Richard Rahn, I warned last July about the dangerous consequences of allowing governments to create a global tax cartel based on the collection and sharing of sensitive personal financial information.

I was focused on the danger to individuals, but it’s also risky to let governments obtain more data from businesses.

Remarkably, even the World Bank acknowledges the downside of giving more information to governments.

Here are some blurbs from the abstract of a new study looking at what happens when companies divulge more data.

Relying on a data set of more than 70,000 firms in 121 countries, the analysis finds that disclosure can be a double-edged sword. …The findings reveal the dark side of voluntary information disclosure: exposing firms to government expropriation.

And here are some additional details from the full report.

…disclosure has important costs in allowing exposure to government expropriation… We show that accounting information disclosure can be detrimental to firm development… Such disclosure allows corrupt bureaucrats to gain access to firm-level information and use it for endogenous harassment. …once firm information is disclosed, the threat of government expropriation is widespread. Information disclosure thus allows rent-seeking bureaucrats to gain access to the disclosed information and use it to extract bribes. …Our paper offers a vivid illustration that an important hindrance to institutional development—here in the form of adopting information disclosure—is government expropriation. …The results are thus supportive of Acemoglu and Johnson (2005) on the overwhelming importance of constraining government expropriation in facilitating economic development.

Yet this doesn’t seem to bother advocates of bigger government.

Good Precedents against NSA Spying

With debate about NSA spying continuing in the Senate, it’s worth looking at some of the historical and modern precedents for protecting our communications and communications data. A few highlights:

  • The earliest precedent for protection of communications in the United States is the treatment of mail. The founders used postal mail to communicate their revolutionary ideas and even to plan their insurrection against the tyranny of King George, so they prioritized protecting the privacy of the mail. In the Act of Feb. 20, 1792, passed a few short years after ratification of the Constitution, the U.S. Congress enshrined protections for mail in the law, creating heavy fines for opening or delaying mail.
  • The Supreme Court confirmed the existence of constitutional protection for postal communications in Ex Parte Jackson. In that 1877 case, the Court described the Fourth Amendment’s guarantees in very interesting and clear language: “Letters and sealed packages … are as fully guarded from examination and inspection, except as to their outward form and weight, as if they were retained by the parties forwarding them in their own domiciles.” Though we place mail in the hands of government agents, the Fourth Amendment protects it like it’s inside our homes.
  • The year Ex Parte Jackson case was decided, both Western Union and the Bell Company began providing voice telephone service. The Supreme Court addressed constitutional protection for phone calls some decades later in 1928. The Olmstead case was wrongly decided, we now know. It found that telephone communications weren’t protected by the Constitution. So the dissents are where to look for precedential language. Justice Brandeis’s famous dissent spoke of the “right to be let alone,” but Justice Butler provided thinking and language that should have more lasting value: “The contracts between telephone companies and users contemplate the private use of the facilities employed in the service,” he wrote. “The communications belong to the parties between whom they pass.” The communications belong to the parties. That’s a fasacinating and important way to think about our communications, as property that we own.

In Holding NSA Spying Illegal, the Second Circuit Treats Data as Property

The U.S. Court of Appeals for the Second Circuit has ruled that section 215 of the USA-PATRIOT Act never authorized the National Security Agency’s collection of all Americans’ phone calling records. It’s pleasing to see the opinion parallel arguments that Randy Barnett and I put forward over the last couple of years.

Two points from different parts of the opinion can help structure our thinking about constitutional protection for communications data and other digital information. Data is property, which can be unconstitutionally seized.

As cases like this often do, the decision spends much time on niceties like standing to sue. In that discussion—finding that the ACLU indeed has legal standing to challenge government collection of its calling data—the court parried the government’s argument that the ACLU suffers no offense until its data is searched.

“The Fourth Amendment protects against unreasonable searches and seizures,” the court emphasized. Data is a thing that can be owned, and when the government takes someone’s data, it is seized.

In this situation, the data is owned jointly by telecommunications companies and their customers. The companies hold it subject to obligations they owe their customers limiting what they can do with it. Think of covenants that run with land. These covenants run with data for the benefit of the customer.

“Just Follow the Damn Constitution”

At a hearing this week on mobile device security, law enforcement representatives argued that technology companies should weaken encryption, such as by installing back doors, so that the government can have easier access to communications. They even chastised companies like Apple and Google for moving to provide consumers better privacy protections.

As an Ars Technica report put it, “lawmakers were not having it.” But a particular lawmaker’s response stands out. It’s the statement of Rep. Ted Lieu (D-CA), one of the few members of Congress with a computer science degree. He also “gets” the structure of power. Lieu articulated why the Fourth Amendment specifically disables government agents’ access to information, and how National Security Agency spying has undercut the interests of law enforcement with its overreaching domestic spying.

Give a listen to Lieu as he chastises the position taken by a district attorney from Suffolk County, MA:

The Fatal Conceit of the “Right to be Forgotten”

Intelligence Squared hosted a lively debate last week over the so-called “Right to be Forgotten” embraced by European courts—which, as tech executive Andrew McLaughlin aptly noted, would be more honestly described as a “right to force others to forget.”  A primary consequence of this “right” thus far has been that citizens are entitled to demand that search engines like Google censor the results that are returned for a search on the person’s name, provided those results are “inadequate, irrelevant, or no longer relevant.”  In other words, if you’re unhappy that an unflattering item—such as a news story—shows up as a prominent result for your name, you can declare it “irrelevant” even if entirely truthful and ask Google to stop showing it as a result for such searches, with ultimate recourse to the courts if the company refuses.  Within two months of the ruling establishing the “right,” the company received more than 70,000 such requests.

Hearteningly, the opponents of importing this “right” to the United States won the debate by a large margin, but it occurred to me that one absolutely essential reason for rejecting this kind of censorship process was only indirectly and obliquely invoked.  As even the defenders of the Right to be Forgotten conceded, it would be inappropriate to allow a person to suppress search results that were of some legitimate public value: Search engines are obligated to honor suppression requests only when linking some piece of truthful information to a person’s name would be embarrassing or harmful to that person without some compensating benefit to those who would recieve the information.  Frequent comparison was made to the familiar legal standards that have been applied to newspapers publishing (lawfully obtained) private information about non-public figures. In those cases, of course, the person seeking to suppress the information is typically opposed in court by the entity publishing the information—such as a newspaper—which is at least in a position to articulate why it believes there is some public interest in that information at the time of publication. 

Pages