Computers, Privacy & the Constitution

Technology is Eroding the Fourth Amendment. Can We Stop it?

-- By JessicaCorey - 06 Mar 2017

A Radically Different Fourth Amendment

The Fourth Amendment was drafted and ratified under two assumptions that do not hold true today, first, that the largest invasion of a person’s privacy involves their home, and second, that law enforcement has restricted resources and cannot invade privacy on a large scale. With the advent of new technology, personal data is now available on a larger scale than ever before, with personal data not just on our phones and computers, but online through social media, with our digital assistants, such as Amazon’s Alexa, our fitbits and smartwatches, and even our lights and thermostats, such as the nest thermostat. With 90% of the world’s data created in the last two years, increasing the use of these devices will only continue to exacerbate the amount of personal data that is collected. As is clear, technology has radically changed these two assumptions, yet lawmakers and Courts have been slow to catch up, allowing for large gaps in 4th amendment law.

Data Mining

The concern surrounding this debate involves “data-mining.” Data mining can be loosely defined as “searches of one or more electronic databases of information concerning U.S. persons, by or on behalf of an agency or employee of the government.” This can include searches done by either individuals or artificial intelligence. Data mining becomes particularly scary when the depth and breadth of it is realized. While people are generally aware of many of the high-tech surveillance techniques, few people understand how that technology can link to provide a very detailed picture of an individual life. The State can know you called a certain number (cell data), drove to a certain house (drone or GPS), the time your bedroom light comes on (nest thermostats), if your heart rate is elevated (fitbit), unusual electricity use at your house (smart lights), and so on, all of which provide law enforcement a clear picture of a person’s life without ever entering their home.

The Erosion of the Fourth Amendment

The Fourth Amendment does not currently protect information shared with third parties. If police wanted to obtain the data provided by the suspect's smart appliances directly from the company who monitors those appliances, they can without much Fourth Amendment difficulty. Luckily however, many of these companies have shown that they will not share data with law enforcement unless forced to. However, that doesn’t stop that data from being monitored by certain police agencies who can access it without the help of the company.

This is troublesome, because under the guise of fighting terrorism, the U.S. has continued to move in a direction eroding the fourth amendment. For example, initially, under In Re Directives, the Court ruled that data gathered by the NSA must be for the special need of national security purposes and not for “garden variety criminal investigations.” However, a recent ruling by the Foreign Intelligence Surveillance Court in 2015 ruled that while information collected by the NSA must be for "foreign intelligence" purposes during the initial collection, once they have that information, it can be searched by the FBI for regular criminal investigations without any need for a warrant or prior court involvement. It is this type of decision that should make citizens wary to the ever shrinking role of the fourth amendment.

Solutions?

One way to mitigate the data-mining power the State has is to stop sharing our personal data with smart products. There are many different ways consumers can protect themselves against data mining, through VPNs or proxies, limiting the services we use etc.; the problem is getting people to care enough to do it. State and local Lawmakers could fund organizations that spread awareness on these issues or pass bills requiring schools to educate youth in technology privacy and security, but even if any lawmaker would be willing to spend their political capital on such laws, it is questionable how much impact such information would have on getting people to guard their personal data.

Alternatively, lawmakers could pass bills requiring a warrant for all nonpublicly available data searching. Requiring court involvement prior to search is likely to help protect the fourth amendment. Unfortunately, in the age of terrorism, lawmakers are less concerned with privacy and therefore we are likely to continue to see an erosion of the fourth amendment.

Thus it seems best to look to the courts to protect people by preventing data mining from being used unconstitutionally against people. One place to start is discarding the outmoded third party standard as applied to technology. As illustrated above, it is almost impossible to not interact with some kind of smart technology that reveals sensitive information about us. And yet all that data is always being shared with a third party, i.e. the company that made that product, at the very least. Third party doctrine for technology can be delineated from the rest of the third party doctrine by developing a voluntariness to share data. For example, a GPS user wants to get directions to the supermarket, but does not voluntarily want the company to know where he is located, in this instance his data should not be considered "shared with a third party."

The Third Circuit seemed to adopt a similar approach involving sharing information with cell phone companies. This suggests a willingness of Courts to reconsider how third party doctrine for technology is fundamentally different than conventional third party doctrine as there is a difference in the voluntariness of shared information. This standard would allow people to use technologies require data mining as part of their use agreement, without exposing them to all the unwanted results from having their information collected. This would also necessitate a slight shift in the understanding of the reasonable standard of privacy doctrine, however, since a majority of Americans would expect privacy from their devices, it makes sense that a reasonable person would expect to have that data protected.

[999]

1. https://www.cdt.org/files/security/usapatriot/20040300tapac.pdf

2. https://fas.org/irp/agency/doj/fisa/fiscr082208.pdf]]

3. https://www.dni.gov/files/documents/20151106-702Mem_Opinion_Order_for_Public_Release.pdf

4. See In re Application of the United States of America for an Order Directing a Provider of Electronic Communication Service to Disclose Records to the Government, 620 F.3d 304, 317-18 (3d 2010)

Navigation

Webs Webs

r5 - 02 May 2017 - 18:56:25 - JessicaCorey
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM