The Evolution of Third-Party Doctrine Analysis: How the Supreme Court's Current Analytical Framework Limits the Scope of the Third-Party Doctrine
2022, Vol. 14 No. 02 | pg. 1/1
Abstract
The Fourth Amendment protects the “right of people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures…” Fundamentally, the Fourth Amendment places constitutional limits on law enforcement’s power to conduct a search or a seizure. However, the Supreme Court has recognized certain exceptions to this general constitutional requirement. The most controversial and expansive exception is the Third-Party Doctrine, which states: once information is relinquished to a third party, its original owner loses any expectation of privacy. After a series of early Supreme Court decisions, it appeared that little information escaped the grasp of the Third-Party Doctrine, especially in the interconnected technological society that arose over the decades. A society where increasingly information is naturally attached to a third party. However, more recently, federal courts have recognized the expansive and all-encompassing nature of this doctrine and as a result, have sought to limit the Third-Party Doctrine. This paper argues that the federal courts, specifically the Supreme Court, have limited the Third-Party Doctrine by transforming the overall Fourth Amendment and Third-Party Doctrine analysis. Specifically, this paper asserts that this analytical shift places much broader limitations on the Third-Party Doctrine than the Court’s holdings suggest.
Introduction: The Rise of the Third-Party Doctrine
The Fourth Amendment protects the “right of people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures…”1 Fundamentally, the Fourth Amendment places constitutional limits on law enforcement’s power to conduct a search or a seizure.2 In order to protect individuals from these unreasonable searches and seizures, law enforcement usually must obtain a warrant that allows them to proceed forward with their investigation. Put precisely, a warrantless search is per se unreasonable under the Fourth Amendment.3 However, the Supreme Court has recognized certain exceptions to this general constitutional requirement. The most controversial and expansive exception is the Third-Party Doctrine, which states: once information is relinquished to another (a third party), its original owner loses any expectation of privacy.4
Constitutional law has many areas that cause great debate between legal scholars. Yet, it can be reasonably asserted that the Third-Party Doctrine is the most polarizing and troubling of them all. In 1967, Justice Harlan, while concurring with the majority opinion in Katz v. United States, laid the foundational maxim for what would come to be known as the Third-Party Doctrine in Fourth Amendment jurisprudence.5In Katz, federal agents, without a proper warrant, eavesdropped on a conversation had by defendant inside of a public phone booth.6 The federal agents intercepted this conversation by attaching a device to the phone booth, which enabled them to overhear the conversation occurring between the defendant and the other individual on the phone.7 The defendant ultimately argued that the eavesdropping done by the federal agents constituted an unreasonable search under the Fourth Amendment and thus, challenged the validity of the evidence.8 The government, on the other hand, claimed that they did not enter any Fourth Amendment protected space, as the federal agents eavesdropped on the defendant’s phone call from the street.9 Thus, according to the government, the evidence in question did not constitute an unreasonable search.
Advertisement
The Supreme Court agreed with the defendant and held that the government’s interception of the call constituted a search despite being outside of his home, as the defendant justifiably relied upon the phone booth to keep his conversation private.10 As Justice Potter Stewart stated, “The Fourth Amendment protects people not places.”11 This proclamation by the majority was groundbreaking, as it renounced the long held belief that Fourth Amendment interests must be tied to property.12
Yet, interestingly, the most influential aspect of Katz was Justice Harlan’s concurrence. In his concurrence, Harlan introduced the idea that the Fourth Amendment extends only to information in which one has “[a] reasonable expectation of privacy.” In other words: if there is no reasonable expectation of privacy attached to the information, then the information is not granted Fourth Amendment protection.
As a result, Harlan’s “reasonable expectation of privacy” caveat armed the government with a powerful affirmative defense against Fourth Amendment violation claims. If the government could convince the Court that certain information lacked a reasonable expectation of privacy, then they could bypass the constitutional protections afforded by the Fourth Amendment. Thus, came the cases of United States v. Miller and Smith v. Maryland, the cases that created the Third-Party Doctrine.
