Tag: privacy

The Second-Day Story on U.S. v. Jones

Does a more careful reading of the Supreme Court’s decision in U.S. v. Jones turn up a lurking victory for the government?

Modern media moves so fast that the second-day story happens in the afternoon of the first. The Supreme Court ruled unanimously Monday morning that government agents conduct a Fourth Amendment search when they place a GPS device on a private vehicle and use it to monitor a suspect’s whereabouts for weeks at a time. Monday afternoon, a couple of commentators suggested that the case is less a win than many thought because it didn’t explicitly rule that a warrant is required to attach a GPS device to a vehicle.

Writing on the Volokh Conspiracy blog, George Washington University law professor Orin Kerr noted “What Jones Does Not Hold.”

The Court declined to reach when the installation of the device is reasonable or unreasonable. … So we actually don’t yet know if a warrant is required to install a GPS device; we just know that the installation of the device is a Fourth Amendment “search.”

And over on Scotusblog, Tom Goldstein found that “The Government Fared Much Better Than Everyone Realizes”:

[D]oes the “search” caused by installing a GPS device require a warrant? The answer may be no, given that no member of the Court squarely concludes it does and four members of the Court (those who join the Alito concurrence) do not believe it constitutes a search at all.

So there is a constitutional search when the government attaches a GPS device to a vehicle, but the Court conspicuously declined to say that such a search requires a warrant. Do we have an “a-ha” moment?

When the Supreme Court granted certiorari in the case, it took the unusual step of adding to the questions it wanted addressed. In addition to “[w]hether the warrantless use of a tracking device on respondent’s vehicle to monitor its movements on public streets violated the Fourth Amendment,” the Court wanted to know “whether the government violated respondent’s Fourth Amendment rights by installing the GPS tracking device on his vehicle without a valid warrant and without his consent.” These are both compound questions, but the dimension added by the second is the Fourth Amendment meaning of attaching a device to a vehicle. The case was about attaching a device to a vehicle, and if the Court didn’t walk through every clause in each of the questions presented, that’s why.

On that central question in the case, the government argued the following: “Attaching the GPS tracking device to respondent’s vehicle was not a search or seizure under the Fourth Amendment.” The government lost, full stop.

Now, it’s true that the Court’s majority opinion didn’t explictly find that the “search” that occurs when attaching and using a GPS device requires a warrant, but look at its characterization of the opinion it affirmed: “The United States Court of Appeals for the District of Columbia Circuit reversed [Jones’s] conviction because of admission of the evidence obtained by warrantless use of the GPS device which, it said, violated the Fourth Amendment.”

The Court did decline to consider the argument that the government might be able to attach a device based on reasonable suspicion or probable cause—that argument was “forfeited” by the government’s failure to raise it in the lower courts—but if the Supreme Court were limiting its holding to the attachment-as-search issue, it would have remanded the case back to the lower courts for further proceedings consistent with the opinion. It did not, and the sensible inference to draw from that is that the general rule applies: a warrant is required in the absence of one of the customary exceptions. Failing to make that explicit was not “opening a door” to a latent government victory. U.S. v. Jones was a unanimous decision rejecting the government’s warrantless use of outré technology to defeat the natural privacy protections provided by law and physics.

At least one serious lawyer I know has raised the point that I address here, and it is a real one, but some in the commentariat are a little too showy with their analysis and far too willing to go looking for a government victory in what is nothing other than a government defeat.

U.S. v. Jones: A Big Privacy Win

The Supreme Court has delivered a big win for privacy in U.S. v. Jones. That’s the case in which government agents placed a GPS device on a car and used it to track a person round-the-clock for four weeks. The question before the Court was whether the government may do this in the absence of a valid warrant. All nine justices say No.

That’s big, important news. The Supreme Court will not allow developments in technology to outstrip constitutional protections the way it did in Olmstead.

Olmstead v. United States was a 1928 decision in which the Court held that there was no Fourth Amendment search or seizure involved in wiretapping because law enforcement made “no entry of the houses or offices of the defendants.” It took 39 years for the Court to revisit that restrictive, property-based ruling and find that Fourth Amendment interests exist outside of buildings. “[T]he Fourth Amendment protects people, not places” went the famous line from Katz v. United States (1967), which has been the lodestar ever since.

For its good outcome, though, Katz has not served the Fourth Amendment and privacy very well. The Cato Institute’s brief argued to the Court that the doctrine arising from Katz “is weak as a rule for deciding cases.” As developed since 1967, “the ‘reasonable expectation of privacy’ test reverses the inquiry required by the Fourth Amendment and biases Fourth Amendment doctrine against privacy.”

Without rejecting Katz and reasonable expectations, the Jones majority returned to property rights as a basis for Fourth Amendment protection. “The Government physically occupied private property for the purpose of obtaining information” when it attached a GPS device to a private vehicle and used it to gather information. This was a search that the government could not conduct without a valid warrant.

The property rationale for deciding the case had the support of five justices, led by Justice Scalia. The other four justices would have used “reasonable expectations” to decide the same way, so they concurred in the judgement but not the decision. They found many flaws in the use of property and “18th-century tort law” to decide the case.

Justice Sotomayor was explicit in supporting both rationales for protecting privacy. With Justice Scalia, she argued, “When the Government physically invades personal property to gather information, a search occurs.” This language—more clear, and using the legal term of art “personal property,” which Justica Scalia did not—would seem to encompass objects like cell phones, the crucial tool we use today to collect, maintain, and transport our digital effects. Justice Sotomayor emphasized in her separate concurrence that the majority did not reject Katz and “reasonable expectations” in using property as the grounds for this decision.

Justice Sotomayor also deserves special notice for mentioning the pernicious third-party doctrine. “[I]t may be necessary to reconsider the premise that an individual has no reasonable expectation of privacy in information voluntarily disclosed to third parties.” The third-party doctrine cuts against our Fourth Amendment interests in information we share with ISPs, email service providers, financial services providers, and so on. Reconsidering it is very necessary.

Justice Alito’s concurrence is no ringing endorsement of the “reasonable expectation of privacy” test. But he and the justices joining him see many problems with applying Justice Scalia’s property rationale as they interpreted it.

Along with the Scalia-authored Kyllo decision of 2001, Jones is a break from precedent. It may seem like a return to the past, but it is also a return to a foundation on which privacy can be more secure.

More commentary here in the coming days and weeks will explore the case’s meaning more fully. Hopefully, more Supreme Court cases in coming years and decades will clarify and improve Fourth Amendment doctrine.

Information Regulation that Hasn’t Worked

When Senator William Proxmire (D-WI) proposed and passed the Fair Credit Reporting Act forty years ago, he almost certainly believed that the law would fix the problems he cited in introducing it. It hasn’t. The bulk of the difficulties he saw in credit reporting still exist today, at least to hear consumer advocates tell it.

Advocates of sweeping privacy legislation and other regulation of the information economy would do well to heed the lessons offered by the FCRA. Top-down federal regulation isn’t up to the task of designing the information society. That’s the upshot of my new Policy Analysis, “Reputation under Regulation: The Fair Credit Reporting Act at 40 and Lessons for the Internet Privacy Debate.” In it, I compare Senator Proxmire’s goals for the credit reporting industry when he introduced the FCRA in 1969 against the results of the law today. Most of the problems that existed then persist today. Some problems with credit reporting have abated and some new problems have emerged.

Credit reporting is a complicated information business. Challenges come from identity issues, judgments about biography, and the many nuances of fairness. But credit reporting is simple compared to today’s expanding and shifting information environment.

“Experience with the Fair Credit Reporting Act counsels caution with respect to regulating information businesses,” I write in the paper. “The federal legislators, regulators, and consumer advocates who echo Senator Proxmire’s earnest desire to help do not necessarily know how to solve these problems any better than he did.”

Management of the information economy should be left to the people who are together building it and using it, not to government authorities. This is not because information collection, processing, and use are free of problems, but because regulation is ill-equipped to solve them.

U.S. v. Jones: The Court’s Search for a Rationale

I attended the Supreme Court’s oral argument in U.S. v. Jones today, the case dealing with the Fourth Amendment constitutionality of using GPS to track individuals’ movements without a warrant. Predicting outcomes is fraught, and you’re getting your money’s worth from the following free observations.

It seemed to me that most members of the Court want to rule that the government does not have free reign to attach GPS devices to cars. Justices Kennedy, Breyer, and Sotomayor, for example, noted the vast consequences if the government were to win the case. Law enforcement could attach tracking devices to people’s overcoats, for example, and monitor their movements throughout society without implicating the Fourth Amendment. Voluble as he often is, Justice Scalia did not say that the Fourth Amendment doesn’t reach GPS because GPS data wasn’t around for the Framers to insulate from government access.

Justice Alito’s thinking seemed to venture the furthest. He noted how insufficient it would be if the Court were to decide the case based on the narrow ground that attaching a GPS device to a car is an unreasonable seizure. Doing so would not account for the vast amount of personal data the government might access without attaching something to a car, clothing, or other property. If not in this case, the Court will soon have to face the (pernicious) third-party doctrine, which holds that a person has no Fourth Amendment interests in information shared with others.

If the Court desires to rule against the government, the one thing it lacks is a rationale for doing so. When it was time for Jones’s counsel to argue, the Justices seemed frustrated not to have a principle on which to base a decision.

Justice Scalia early-on declared his concern with GPS tracking and his dismay that the “reasonable expectation of privacy” test from Katz v. United States (1967) might shrink the zone of privacy the Framers sought to protect in the Fourth Amendment. But he later retreated into a sort of catch-all posture: the Congress can control GPS tracking if it wants. (Jones’s counsel cleverly suggested that there were 535 reasons not to do that.)

Other Justices’ questions danced awkwardly with the “reasonable expectation of privacy” test. Justice Kennedy was equivocal once about whether it would apply. Chief Justice Roberts seemed acutely aware of the Court’s incompetence to make judgments of such broad societal sweep. This is for good reason: there is no way to determine what society thinks, or what is “reasonable” in terms of privacy, when new technologies are applied new ways.

The solution to this conundrum can be found in the Cato Institute’s amicus brief in the Jones case. The Court should not use the “reasonable expectation of privacy” test from Justice Harlan’s Katz concurrence. Rather, it should follow the majority holding, which accorded Fourth Amendment protection to information that Katz had kept private using physical and legal arrangements. The government stands in the same shoes as the general public when it comes to private information—that is, information that can’t be accessed legally or with ordinary perception. When the government accesses information that was otherwise private, those searches and seizures must be reasonable and must almost always be based upon a warrant.

This way of administering the Fourth Amendment is not a snap of the fingers. There will be details to hash out when the Court eventually finds that having a Fourth Amendment interest in information turns on a factual question: whether someone has concealed information about him- or herself.

The biggest impediment to adoption of this rule may be getting lawyers to realize that “reasonable expectation of” is not a prefix required every time they use the word “privacy.”

I Told Ya So

The Children’s Online Privacy Protection Act became law just over thirteen years ago, passed in the name of protecting children online. It imposes various obligations on Web sites providing content to children thirteen and under.

So? How’s it doing?

danah boyd (she doesn’t capitalize her name) is a skilled researcher into the worlds of social media, youth practices, “public” and “private,” social networking, and other intersections between technology and society. In a Huffington Post article published this week, she reveals conclusions from her research into COPPA and its results. Here are some choice lines from “Why Parents Help Tweens Violate Facebook’s 13+ Rule”:

COPPA is a well-intentioned piece of legislation with unintended consequences for parents, educators, and the public writ large. It has stifled innovation for sites focused on children and its implementations have made parenting more challenging. …

Rather than reinforcing or extending a legal regime that produces age-based restrictions which parents actively circumvent, we need to step back and rethink the underlying goals behind COPPA and develop new ways of achieving them. This begins with a public conversation about what it means to parent in a digital world.

That is a non-libertarian’s research-based conclusion about the COPPA law and its poor fit between means and ends—using federal Internet regulation to protect children. It echoes the words of a report issued a decade ago finding that the White House Web site had violated a Clinton administration policy applying COPPA to federal Web sites.

