Computers, Privacy & the Constitution

View   r2  >  r1  ...
RebeccaBonnevieFirstPaper 2 - 16 Apr 2018 - Main.RebeccaBonnevie
Line: 1 to 1
 
META TOPICPARENT name="FirstPaper"
Line: 14 to 14
 In his dissent Justice Marshal rejected the idea that privacy is binary, that once a secret has been told to one person it is told to the world. He says that even assuming the individuals know the company monitors the calls dialed for internal reasons does not follow that they expect this information to be made available to the public in general or government in particular. He also clashed with the majority idea that information had been voluntarily given up to a third party. He says that the decision is only voluntary if you have a choice and that it is incorrect to talk about assuming risks in contexts where there is no realistic alternative.

Why the third party doctrine no longer works in 2018: changing societal norms

Changed:
<
<
Today’s citizen puts a remarkable quantity/quality of details into the hands of private companies. The Government can aggregate discrete pieces of information from different companies to make a bigger picture. Some of the information companies hold about you isn’t even considered your information. [[[https://nakedsecurity.sophos.com/2018/04/13/facebook-shines-a-little-light-on-shadow-profiles/] ][“Shadow profiles”]] held by Facebook contain information about you uploaded by third parties.
>
>
Today’s citizen puts a remarkable quantity/quality of details into the hands of private companies. The Government can aggregate discrete pieces of information from different companies to make a bigger picture. Some of the information companies hold about you isn’t even considered your information. “Shadow profiles” held by Facebook contain information about you uploaded by third parties and as such are not considered information owned by you.
 

Giving up data is no longer a voluntary act (to a certain extent)

The third party doctrine was limited in in an analog world. Giving information to a third party involved a positive act – either appearing in public or voluntarily speaking information to the third party. Thoughts and reading materials were kept in private unless volunteered. Today is the inverse, keeping data private requires the positive acts. If one operates in a "default" world everything is tracked and logged. Mobile phones connect to cell towers giving to third parties your approximate location, our presence in public is recorded by cameras, and (in the general public's default world) one's movements on the internet, shopping habits, and reading materials are all logged. There is no realistic alternative to avoid some of these collections.
Line: 24 to 24
 In Google Spain v. Costeja the European Court of Justice upheld a person’s “right to be forgotten”. This is actually limited in application as it removes the data from being revealed in a Google search rather than deleting it.
Changed:
<
<
In the US the right to be forgotten comes into conflict with the First Amendment – the right to be forgotten is seen as a form of censorship. An exception to this is [[https://www.dataprotectionreport.com/2015/01/california-enacts-right-to-be-forgotten-for-minors/ ][California’s “online eraser” statute] enacted in 2015. Minors can request their posts be deleted but this has some major limitations – the information might be hidden from the public but remain on a server, and the platform is not required to remove something posted by a third party about the minor including where a third party reposted the minor’s post.
>
>
In the US the right to be forgotten comes into conflict with the First Amendment – the right to be forgotten is seen as a form of censorship. An exception to this is California’s “online eraser” statute enacted in 2015. Minors can request their posts be deleted but this has some major limitations – the information might be hidden from the public but remain on a server, and the platform is not required to remove something posted by a third party about the minor including where a third party reposted the minor’s post.
 The most effective way to remove information from the internet is actually to copyright it and request it to be taken down. Recently a [[http://www.bbc.com/news/technology-43581619 ][woman was forced to copyright her naked body] to obtain control of an explicit video in a revenge porn case.

Will the third party doctrine change?


RebeccaBonnevieFirstPaper 1 - 16 Apr 2018 - Main.RebeccaBonnevie
Line: 1 to 1
Added:
>
>
META TOPICPARENT name="FirstPaper"

It is Time to Make the “Crazy Quilt” of the Fourth Amendment

-- By RebeccaBonnevie - 16 Apr 2018

In Smith v. Maryland Justice Blackmun said the Court was not inclined to make a “crazy quilt” of the Fourth Amendment. I submit it is time to make the quilt. If we agree that privacy is something that society should value the third party doctrine needs to be amended to reflect the number of private corporations we interact with.

