Advancing Knowledge

Improving Skills

SCOTUS in the Digital Age's Evolving Concepts of Privacy

Cell towers smallThe 4th Amendment and the Digital Age are set to collide again, this time in the on November 29 when the SCOTUS is to hear arguments in the case of Carpenter v. United States. At issue is the protection against warrantless searches and application of the “third-party” doctrine to cellular phone data. The stakes are high for everyone who has a cell phone, which means just about everybody in the country.


Carpenter brings to the Court the law enforcement practice of requesting various data from cellphone service providers, data which providers routinely keep and store. Law enforcement gets the data through an order under the Stored Communications Act, 18 U.S.C. 2703(d). The standard for issuing such orders is lower than the probable cause standard for search warrants. Orders to turn over data are granted if there are “specific and articulable facts showing that there are reasonable grounds to believe” the data are “relevant and material to an ongoing criminal investigation.” The lower standard is justified in part by the third-party doctrine, which reflects the principle that information voluntarily shared with another person isn’t protected by the 4th Amendment. The doctrine, developed in the 1970’s, works well when applied to things like bank records. But given the sheer volume and nature of the data collected by cellphone service providers (not to mention the purveyors of smartphone apps) the principle seems to many, including Justice Sotomayor, “ill-suited to the digital age.” United States v. Jones, 565 U.S. at 417 (Sotomayor, J., concurring).


The data at issue in Carpenter is cell-site-location- information, or CSLI. CSLI is a continuous record of the cell towers a cell phone connects to in order to send and receive information. It is maintained by the cell companies for a legitimate business purpose; analyzing these data helps the companies measure demand for cell service in certain geographic areas, which drives the decision whether to install additional towers or antennas to handle areas of high volume demand. With the proliferation of smartphones, and by necessity the towers and antennas to handle the massive amounts of data transmitted by them, the ability to locate a specific device has increased to “a level of accuracy that can approach that of GPS”. Amicus Brief of Electronic Frontier Foundation, et al.

Your smartphone is like a high school drama geek, constantly seeking the attention of the cell service, reaching out and connecting to cell towers without any input from you. CSLI includes not just the numbers you call or text, but also data transmitted by apps running in the background that continually send and receive data. Retailers have begun to use this location data to send special offers to targeted phones. Imagine standing in the beer aisle of your local supermarket when your phone alerts you to a text received from the store suggesting you try a specific brew, with the added enticement of $2 off a six-pack via a coupon sent to your phone. The shopper next to you, who didn’t download the supermarket’s app, doesn’t get the same text offer. The supermarket used CSLI to locate you down to the level of where in a store you are pausing to look at what’s on offer.

The argument that CSLI should be protected rests in part on the pervasive nature of the data collected, information that extends beyond our movement in public spaces into heretofore private associations. As Justice Sotomayor said, location information provides a “precise, comprehensive record of a person’s public movements that reflects a wealth of detail about her familial, political, professional, religious, and sexual associations.” Jones.  “[A] person who knows all of another’s travels can deduce whether he is a weekly church goer, a heavy drinker, a regular at the gym, an unfaithful husband, an outpatient receiving medical treatment, an associate of particular individuals or political groups—and not just one such fact about a person, but all such facts.” United States v. Jones, 908 F. Supp. 2d 203 (D.D.C. 2012), quoted in Electronic Frontier Foundation et al. amicus brief.


In Carpenter, and in many other cases, law enforcement has justified receiving these massive amounts of data by invoking the principle that CSLI is voluntarily turned over to service providers by cell phone users, much like telephone numbers dialed on land lines were considered in the 1970’s. Smith v. Maryland, 442 U.S. 735 (1979). Moreover, CSLI is a business record generated, owned and maintained by the service provider, one in which the cell phone user has no reasonable expectation of privacy.

In addition, while CSLI may contain considerable information one wishes was private, that expectation is not legitimate because one knowingly provides that information to the provider to get cell service. In this way, CSLI is not unlike the bank records of checks written and deposits or withdrawals made, which also can reveal associational details of one’s life but have not been protected by the 4th Amendment since at least United States v. Miller, 425 U.S. 435 (1976).

I’m troubled by this argument. How voluntary is this collection of data? Digital data collection intrudes into every aspect of our lives, largely happening without our knowledge, and opting out is difficult if one wants to participate in the full range of civic and commercial life. That is a true Hobson’s choice; you can have any horse in the stable you want as long as it’s this one.

And I don’t think I am alone in being surprised at the sheer volume and nature of the data that is included in CSLI. I had a vague idea that I could be tracked if I dialed my phone, but wasn’t fully aware of the nature of the data collected and that it’s collected at all times. It wasn’t until I attended the National Computer Forensic Institute that I learned the full extent of the digital/cell phone footprint. Empirical research supports my experience. In one study cited in the amicus brief of the Empirical Fourth Amendment Scholars, 73% of respondents answered either “No” (15%) or “I don’t know” (58.5%) when asked whether their cell service provider regularly collected CSLI.  If one doesn’t know what is being collected, how can the collection be voluntary? No doubt, somewhere in the fine print of the cell service contract is a notification of some form of data collection. But to saddle us with the full knowledge of the extent of data collection based on that is, to me, laughably unfair.


I don’t think finding that we have a reasonable expectation of privacy in CSLI requires a wholesale overturning of the third-party doctrine. However, it does require recognizing that the data collected and maintained by service providers is qualitatively different from, say, bank records. Perhaps CSLI should be considered more akin to medical records, and afforded similar protections. Indeed, as suggested by NDAA in its amicus brief, Congress has already gone down the path toward that very thing by creating the procedure for getting an order under 2703(d).  The Court could leave the third-party doctrine intact and still decide that the nature of CSLI is deserving of more robust protections akin to those found in HIPAA. To be sure, this is a difficult needle to thread, as the practical effect would be to invalidate 2703(d) orders, sending Congress back to the drawing board to create a procedure more protective of privacy interests, while requiring search warrants for CSLI in the interim.

The very idea of privacy is evolving in this Digital Age. The notions of what is private is generational; what some in the younger generation are willing to share in the cybersphere puzzles and disturbs older generations. The information collected about us when we take advantage of technological advances sometimes startles and frightens all generations. The Supreme Court now gets to referee those conflicts. I can’t wait to share the result when it makes the call.

Print Email

What People are Saying about Herb's Trainings 

"Again, thank you for your time, knowledge, and efforts to share your experiences.  It was a great 2-days and I wish to learn much more."
Program Specialist assisting in Title IX investigations

"I just wanted to say thank you for such an excellent lecture. It was extremely insightful and definitely had me thinking about how I would begin to form how I would conduct interviews on such a difficult topic. It was nice for me (someone who's never interviewed a victim like that) to go in with no knowledge or bias and be able to completely absorb what you were teaching."
Law enforcement intern and future Law Enforcement Office

"Thank you so much for the really excellent presentation on Tuesday! Our entire team thought it was spot-on content-wise, and you offered it to the participants in a way that was easy for them to understand."
Program director, national TA provider