The Fourth Amendment of the US Constitution guarantees a person’s privacy and property against arbitrary searches and arrests by the government, unless there is justifiable cause to issue a warrant to execute such searches and arrests. In other words, persons have an inviolable right to their private property and the authorities are limited in accessing that property unless a court issues a warrant to inspect such property due to probable cause. A warrant allows the government to obtain evidence by breaking into someone’s private property, where that evidence might be, and taking it. Though often applied in the context of criminal investigations, the Fourth Amendment’s protection extends beyond this sphere (see, e.g. Ontario v. Quon, 560 U.S. 746, in which, while rejecting the Fourth Amendment claim, the Supreme Court held that a warrantless inspection of text message traffic between government employees was not unconstitutional) and includes two distinct analyses: (1) whether a search or seizure has occurred and (2) whether that search or seizure was reasonable. In the modern context, advances in how we share, store, and communicate information have shifted expectations and interpretations of those two components.

Component (1) has historically been interpreted to apply to government intrusion on a person’s “reasonable expectation of privacy”. The type of privacy a person can reasonably expect to have was broadly limited by what came to be known as the third-party doctrine; a principle holding that a person does not have a legitimate expectation of privacy over information that is voluntarily turned over to third parties. For example, in the 1976 case United States v. Miller, the government concluded that a subpoena of the plaintiff’s bank records did not constitute unreasonable search and seizure in violation of the Fourth Amendment because the documents only included information that the plaintiff had voluntarily conveyed to the banks. The Miller court appeared to put a lot of emphasis on the agency of the individual for “taking the risk” that, in revealing their affairs to a third party, that information may realistically be conveyed to the government (see United States v Miller, 425 US 435, 443, 96 S Ct 1619, 1624, 48 L Ed 2d 71 [1976].) In a convenient loophole for the digital age, the court held that even if the information was conveyed to the third party under the assumption of privacy, the Fourth Amendment does not prohibit the government from obtaining that information in turn from the third party.The third-party doctrine was again applied in Smith v. Maryland, in which the Court ruled that government acquisition of telephone numbers dialed on a landline telephone did not constitute a search on the basis that those who dialed the numbers voluntarily conveyed the dialed numbers to the phone company, and therefore assumed the risk of those numbers being made available to the government.

Applying the third party doctrine to the digital age, where exponentially more (and exponentially more private) information than outgoing telephone numbers is being shared with internet service providers, e-mail hosts, online pharmacies and social media followers, the third party doctrine becomes a dangerous weapon for the government to justify accessing an arsenal of personal information via third party data collectors with a standard that falls well below probable cause – a notion supported by statute under the provisions of the Stored Communications Act. Under the SCA, the government does not need a warrant (and therefore does not need probable cause) to obtain communications that are either more than 180 days old or are stored in a remote computing service (18. U.S.C. § 2703(b)). Nowadays, emails are often kept on remote storage systems indefinitely, and an additional rise of remote archival storage means that users are often deliberately sharing their data with third parties with the explicit expectation that that information remain private. The SCA has not been modified to accommodate these changes. The framers could not have known the extent to which technology would evolve and integrate into daily communication, but they did draft the Fourth Amendment to prevent unregulated government inference in one’s privacy. This leaves the SCA with an unconstitutionally low level of protection (see, e.g. Warshak v. United States, 40 F.3d 455, 560, in which law enforcement justified obtaining court orders directing the defendant's internet service providers to turn over all of the defendant's messages greater than 180 days old stored on their servers under the SCA. The court held that emails were protected under the Fourth Amendment despite the ISP’s limited access).

In a world where advances in technology virtually require information to be released to third parties in order to efficiently and effective function – a state of being dramatically exacerbated by the COVID-19 pandemic and the shift to an almost entirely virtual existence – this doctrine needs to be amended to avoid an unconstitutional abuse of power. Considering the need to both protect the rights of citizens and to allow law enforcement to apply valuable investigative tools stemming from the third-party doctrine, a way forward would be to distinguish between information that individuals are knowingly and voluntarily conveying to third parties, from information that citizens may not even be aware is being conveyed to third parties while they go about their normal course of livelihood and business online. As the court in Katz v. United States, 389 U.S. 347 (1967) noted, a subjective expectation of privacy alone is not enough to create Fourth Amendment protection. However, the court also found that a subjective expectation of privacy is protected where that expectation is objectively reasonable, id. Emails (Warshak) and text messages (Quon v. Arch Wireless Operating Co.) are two such examples. Thus, an amendment to the SCA that reinstates rules based on Katz’s two-part test strikes an even balance between applying the objectivity of the Fourth Amendment and giving individuals the benefit of a reasonable expectation of privacy.