The Third Party Doctrine

The third party doctrine says a person has no reasonable expectation of privacy in data they have turned over to a third party. This means if information has been passed to a third party the Fourth Amendment protections do not apply and a warrant is not required to access the data. Smith v. Maryland is the judicial expression of third party doctrine. Applying the Katz privacy test the Supreme Court found that the Smith knew that the phone company was collecting numbers that were being connected to the home and therefore there is no expectation of privacy in this information. In his dissent Justice Marshal rejected the idea that privacy is binary, that once a secret has been told to one person it is told to the world. He says that even assuming the individuals know the company monitors the calls dialed for internal reasons does not follow that they expect this information to be made available to the public in general or government in particular. He also clashed with the majority idea that information had been voluntarily given up to a third party. He says that the decision is only voluntary if you have a choice and that it is incorrect to talk about assuming risks in contexts where there is no realistic alternative.

Why the third party doctrine no longer works in 2018: changing societal norms

Today’s citizen puts a remarkable quantity/quality of details into the hands of private companies. The Government can aggregate discrete pieces of information from different companies to make a bigger picture. Some of the information companies hold about you isn’t even considered your information. [[[https://nakedsecurity.sophos.com/2018/04/13/facebook-shines-a-little-light-on-shadow-profiles/] ][“Shadow profiles”]] held by Facebook contain information about you uploaded by third parties.

Giving up data is no longer a voluntary act (to a certain extent)

The third party doctrine was limited in in an analog world. Giving information to a third party involved a positive act – either appearing in public or voluntarily speaking information to the third party. Thoughts and reading materials were kept in private unless volunteered. Today is the inverse, keeping data private requires the positive acts. If one operates in a "default" world everything is tracked and logged. Mobile phones connect to cell towers giving to third parties your approximate location, our presence in public is recorded by cameras, and (in the general public's default world) one's movements on the internet, shopping habits, and reading materials are all logged. There is no realistic alternative to avoid some of these collections.

Counteracting the time machine effect: can we force it to forget?

In her U.S. v. Jones concurrence Justice Sotomayor observed the time machine effect: the government could store records and effectively mine them for information years into the future. The third party doctrine, she said, is ill suited to the digital age. Once data has been handed over there are very few situations where it can be retrieved.

In Google Spain v. Costeja the European Court of Justice upheld a person’s “right to be forgotten”. This is actually limited in application as it removes the data from being revealed in a Google search rather than deleting it.

In the US the right to be forgotten comes into conflict with the First Amendment – the right to be forgotten is seen as a form of censorship. An exception to this is [[https://www.dataprotectionreport.com/2015/01/california-enacts-right-to-be-forgotten-for-minors/ ][California’s “online eraser” statute] enacted in 2015. Minors can request their posts be deleted but this has some major limitations – the information might be hidden from the public but remain on a server, and the platform is not required to remove something posted by a third party about the minor including where a third party reposted the minor’s post. The most effective way to remove information from the internet is actually to copyright it and request it to be taken down. Recently a [[http://www.bbc.com/news/technology-43581619 ][woman was forced to copyright her naked body] to obtain control of an explicit video in a revenge porn case.

Will the third party doctrine change?

The Supreme Court is currently considering Carpenter v. US which concerns a warrantless search of cellphone location data justified in part by the third party doctrine. This case and the recent Cambridge Analytica saga have highlighted for the public how much data they give to third parties – voluntarily or involuntarily.

I submit the circumstances are right for the Court to redefine the third party doctrine. In her concurrence in Jones Justice Sotomayor says “it may be necessary to reconsider the premise that an individual has no reasonable expectation of privacy in information voluntarily disclosed to third parties.” I submit it is necessary and it is the Supreme Court’s opportunity to do so in the judgment on Carpenter. Reframing the third party doctrine would be a bold and dramatic move, but leaving this to Congress appears to be an acceptance of the status quo. Oral arguments in that case revealed little by way of legal doctrines. It seems that a majority of justices would be prepared to rule that the Fourth Amendment does not allow for the warrantless search and seizure of historical cell phone data, but the theories that justify the conclusion may vary.

An interesting question remains, if Carpenter results in a change to the third party doctrine, will there be a response by the political branches?



Revision 2r2 - 16 Apr 2018 - 19:47:45 - RebeccaBonnevie
Revision 1r1 - 16 Apr 2018 - 14:30:17 - RebeccaBonnevie
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM