Does the Government Require Your Hotel to Spy on You?

If you’re a privacy conscious traveler, you may have wondered from time to time why hotels ask for ID when you check in, or why they ask you to give them the make and model of your car and other information that isn’t essential to the transaction. What’s the ID-checking for? There’s never been a problem with fraudsters checking into hotels under others’ reservations, paying for the privilege to do so…

Well, in many jurisdictions around the country, that information-gathering is mandated by law. Local ordinances require hotels, motels, and other lodgers (such as AirBnB hosts), to collect this information and keep it on hand. These laws also require that the information be made available to the police on request, for any reason or no reason, without a warrant.

That’s the case in Los Angeles, which not only requires this data retention about hotel guests for law enforcement to access at will or whim. It also requires hoteliers to check a government-issued ID from guests that pay cash.

Open access to hotel records may have been innocuous enough in the early years of travel and lodging. Reading through hotel registers was a social sport among the wealthy, who could afford long-distance travel and lodging. Today, tourism is available to the masses, and hotel records enjoy tighter privacy protections. Most people would quit a hotel that left their information open to the public, and many would be surprised that hoteliers’ records are open to law enforcement collection and review without any legal process.

In City of Los Angeles v. Patel, which will be argued in the Supreme Court March 3rd, a group of hoteliers have challenged the city’s ordinance requiring them to hand over customer data whenever a police officer wants it. After losing in the District Court and in their first appearance before the Ninth Circuit Court of Appeals, the hoteliers won when an en banc panel of the Ninth Circuit found that it was unreasonable (and thus unconstitutional) for the statute to require hoteliers to turn over their records without giving them an opportunity to challenge law enforcement’s discretion.

In our brief to the Court supporting the hoteliers, we make some points that we hope will strengthen Fourth Amendment case law. As we’ve done in many prior briefs, we discourage the Court from applying the “reasonable expectation of privacy” test. “Reasonable expectations” doctrine is a contortion of the Fourth Amendment that springs from one concurrence in a 1967 case. Rather than estimating whether hoteliers have a “privacy expectation” in their records, we invite the Court to adhere to the Fourth Amendment’s language and determine whether the the right of Los Angeles hoteliers “to be secure in their persons, houses, papers, and effects” is protected by a statute that permits any search of their records law enforcement should want.

The question is not whether private parties’ privacy expectations are reasonable. The Fourth Amendment asks whether government agents’ searches and seizures are reasonable.

The petitions submitted by the City of Los Angeles and the U.S. government both treat the idea of “frequent, unannounced inspections” as a virtue of the statute. According to the government parties, innocent business owners, who are not suspects of any crime, should be subject to routine surprise inspections by government agents to make sure that they are performing surveillance of their guests for the government.

There is some precedent for warrantless searches of businesses under the “administrative search” doctrine. If warrantless searches of pervasively regulated businesses are reasonable at all, the doctrine has never been applied when the search is for evidence of wrongdoing by someone other than the party searched. It may be reasonable to search auto dismantlers because of the propensity to possession of stolen cars and car parts in that line of business. It is not reasonable to search hoteliers because some of their customers may use drugs or participate in prostitution.

There would be no end to it if the government were allowed to require businesses to perform surveillance on its behalf. Banks could be made to collect and turn over sensitive financial information about customers. The phone company could be made to turn over information about Americans’ calling behavior. The list goes on.

If you’re privacy conscious, of course, you recognize that the federal government already does require banks to turn over sensitive financial information about non-suspect Americans. The government collects phone calling records about as many Americans as it can every day, all without probable cause or a warrant. This is because of a key pair of Supreme Court cases ratifying Bank Secrecy Act requirements on banks to report information about their customers.

The case of California Bankers Association v. Schultz (1974) could be treated as a precedent suggesting that the Los Angeles law is valid. Our brief shows that it is not, as the Court did not carefully consider the Fourth Amendment rights of businesses in that case. To the extent California Bankers and its companion case, United States v. Miller, suggest that businesses can constitutionally be conscripted into spying on their customers, they deserve reconsideration.

This was something Justice Sonia Sotomayor directly suggested in her concurrence with the majority’s decision in United States v. Jones (2012), which struck down warrantless tracking of automobiles using GPS devices.

[I]t may be necessary to reconsider the premise that an individual has no reasonable expectation of privacy in information voluntarily disclosed to third parties. This approach is ill suited to the digital age, in which people reveal a great deal of information about themselves to third parties in the course of carrying out mundane tasks. People disclose the phone numbers that they dial or text to their cellular providers; the URLs that they visit and the e-mail addresses with which they correspond to their Internet service providers; and the books, groceries, and medications they purchase to online retailers.

The Court should revisit the third-party doctrine and the “reasonable expectation of privacy test,” which produced it. I’ll update you here, of course, about developments in the Patel case.