Computers, Privacy & the Constitution
How the Death of the Fourth Amendment Could Have Been Avoided

-- By Ava Guo - 04 Mar 2013

With the advent of computers and the internet, this Fourth Amendment right of people “to be secure in their persons” has been chipped away by the courts in an attempt to figure out what warrants protection in cyberspace. The problem with the Fourth Amendment is not that it is inherently incapable of accommodating electronic communications; it is that the courts have been so wrapped up in trying to fit the new world of the internet into an old mold of the physical world that they have completely ignored the uniqueness of cyberspace.

I believe that as drafted, the Fourth Amendment had room to grow; had the courts abided by acknowledgement in Katz v. United States that it protects people, not areas, the “death” of the Fourth Amendment in the Information Age could have been avoided. Instead of comparing electronic communications with speech or telephone calls, the courts should have looked to society’s actual expectations with respect to activities on the internet, and analyzed them under and the “reasonable expectation of privacy” test.

Katz v. United States

In Katz, federal agents taped a microphone to the top of a public pay phone booth that recorded the defendant’s side of his conversations. The court reasoned that the warrantless surveillance of the phone booth was impermissible, and more importantly, noted that the “Fourth Amendment protects people – and not simply “areas” – against unreasonable searches and seizures.” 389 U.S. 347, 352 (1967). This early analysis demonstrates that the Fourth Amendment was perfectly capable of extending its protections beyond physical places to people’s identities in cyberspace. In Justice Harlan’s concurrence, he articulates the “expectation of privacy” test as a twofold requirement. First, the individual must have an actual (subjective) expectation of privacy; and second, that expectation has to be one that society is prepared to recognize as “reasonable.” The Katz formulation has subsequently been adopted in various opinions of the court in relation to telephone calls, letters, electronic communications, and even GPS devices. In as recently as United States v. Jones, 132 S.Ct. 945 (2012), the Court reiterated the importance of Justice Harlan's concurrence as the standard in non-property-based searches and seizures, and emphasized that the Fourth Amendment protects a person's “reasonable expectation of privacy."

The Danger of Analogies

In Hoffa v. United States, the defendant admitted his involvement in criminal activities to someone who turned out to be a government informer. The court held that as a result of this conversation, the defendant had no reasonable expectation of privacy in his communications because he assumed the risk that others may overhear and share it with others. 385 U.S. 293 (1966). Extending this to online communications, the court in State v. Moller held that the defendant had no expectation of privacy in an internet chatroom. 2002 WL 628634 (Ohio Ct. App. 2002). In this case, a police officer posed as a young girl and entered a chatroom for older men. The defendant contacted the officer to arrange a meeting with the “girl” for sexual activities. After defendant was arrested, he challenged the admission of his online communications as a violation of his Fourth Amendment rights. The court reasoned that just like an individual who has a conversation in public and within earshot of others, the defendant assumed the risk when he entered the public chatroom. It may be a subtle distinction to make but rather than comparing the chatroom to a crowded café, the court should have based its decision on the norms and expectations of a public internet chatroom. Indeed, the defendant should have had even less of an expectation of privacy in the chatroom because there is not only a risk that someone could “eavesdrop” on his conversation, but an absolute certainty that anyone else in the chatroom could and would read what he wrote.

Rather than relying on analogies, we could start from scratch and look to what society's expectations are with respect to electronic communications and the electronic storage of data. In doing so, we could be guided by the Katz test and ask: (a) whether the individual has a subjective expectation of privacy; and (b) whether this expectation is one that we are prepared to recognize as reasonable. Much of our rules about third party storage in the real world come from the relationships between the parties and their expectations of privacy stemming from those relationships. For instance, renting a storage unit gives the renter the assurance that any search of the unit itself will require either his/her consent or a warrant. On the other hand, simply storing one's belongings in the apartment of a friend leaves the individual at the mercy of his friend's consent. In both of these situations, the "renter" is the one with ownership rights over the items, but his expectations nevertheless differ from scenario 1 to scenario 2. This is a result of reasonable expectations.

These rules have been ever thus and are now reasonable, beyond serious doubt. Why they should be different with respect to bits than they are with respect to stuff it is very difficult to see and you have in no way argued. It is true that those rules are having profound consequences as people adopt services provided to them in a supposedly "convenient" but indeed very rights-suppressing fashion. But that is not necessarily a reason to change the rules. If our desire to restore Fourth Amendment protection led us to reengineer "cloud services" and restore email to the federated condition it was in before Gmail, so that we all stored our data in a little box under our own bed at home in our own castle, that would be pretty damn fine.

But that's beside the point until we get past where you leave us, which is somehow believing that the analysis ought to come out the other way. Which, if you're going to argue in the next draft, you're going to have to do more work to demonstrate. Why should the expectations of the "real" world not apply to third-party data storage? Why shouldn't we engineer our services differently, in order to hold on to our legal rights, rather than try to make ourselves in some fleeting way more comfortable with sham realities? In truth, of course, data will be stored wherever in the world it is convenient for the business storing the data to put it, and whatever the US legal system says about searching it will make no difference. Why am I trying to change my idea about what is reasonable, in some supposed distinction between the "new" world and the "old," when I ought instead to be reminding myself of the wisdom of putting my "papers and effects" in my own house? This perfectly technically feasible, and would be smarter for every possible reason. Except the reason that smart Google would rather keep it for you, as long as you allow them to extract all the data's peripheral value, without actually "selling" it to anyone. In the end, that is not a good deal for you, even if you managed to recover a scrap or two of your previously-robust constitutional rights.

Word count: 998

Navigation

Webs Webs

r3 - 25 Apr 2013 - 19:45:23 - AvaGuo
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM