|
AvaGuoFirstPaper 5 - 12 May 2013 - Main.EbenMoglen
|
| |
| META TOPICPARENT | name="FirstPaper" |
|---|
How the Fourth Amendment Could Be Revived | | | In a world in which personal best efforts to protect private information is insufficient because we have to interact with others who do not do the same, it is up to the courts to revive the Fourth Amendment to protect what are and should be reasonable expectations in the new technological world. | |
>
> |
This is meaningless not-analysis. In response to my criticism of the
last draft, you simply decided to ignore what I said and
re-establish your argument on the same basis using different words.
The Fourth Amendment, you say again, should be understood to reflect
not "the artificial reason of the law," but whatever dumb shit
uninformed people think about "privacy." That isn't how the
constitutional law of search and seizure worked before, and it isn't
how it's going to work now. The "reasonable expectation of privacy"
bootstrap works against popular ideas of privacy, by giving judges
the power to hold that the dumb shit people actually believe, by not
being reasonable, isn't law. Which is what, in case after case, they do.
Here you tried again to make subjective popular belief the sole
basis on which you are going to treat bits stored in a third-party
location to which the operator has constant unlimited access
differently than physical "papers and effects" stored on the same
terms. This isn't legal analysis, this is ignoring applicable law.
The question you need to answer is the question you ducked in this
draft: what is the legal reason to treat bits differently than
not-bits given the existing law of search and seizure with respect
to third-party control?
| | | Word count: 985 |
|
|
AvaGuoFirstPaper 4 - 25 Apr 2013 - Main.AvaGuo
|
| |
| META TOPICPARENT | name="FirstPaper" |
|---|
| |
<
< | How the Death of the Fourth Amendment Could Have Been Avoided | >
> | How the Fourth Amendment Could Be Revived | | | -- By Ava Guo - 04 Mar 2013 | |
<
< | With the advent of computers and the internet, this Fourth Amendment right of people “to be secure in their persons” has been chipped away by the courts in an attempt to figure out what warrants protection in cyberspace. The problem with the Fourth Amendment is not that it is inherently incapable of accommodating electronic communications; it is that the courts have been so wrapped up in trying to fit the new world of the internet into an old mold of the physical world that they have completely ignored the uniqueness of cyberspace.
I believe that as drafted, the Fourth Amendment had room to grow; had the courts abided by acknowledgement in Katz v. United States that it protects people, not areas, the “death” of the Fourth Amendment in the Information Age could have been avoided. Instead of comparing electronic communications with speech or telephone calls, the courts should have looked to society’s actual expectations with respect to activities on the internet, and analyzed them under and the “reasonable expectation of privacy” test. | >
> | With the advent of computers and the internet, this Fourth Amendment right of people “to be secure in their persons” has been chipped away by the courts in an attempt to figure out what warrants protection in cyberspace. The problem with the Fourth Amendment is not that it is inherently incapable of accommodating electronic communications; it is that the courts have been so wrapped up in trying to fit the new world of the internet into an old mold of the physical world that they have completely ignored the uniqueness of cyberspace. I believe that as drafted, the Fourth Amendment had room to grow and could be revived. Instead of comparing electronic communications with speech or telephone calls, the courts should have looked to society’s actual expectations with respect to activities on the internet, and analyzed them under and the “reasonable expectation of privacy” test. | | | Katz v. United States
In Katz, federal agents taped a microphone to the top of a public pay phone booth that recorded the defendant’s side of his conversations. The court reasoned that the warrantless surveillance of the phone booth was impermissible, and more importantly, noted that the “Fourth Amendment protects people – and not simply “areas” – against unreasonable searches and seizures.” 389 U.S. 347, 352 (1967). This early analysis demonstrates that the Fourth Amendment was perfectly capable of extending its protections beyond physical places to people’s identities in cyberspace. In Justice Harlan’s concurrence, he articulates the “expectation of privacy” test as a twofold requirement. First, the individual must have an actual (subjective) expectation of privacy; and second, that expectation has to be one that society is prepared to recognize as “reasonable.” The Katz formulation has subsequently been adopted in various opinions of the court in relation to telephone calls, letters, electronic communications, and even GPS devices. In as recently as United States v. Jones, 132 S.Ct. 945 (2012), the Court reiterated the importance of Justice Harlan's concurrence as the standard in non-property-based searches and seizures, and emphasized that the Fourth Amendment protects a person's “reasonable expectation of privacy." | |
<
< | The Danger of Analogies | >
> | Old and New Reasonable Expectations of Privacy | | | In Hoffa v. United States, the defendant admitted his involvement in criminal activities to someone who turned out to be a government informer. The court held that as a result of this conversation, the defendant had no reasonable expectation of privacy in his communications because he assumed the risk that others may overhear and share it with others. 385 U.S. 293 (1966). Extending this to online communications, the court in State v. Moller held that the defendant had no expectation of privacy in an internet chatroom. 2002 WL 628634 (Ohio Ct. App. 2002). In this case, a police officer posed as a young girl and entered a chatroom for older men. The defendant contacted the officer to arrange a meeting with the “girl” for sexual activities. After defendant was arrested, he challenged the admission of his online communications as a violation of his Fourth Amendment rights. The court reasoned that just like an individual who has a conversation in public and within earshot of others, the defendant assumed the risk when he entered the public chatroom. It may be a subtle distinction to make but rather than comparing the chatroom to a crowded café, the court should have based its decision on the norms and expectations of a public internet chatroom. Indeed, the defendant should have had even less of an expectation of privacy in the chatroom because there is not only a risk that someone could “eavesdrop” on his conversation, but an absolute certainty that anyone else in the chatroom could and would read what he wrote. | |
<
< | Rather than relying on analogies, we could start from scratch and look to what society's expectations are with respect to electronic communications and the electronic storage of data. In doing so, we could be guided by the Katz test and ask: (a) whether the individual has a subjective expectation of privacy; and (b) whether this expectation is one that we are prepared to recognize as reasonable. Much of our rules about third party storage in the real world come from the relationships between the parties and their expectations of privacy stemming from those relationships. For instance, renting a storage unit gives the renter the assurance that any search of the unit itself will require either his/her consent or a warrant. On the other hand, simply storing one's belongings in the apartment of a friend leaves the individual at the mercy of his friend's consent. In both of these situations, the "renter" is the one with ownership rights over the items, but his expectations nevertheless differ from scenario 1 to scenario 2. This is a result of reasonable expectations.
These rules have been ever thus and are now reasonable, beyond
serious doubt. Why they should be different with respect to bits
than they are with respect to stuff it is very difficult to see
and you have in no way argued. It is true that those rules are
having profound consequences as people adopt services provided to
them in a supposedly "convenient" but indeed very
rights-suppressing fashion. But that is not necessarily a reason
to change the rules. If our desire to restore Fourth Amendment
protection led us to reengineer "cloud services" and restore
email to the federated condition it was in before Gmail, so that
we all stored our data in a little box under our own bed at home
in our own castle, that would be pretty damn fine.
But that's beside the point until we get past where you leave us,
which is somehow believing that the analysis ought to come out the
other way. Which, if you're going to argue in the next draft,
you're going to have to do more work to demonstrate. Why should the
expectations of the "real" world not apply to third-party data
storage? Why shouldn't we engineer our services differently, in
order to hold on to our legal rights, rather than try to make
ourselves in some fleeting way more comfortable with sham realities?
In truth, of course, data will be stored wherever in the world it is
convenient for the business storing the data to put it, and whatever
the US legal system says about searching it will make no difference.
Why am I trying to change my idea about what is reasonable, in some
supposed distinction between the "new" world and the "old," when I
ought instead to be reminding myself of the wisdom of putting my
"papers and effects" in my own house? This perfectly technically
feasible, and would be smarter for every possible reason. Except
the reason that smart Google would rather keep it for you, as long
as you allow them to extract all the data's peripheral value,
without actually "selling" it to anyone. In the end, that is not a
good deal for you, even if you managed to recover a scrap or two of
your previously-robust constitutional rights. | >
> | Rather than relying on analogies, we could start from scratch and look to what society's expectations are with respect to electronic communications and the electronic storage of data. In doing so, we could use the Katz test as a guide and ask: (a) whether the individual has a subjective expectation of privacy; and (b) whether this expectation is one that we are prepared to recognize as reasonable. Much of our rules about third party storage in the real world come from the relationships between the parties and their expectations of privacy stemming from those relationships. For instance, renting a storage unit gives the renter the assurance that any search of the unit itself will require either his/her consent or a warrant. On the other hand, simply storing one's belongings in the apartment of a friend leaves the individual at the mercy of his friend's consent. In both of these situations, the "renter" is the one with ownership rights over the items, but his expectations of privacy nevertheless differ from scenario 1 to scenario 2, and reasonably so. With respect to e-mails, we can begin by asking: is our relationship with our e-mail providers more like the one we would have with storage rental companies or the one we have with our friends' basements? My intuition is that it is the former - while individuals may expect e-mail providers to give over a list of their subscribers and their corresponding IP addresses to the government (much like how a rental company would give over their list of customers), they would not expect the providers to hand over the actual contents of their e-mails without a warrant (much like the physical items they stored). The fact that there is no physical place we can point to should not doom this analysis - it is not too late for the courts to turn its claims that the Fourth Amendment protects people, not places, into more than rhetoric. | | | | |
<
< | | >
> | In a world in which personal best efforts to protect private information is insufficient because we have to interact with others who do not do the same, it is up to the courts to revive the Fourth Amendment to protect what are and should be reasonable expectations in the new technological world. | | | | |
<
< | Word count: 998 | >
> | Word count: 985 | | | |
|
|
AvaGuoFirstPaper 3 - 25 Apr 2013 - Main.AvaGuo
|
| |
| META TOPICPARENT | name="FirstPaper" |
|---|
How the Death of the Fourth Amendment Could Have Been Avoided | | | With the advent of computers and the internet, this Fourth Amendment right of people “to be secure in their persons” has been chipped away by the courts in an attempt to figure out what warrants protection in cyberspace. The problem with the Fourth Amendment is not that it is inherently incapable of accommodating electronic communications; it is that the courts have been so wrapped up in trying to fit the new world of the internet into an old mold of the physical world that they have completely ignored the uniqueness of cyberspace. | |
<
< | But the old world
hasn't gone anywhere. And in it, those rules were being "chipped
away" much faster. In the US I grew up in, no one thought it was
constitutional to roadblock traffic or go through everyone's bag at
the airport. I don't know how, in view of the erosion of those
certainties in the "old" world, we can be so sure that any of what
we're talking about has to do with a confusion introduced by
treating the "new" world like the "old" one. That should have had
better results than the ones we experienced.
| | | I believe that as drafted, the Fourth Amendment had room to grow; had the courts abided by acknowledgement in Katz v. United States that it protects people, not areas, the “death” of the Fourth Amendment in the Information Age could have been avoided. Instead of comparing electronic communications with speech or telephone calls, the courts should have looked to society’s actual expectations with respect to activities on the internet, and analyzed them under and the “reasonable expectation of privacy” test.
Katz v. United States | |
<
< | In Katz, federal agents taped a microphone to the top of a public pay phone booth that recorded the defendant’s side of his conversations. The court reasoned that the warrantless surveillance of the phone booth was impermissible, and more importantly, noted that the “Fourth Amendment protects people – and not simply “areas” – against unreasonable searches and seizures.” 389 U.S. 347, 352 (1967). This early analysis demonstrates that the Fourth Amendment was perfectly capable of extending its protections beyond physical places to people’s identities in cyberspace. In Justice Harlan’s concurrence, he articulates the “expectation of privacy” test as a twofold requirement. First, the individual must have an actual (subjective) expectation of privacy; and second, that expectation has to be one that society is prepared to recognize as “reasonable.” This test was subsequently applied to public spaces and telephone calls, not because the test itself was limited to physical things, but because that was all we, as a society, had encountered. The courts have subsequently tried to analogize electronic communications with these situations.
First, a concurrence is
not the opinion of the court. Second, the talk about persons over
places is plainly rhetorical rather than analytical. The Court
concluded that Katz had an expectation of privacy in "an enclosed
phone booth," leaving open the possibility that fewer walls on the
booth, or no walls at all, could have changed the result with
respect to a wiretap placed outside the confines of the telephone
booth altogether.
| >
> | In Katz, federal agents taped a microphone to the top of a public pay phone booth that recorded the defendant’s side of his conversations. The court reasoned that the warrantless surveillance of the phone booth was impermissible, and more importantly, noted that the “Fourth Amendment protects people – and not simply “areas” – against unreasonable searches and seizures.” 389 U.S. 347, 352 (1967). This early analysis demonstrates that the Fourth Amendment was perfectly capable of extending its protections beyond physical places to people’s identities in cyberspace. In Justice Harlan’s concurrence, he articulates the “expectation of privacy” test as a twofold requirement. First, the individual must have an actual (subjective) expectation of privacy; and second, that expectation has to be one that society is prepared to recognize as “reasonable.” The Katz formulation has subsequently been adopted in various opinions of the court in relation to telephone calls, letters, electronic communications, and even GPS devices. In as recently as United States v. Jones, 132 S.Ct. 945 (2012), the Court reiterated the importance of Justice Harlan's concurrence as the standard in non-property-based searches and seizures, and emphasized that the Fourth Amendment protects a person's “reasonable expectation of privacy." | | | The Danger of Analogies
In Hoffa v. United States, the defendant admitted his involvement in criminal activities to someone who turned out to be a government informer. The court held that as a result of this conversation, the defendant had no reasonable expectation of privacy in his communications because he assumed the risk that others may overhear and share it with others. 385 U.S. 293 (1966). Extending this to online communications, the court in State v. Moller held that the defendant had no expectation of privacy in an internet chatroom. 2002 WL 628634 (Ohio Ct. App. 2002). In this case, a police officer posed as a young girl and entered a chatroom for older men. The defendant contacted the officer to arrange a meeting with the “girl” for sexual activities. After defendant was arrested, he challenged the admission of his online communications as a violation of his Fourth Amendment rights. The court reasoned that just like an individual who has a conversation in public and within earshot of others, the defendant assumed the risk when he entered the public chatroom. It may be a subtle distinction to make but rather than comparing the chatroom to a crowded café, the court should have based its decision on the norms and expectations of a public internet chatroom. Indeed, the defendant should have had even less of an expectation of privacy in the chatroom because there is not only a risk that someone could “eavesdrop” on his conversation, but an absolute certainty that anyone else in the chatroom could and would read what he wrote. | |
<
< | In Smith v. Maryland, 442 U.S. 735 (1979), the police installed a pen register on the defendant’s telephone and it recorded the numbers dialed from his phone line without recording the actual conversations. The Supreme Court distinguished between content (the conversation) and non-content information (the phone numbers dialed), and held the latter had no constitutional protection because the defendant voluntarily conveyed the numerical information to the telephone company. By analogy, in United States v. Forrester, the Ninth Circuit held that computer surveillance that enabled the government to learn the to/from addresses of the defendant’s e-mail messages and the IP addresses of the websites he visited did not constitute a Fourth Amendment search because it was analogous to the use of a pen register. The court stated that internet users have no expectation of privacy because “they should know that these messages are sent and these IP addresses are accessed through the equipment of their Internet service providers and other third parties.” 495 F.3d 1041 (9th Cir. 2007).
The court’s insistence on grouping IP addresses and to/from fields of e-mails with numbers dialed from a telephone as non-content information is indicative of its reluctance to accept, or perhaps even understand, electronic communications as a separate category.
Or maybe its perfectly
consistent application of consistent principles. Even if one
encrypts the content of the email message, after all, that's
precisely the information that must be publicly exposed in order to
make delivery possible, as the telephone number must be disclosed in
order to complete a call. So I'm not sure I understand your
criticism.
Unlike telephones, the internet works by combining content and non-content information into packets and sending them across networks altogether.
Yes, but one can draw
wrong conclusions from that fact. The IP packet has headers in it,
which are precisely the addressing information, as opposed to the
content, which in this context is called in the vernacular the
packet
"payload." So
that's clearly "non-content" information in your analysis. For an
email service provider asked to provide traffic information only,
not message content, isolating the relevant information and
providing it doesn't somehow require going inside the IP datagram
to inspect the payload: the mail service provider deals with
reassembled datagrams, representing email messages, which are data
at the application layer. The service provider can intelligibly
and easily take traffic information (From, To, CC, Sender,
Received, etc.) apart from message content, and respond
appropriately to subpoena. So argument from the nature of the IP
datagram is misconceived from a technical point of view.
This kind of blending of information is unique to the internet and should be acknowledged by the court. Instead of focusing on these analogies, the courts should be asking (a) whether an individual has an actual or subjective expectation of privacy in their electronic activities; and (b) whether our society should accept this expectation as a “reasonable” one. For instance, there is a strong argument to be made that the very identities of our e-mail contacts, along with the content of the communications, should be protected as a single packet of information. Unlike letters, which cannot be delivered without the address being viewable to the public, e-mails are unconstrained in such a way.
As I've explained
above, this argument is wrong. It's a serious weakness to be
relying on it in this fashion here.
The problem at the layer above is probably more serious: you
could find another illustration to replace this "packets are
different" argument you've been relying upon. But there is
simply no reason provided to believe that if we applied your
version of the dictum in Katz, we would find any reasonable
expectation of privacy in third-party data storage.