The difficulty of applying the Children’s Online Privacy Protection Act to just one leading federal Web site … shows how governments rob people of power over information about themselves and their children. It also suggests that future privacy laws and regulations should be studied much more carefully before being put into effect. On government or private-sector Web sites, they can be deeply burdensome and have dramatic unintended effects.

That’s yours truly in a report entitled “Making the Rules, Breaking the Rules: How the “White House for Kids” Web Site Violates Federal Privacy Policy.” The report helped generate a USA Today editorial, which in turn drew a response from White House Chief of Staff John Podesta. Pretty good for a kid trying to break in the debate about privacy policy.

boyd’s research has borne out what this student of privacy told you a decade ago: Policymakers don’t know enough about society to decide how the manifold interests people pursue online can properly be protected. We have parents for that.

Our free society should decide how the Internet works and how people communicate on it.

Biometrics Collection = Risk Creation

Why shouldn’t the government collect biometric data unless absolutely necessary? Things like this can happen to it:

The stolen database contained the name, date of birth, national identification number, and family members of 9 million Israelis, living and dead. More alarmingly, the database contained information on the birth parents of hundreds of thousands of adopted Israelis—including children—and detailed health information on individual citizens.

It’s a good, short write-up from Fast Company. Read the whole thing and pass it along.

Will GPS Tracking Render the Fourth Amendment Quaint?

If the government put a GPS monitor on your car and used it to track every vehicular movement of yours for four weeks, do you think that would violate your Fourth Amendment rights? The government would like to be able to do that kind of thing without getting a warrant, and the Supreme Court will soon decide whether it can.

On November 8th, the Court will hear oral argument in U.S. v. Jones. Yours truly was the lead author of Cato’s amicus brief in the case, which may have a significant effect on how Fourth Amendment law intersects with new information technologies for decades to come.

In 2004, suspecting that Antoine Jones was dealing drugs, the FBI secretly attached a GPS tracking device to his car without a valid warrant. The FBI used this device to monitor and record the car’s movements, noting its location every ten seconds when it was in motion, for nearly a month before finally arresting Jones. The U.S. Court of Appeals for the D.C. Circuit found that the FBI’s action was unconstitutional because it violated Jones’s “reasonable expectation of privacy”—the two-part Fourth Amendment standard developed in the landmark case of Katz v. United States. Though he traveled on public roads, the totality of his movements was available to nobody and thus was private.

Our brief argues that the government’s conversion of Jones’s vehicle into a surveillance device was an unreasonable seizure under the Fourth Amendment. Even though he didn’t lose a “possessory” interest in his car, the government invaded Jones’s various property rights, including the right to exclude, the right to manage, the right to use, and the right to the profits. Similarly, using his car to collect detailed data on his movements over this extended period without getting a warrant was an unreasonable search. The data reflecting his movements would never have come into existence without the government attaching its GPS device to his car. These are tough, interesting issues arising in the new circumstances created by information technology.

We spent as much time in the brief on the “reasonable expectations of privacy” test. The product of one Justice’s lone concurrence in the Katz case, it holds that if a person has an actual (subjective) expectation of privacy and that expectation is one society is prepared to accept, then the Fourth Amendment protects the object of that expectation.

Courts have never faithfully applied this test, and for good reason: it’s a doctrinal mess that reverses the Fourth Amendment’s focus. Courts have second-guessed what the citizenry thinks in terms of privacy rather than examining government action to see if it is reasonable. Under “reasonable expectations” doctrine, things that are left in plain view are always available to the government while things that are hidden—well, the Court will look to see whether keeping it private comports with “reasonable expectations.”

The majority ruling in Katz rested on physical and legal protection that Katz had given to the sound of his voice when he entered a telephone booth. Because Katz had secured the privacy of his conversation, the government wasn’t allowed to access it using a wiretap—not without a warrant. That’s the rule the Court should apply here. The government can’t use uncommon surveillance technology to access private information, including private information about things that happened “in public,” without a valid warrant.

With information technology still rapidly increasing in power, it is critically important that the Supreme Court update Fourth Amendment law while maintaining its consistency with ancient property principles. Doing so will ensure that technology doesn’t render the Fourth Amendment’s protections for our “persons, papers, houses, and effects” quaint.

You can read more, and our brief, on the Cato.org page about U.S. v. Jones.