We do not, in the real world, have any trouble with the
reasonable rules of third-party stuff storage. If you rent a
storage space and put your own lock on it, the operator can be
required to disclose to the government by subpoena a list of
those renting spaces, but to go inside and search the space will
require either the consent of the renter or a warrant. If, on
the other hand, I ask a friend to let me store stuff in his
basement—or a local businessman offers me free storage in
his basement in return for my accepting his advertising—I
know that my friend, or the businessman may consent to a search
of his premises, and certainly will obey a warrant without giving
me notice and a chance to contest it before his basement is
searched and my stuff along with it. | >
> | Rather than relying on analogies, we could start from scratch and look to what society's expectations are with respect to electronic communications and the electronic storage of data. In doing so, we could be guided by the Katz test and ask: (a) whether the individual has a subjective expectation of privacy; and (b) whether this expectation is one that we are prepared to recognize as reasonable. Much of our rules about third party storage in the real world come from the relationships between the parties and their expectations of privacy stemming from those relationships. For instance, renting a storage unit gives the renter the assurance that any search of the unit itself will require either his/her consent or a warrant. On the other hand, simply storing one's belongings in the apartment of a friend leaves the individual at the mercy of his friend's consent. In both of these situations, the "renter" is the one with ownership rights over the items, but his expectations nevertheless differ from scenario 1 to scenario 2. This is a result of reasonable expectations. | | | These rules have been ever thus and are now reasonable, beyond
serious doubt. Why they should be different with respect to bits | | |
| |
<
< | There is no reason to force the content vs. non-content information analysis onto something that is inherently free from such a distinction, and if the courts can embrace this logic now, there may still be room for the Fourth Amendment in cyberspace. | | | Word count: 998 |
|
|
AvaGuoFirstPaper 2 - 24 Apr 2013 - Main.EbenMoglen
|
| |
| META TOPICPARENT | name="FirstPaper" |
|---|
How the Death of the Fourth Amendment Could Have Been Avoided
-- By Ava Guo - 04 Mar 2013 | |
<
< | With the advent of computers and the internet, this Fourth Amendment right of people “to be secure in their persons” has been chipped away by the courts in an attempt to figure out what warrants protection in cyberspace. The problem with the Fourth Amendment is not that it is inherently incapable of accommodating electronic communications; it is that the courts have been so wrapped up in trying to fit the new world of the internet into an old mold of the physical world that they have completely ignored the uniqueness of cyberspace. I believe that as drafted, the Fourth Amendment had room to grow; had the courts abided by acknowledgement in Katz v. United States that it protects people, not areas, the “death” of the Fourth Amendment in the Information Age could have been avoided. Instead of comparing electronic communications with speech or telephone calls, the courts should have looked to society’s actual expectations with respect to activities on the internet, and analyzed them under and the “reasonable expectation of privacy” test. | >
> | With the advent of computers and the internet, this Fourth Amendment right of people “to be secure in their persons” has been chipped away by the courts in an attempt to figure out what warrants protection in cyberspace. The problem with the Fourth Amendment is not that it is inherently incapable of accommodating electronic communications; it is that the courts have been so wrapped up in trying to fit the new world of the internet into an old mold of the physical world that they have completely ignored the uniqueness of cyberspace.
But the old world
hasn't gone anywhere. And in it, those rules were being "chipped
away" much faster. In the US I grew up in, no one thought it was
constitutional to roadblock traffic or go through everyone's bag at
the airport. I don't know how, in view of the erosion of those
certainties in the "old" world, we can be so sure that any of what
we're talking about has to do with a confusion introduced by
treating the "new" world like the "old" one. That should have had
better results than the ones we experienced.
I believe that as drafted, the Fourth Amendment had room to grow; had the courts abided by acknowledgement in Katz v. United States that it protects people, not areas, the “death” of the Fourth Amendment in the Information Age could have been avoided. Instead of comparing electronic communications with speech or telephone calls, the courts should have looked to society’s actual expectations with respect to activities on the internet, and analyzed them under and the “reasonable expectation of privacy” test. | | | Katz v. United States
In Katz, federal agents taped a microphone to the top of a public pay phone booth that recorded the defendant’s side of his conversations. The court reasoned that the warrantless surveillance of the phone booth was impermissible, and more importantly, noted that the “Fourth Amendment protects people – and not simply “areas” – against unreasonable searches and seizures.” 389 U.S. 347, 352 (1967). This early analysis demonstrates that the Fourth Amendment was perfectly capable of extending its protections beyond physical places to people’s identities in cyberspace. In Justice Harlan’s concurrence, he articulates the “expectation of privacy” test as a twofold requirement. First, the individual must have an actual (subjective) expectation of privacy; and second, that expectation has to be one that society is prepared to recognize as “reasonable.” This test was subsequently applied to public spaces and telephone calls, not because the test itself was limited to physical things, but because that was all we, as a society, had encountered. The courts have subsequently tried to analogize electronic communications with these situations. | |
>
> | First, a concurrence is
not the opinion of the court. Second, the talk about persons over
places is plainly rhetorical rather than analytical. The Court
concluded that Katz had an expectation of privacy in "an enclosed
phone booth," leaving open the possibility that fewer walls on the
booth, or no walls at all, could have changed the result with
respect to a wiretap placed outside the confines of the telephone
booth altogether.
| | | The Danger of Analogies
In Hoffa v. United States, the defendant admitted his involvement in criminal activities to someone who turned out to be a government informer. The court held that as a result of this conversation, the defendant had no reasonable expectation of privacy in his communications because he assumed the risk that others may overhear and share it with others. 385 U.S. 293 (1966). Extending this to online communications, the court in State v. Moller held that the defendant had no expectation of privacy in an internet chatroom. 2002 WL 628634 (Ohio Ct. App. 2002). In this case, a police officer posed as a young girl and entered a chatroom for older men. The defendant contacted the officer to arrange a meeting with the “girl” for sexual activities. After defendant was arrested, he challenged the admission of his online communications as a violation of his Fourth Amendment rights. The court reasoned that just like an individual who has a conversation in public and within earshot of others, the defendant assumed the risk when he entered the public chatroom. It may be a subtle distinction to make but rather than comparing the chatroom to a crowded café, the court should have based its decision on the norms and expectations of a public internet chatroom. Indeed, the defendant should have had even less of an expectation of privacy in the chatroom because there is not only a risk that someone could “eavesdrop” on his conversation, but an absolute certainty that anyone else in the chatroom could and would read what he wrote.
In Smith v. Maryland, 442 U.S. 735 (1979), the police installed a pen register on the defendant’s telephone and it recorded the numbers dialed from his phone line without recording the actual conversations. The Supreme Court distinguished between content (the conversation) and non-content information (the phone numbers dialed), and held the latter had no constitutional protection because the defendant voluntarily conveyed the numerical information to the telephone company. By analogy, in United States v. Forrester, the Ninth Circuit held that computer surveillance that enabled the government to learn the to/from addresses of the defendant’s e-mail messages and the IP addresses of the websites he visited did not constitute a Fourth Amendment search because it was analogous to the use of a pen register. The court stated that internet users have no expectation of privacy because “they should know that these messages are sent and these IP addresses are accessed through the equipment of their Internet service providers and other third parties.” 495 F.3d 1041 (9th Cir. 2007). | |
<
< | The court’s insistence on grouping IP addresses and to/from fields of e-mails with numbers dialed from a telephone as non-content information is indicative of its reluctance to accept, or perhaps even understand, electronic communications as a separate category. Unlike telephones, the internet works by combining content and non-content information into packets and sending them across networks altogether. This kind of blending of information is unique to the internet and should be acknowledged by the court. Instead of focusing on these analogies, the courts should be asking (a) whether an individual has an actual or subjective expectation of privacy in their electronic activities; and (b) whether our society should accept this expectation as a “reasonable” one. For instance, there is a strong argument to be made that the very identities of our e-mail contacts, along with the content of the communications, should be protected as a single packet of information. Unlike letters, which cannot be delivered without the address being viewable to the public, e-mails are unconstrained in such a way. There is no reason to force the content vs. non-content information analysis onto something that is inherently free from such a distinction, and if the courts can embrace this logic now, there may still be room for the Fourth Amendment in cyberspace. | >
> | The court’s insistence on grouping IP addresses and to/from fields of e-mails with numbers dialed from a telephone as non-content information is indicative of its reluctance to accept, or perhaps even understand, electronic communications as a separate category.
Or maybe its perfectly
consistent application of consistent principles. Even if one
encrypts the content of the email message, after all, that's
precisely the information that must be publicly exposed in order to
make delivery possible, as the telephone number must be disclosed in
order to complete a call. So I'm not sure I understand your
criticism.
Unlike telephones, the internet works by combining content and non-content information into packets and sending them across networks altogether.
Yes, but one can draw
wrong conclusions from that fact. The IP packet has headers in it,
which are precisely the addressing information, as opposed to the
content, which in this context is called in the vernacular the
packet
"payload." So
that's clearly "non-content" information in your analysis. For an
email service provider asked to provide traffic information only,
not message content, isolating the relevant information and
providing it doesn't somehow require going inside the IP datagram
to inspect the payload: the mail service provider deals with
reassembled datagrams, representing email messages, which are data
at the application layer. The service provider can intelligibly
and easily take traffic information (From, To, CC, Sender,
Received, etc.) apart from message content, and respond
appropriately to subpoena. So argument from the nature of the IP
datagram is misconceived from a technical point of view.
This kind of blending of information is unique to the internet and should be acknowledged by the court. Instead of focusing on these analogies, the courts should be asking (a) whether an individual has an actual or subjective expectation of privacy in their electronic activities; and (b) whether our society should accept this expectation as a “reasonable” one. For instance, there is a strong argument to be made that the very identities of our e-mail contacts, along with the content of the communications, should be protected as a single packet of information. Unlike letters, which cannot be delivered without the address being viewable to the public, e-mails are unconstrained in such a way.
As I've explained
above, this argument is wrong. It's a serious weakness to be
relying on it in this fashion here.
The problem at the layer above is probably more serious: you
could find another illustration to replace this "packets are
different" argument you've been relying upon. But there is
simply no reason provided to believe that if we applied your
version of the dictum in Katz, we would find any reasonable
expectation of privacy in third-party data storage.
We do not, in the real world, have any trouble with the
reasonable rules of third-party stuff storage. If you rent a
storage space and put your own lock on it, the operator can be
required to disclose to the government by subpoena a list of
those renting spaces, but to go inside and search the space will
require either the consent of the renter or a warrant. If, on
the other hand, I ask a friend to let me store stuff in his
basement—or a local businessman offers me free storage in
his basement in return for my accepting his advertising—I
know that my friend, or the businessman may consent to a search
of his premises, and certainly will obey a warrant without giving
me notice and a chance to contest it before his basement is
searched and my stuff along with it.
These rules have been ever thus and are now reasonable, beyond
serious doubt. Why they should be different with respect to bits
than they are with respect to stuff it is very difficult to see
and you have in no way argued. It is true that those rules are
having profound consequences as people adopt services provided to
them in a supposedly "convenient" but indeed very
rights-suppressing fashion. But that is not necessarily a reason
to change the rules. If our desire to restore Fourth Amendment
protection led us to reengineer "cloud services" and restore
email to the federated condition it was in before Gmail, so that
we all stored our data in a little box under our own bed at home
in our own castle, that would be pretty damn fine.
But that's beside the point until we get past where you leave us,
which is somehow believing that the analysis ought to come out the
other way. Which, if you're going to argue in the next draft,
you're going to have to do more work to demonstrate. Why should the
expectations of the "real" world not apply to third-party data
storage? Why shouldn't we engineer our services differently, in
order to hold on to our legal rights, rather than try to make
ourselves in some fleeting way more comfortable with sham realities?
In truth, of course, data will be stored wherever in the world it is
convenient for the business storing the data to put it, and whatever
the US legal system says about searching it will make no difference.
Why am I trying to change my idea about what is reasonable, in some
supposed distinction between the "new" world and the "old," when I
ought instead to be reminding myself of the wisdom of putting my
"papers and effects" in my own house? This perfectly technically
feasible, and would be smarter for every possible reason. Except
the reason that smart Google would rather keep it for you, as long
as you allow them to extract all the data's peripheral value,
without actually "selling" it to anyone. In the end, that is not a
good deal for you, even if you managed to recover a scrap or two of
your previously-robust constitutional rights.
There is no reason to force the content vs. non-content information analysis onto something that is inherently free from such a distinction, and if the courts can embrace this logic now, there may still be room for the Fourth Amendment in cyberspace. | | | Word count: 998 |
|
|
AvaGuoFirstPaper 1 - 04 Mar 2013 - Main.AvaGuo
|
|
>
> |
| META TOPICPARENT | name="FirstPaper" |
|---|
How the Death of the Fourth Amendment Could Have Been Avoided
-- By Ava Guo - 04 Mar 2013
With the advent of computers and the internet, this Fourth Amendment right of people “to be secure in their persons” has been chipped away by the courts in an attempt to figure out what warrants protection in cyberspace. The problem with the Fourth Amendment is not that it is inherently incapable of accommodating electronic communications; it is that the courts have been so wrapped up in trying to fit the new world of the internet into an old mold of the physical world that they have completely ignored the uniqueness of cyberspace. I believe that as drafted, the Fourth Amendment had room to grow; had the courts abided by acknowledgement in Katz v. United States that it protects people, not areas, the “death” of the Fourth Amendment in the Information Age could have been avoided. Instead of comparing electronic communications with speech or telephone calls, the courts should have looked to society’s actual expectations with respect to activities on the internet, and analyzed them under and the “reasonable expectation of privacy” test.
Katz v. United States
In Katz, federal agents taped a microphone to the top of a public pay phone booth that recorded the defendant’s side of his conversations. The court reasoned that the warrantless surveillance of the phone booth was impermissible, and more importantly, noted that the “Fourth Amendment protects people – and not simply “areas” – against unreasonable searches and seizures.” 389 U.S. 347, 352 (1967). This early analysis demonstrates that the Fourth Amendment was perfectly capable of extending its protections beyond physical places to people’s identities in cyberspace. In Justice Harlan’s concurrence, he articulates the “expectation of privacy” test as a twofold requirement. First, the individual must have an actual (subjective) expectation of privacy; and second, that expectation has to be one that society is prepared to recognize as “reasonable.” This test was subsequently applied to public spaces and telephone calls, not because the test itself was limited to physical things, but because that was all we, as a society, had encountered. The courts have subsequently tried to analogize electronic communications with these situations.
The Danger of Analogies
In Hoffa v. United States, the defendant admitted his involvement in criminal activities to someone who turned out to be a government informer. The court held that as a result of this conversation, the defendant had no reasonable expectation of privacy in his communications because he assumed the risk that others may overhear and share it with others. 385 U.S. 293 (1966). Extending this to online communications, the court in State v. Moller held that the defendant had no expectation of privacy in an internet chatroom. 2002 WL 628634 (Ohio Ct. App. 2002). In this case, a police officer posed as a young girl and entered a chatroom for older men. The defendant contacted the officer to arrange a meeting with the “girl” for sexual activities. After defendant was arrested, he challenged the admission of his online communications as a violation of his Fourth Amendment rights. The court reasoned that just like an individual who has a conversation in public and within earshot of others, the defendant assumed the risk when he entered the public chatroom. It may be a subtle distinction to make but rather than comparing the chatroom to a crowded café, the court should have based its decision on the norms and expectations of a public internet chatroom. Indeed, the defendant should have had even less of an expectation of privacy in the chatroom because there is not only a risk that someone could “eavesdrop” on his conversation, but an absolute certainty that anyone else in the chatroom could and would read what he wrote.
In Smith v. Maryland, 442 U.S. 735 (1979), the police installed a pen register on the defendant’s telephone and it recorded the numbers dialed from his phone line without recording the actual conversations. The Supreme Court distinguished between content (the conversation) and non-content information (the phone numbers dialed), and held the latter had no constitutional protection because the defendant voluntarily conveyed the numerical information to the telephone company. By analogy, in United States v. Forrester, the Ninth Circuit held that computer surveillance that enabled the government to learn the to/from addresses of the defendant’s e-mail messages and the IP addresses of the websites he visited did not constitute a Fourth Amendment search because it was analogous to the use of a pen register. The court stated that internet users have no expectation of privacy because “they should know that these messages are sent and these IP addresses are accessed through the equipment of their Internet service providers and other third parties.” 495 F.3d 1041 (9th Cir. 2007).
The court’s insistence on grouping IP addresses and to/from fields of e-mails with numbers dialed from a telephone as non-content information is indicative of its reluctance to accept, or perhaps even understand, electronic communications as a separate category. Unlike telephones, the internet works by combining content and non-content information into packets and sending them across networks altogether. This kind of blending of information is unique to the internet and should be acknowledged by the court. Instead of focusing on these analogies, the courts should be asking (a) whether an individual has an actual or subjective expectation of privacy in their electronic activities; and (b) whether our society should accept this expectation as a “reasonable” one. For instance, there is a strong argument to be made that the very identities of our e-mail contacts, along with the content of the communications, should be protected as a single packet of information. Unlike letters, which cannot be delivered without the address being viewable to the public, e-mails are unconstrained in such a way. There is no reason to force the content vs. non-content information analysis onto something that is inherently free from such a distinction, and if the courts can embrace this logic now, there may still be room for the Fourth Amendment in cyberspace.
Word count: 998
|
|
| Revision 6 | r6 - 14 Jan 2015 - 22:44:39 - IanSullivan |
| Revision 5 | r5 - 12 May 2013 - 14:47:28 - EbenMoglen |
| Revision 4 | r4 - 25 Apr 2013 - 21:48:39 - AvaGuo |
| Revision 3 | r3 - 25 Apr 2013 - 19:45:23 - AvaGuo |
| Revision 2 | r2 - 24 Apr 2013 - 21:36:47 - EbenMoglen |
| Revision 1 | r1 - 04 Mar 2013 - 16:54:27 - AvaGuo |
|