In United States v. Miller, the government was interested in obtaining access to “all of the defendant’s records of accounts, i.e., savings, checking, loan or otherwise” at two banks.13 The defendant challenged the validity of the incriminating evidence on Fourth Amendment grounds arguing that the obtention of the accounts constituted an unreasonable search and seizure.14 Yet, the Court was not so convinced by the defendant’s argument. The Court rejected the defendant’s argument and responded by actualizing the Third-Party Doctrine into governing jurisprudence. The majority in Miller held that: “[t]he Fourth Amendment does not prohibit the obtaining of information revealed to a third party and conveyed by him to Government authorities, even if the information is revealed on the assumption that it will be used only for a limited purpose and the confidence placed in the third party will not be betrayed.”15 A sweeping holding that effectively became the kryptonite to the Fourth Amendment by granting unprecedented authority to the government to access private information. Yet, even with the gravity of the Miller holding, the Court did not stop there and provided the Third-Party Doctrine with even more bite in Smith v. Maryland.
In Smith, police sought to reveal that the defendant was the man responsible for robbing the victim and subsequently harassing the victim through anonymous phone calls.16 To accomplish this, police attached a pen register to the defendant’s telephone located in his home.17 An important aspect of the pen register is that it only records numbers dialed from a telephone. It does not record any conversations had by defendant. The pen register revealed that the defendant was in fact in the man making the harassing calls.18 The defendant challenged the use of the pen register on Fourth Amendment grounds.19
The Supreme Court, in a 5-3 majority opinion, rejected the defendant’s Fourth Amendment objection.20 Rather, the Supreme Court reaffirmed the Third-Party Doctrine established in Miller. The Smith Court explained that the defendant voluntarily relinquished his telephone number during a phone call, as the phone call naturally ‘exposed’ the numerical information to the telephone company.21 Essentially, the Court conceived that the defendant had ‘assumed the risk’ that the telephone company would reveal the information naturally gathered in telephone transactions to the police.22 Such reasoning bolstered the Third Party Doctrine to its most powerful peak in its controversial reign.
After Smith, it appeared that little information escaped the grasp of the Third-Party Doctrine, especially in the ever evolving and interconnected technological society that developed in the following decades. A digital society where increasingly information is naturally attached to a third party. As Professor Daniel Solove, professor at George Washington University Law School, has argued, “The Third-Party Doctrine presents one of the most serious threats in the digital age.”23
However, federal courts have recognized the expansive and all-encompassing nature of this doctrine. As a result, courts have sought to limit the Third-Party Doctrine.
This paper will argue that the federal courts, specifically the Supreme Court, have limited the Third-Party Doctrine by transforming the overall Fourth Amendment and Third-Party Doctrine analysis. It will demonstrate that primarily the Supreme Court has shifted its Fourth Amendment and Third-Party Doctrine analysis from focusing on the nature of police intrusion to focusing on the nature of the information in question. As a result, as the shift progressively took hold of the Supreme Court, the tenets of the Third-Party Doctrine began to erode and become ever more fragile. Finally, this paper asserts that this analytical shift, which actualizes in United States v. Carpenter, places much broader limitations on the Third-Party Doctrine than the holdings suggest. This assertion is based on synthesizing the current Supreme Court analysis with the realities of today’s technological world.
The Evolution of Fourth Amendment and Third-Party Doctrine Analysis
After Smith, the Third-Party Doctrine went unchecked for a multitude of years. Yet, as society became more technologically dependent, courts began to revisit the adequacy of Third-Party Doctrine jurisprudence. Was the post-Smith Third Party Doctrine adept to handle the new technological age? During the turn of the twenty-first century, courts began to answer this question in the negative.
Advertisement
In Trulock v. Freeh, the Federal Bureau of Investigation (“FBI”) launched an investigation against a former Department of Energy (“DOE”) official, petitioner.24 Petitioner had written a magazine article criticizing the FBI on how they handled alleged security breaches at United States weapons laboratories.25 The FBI, throughout the investigation, obtained the computer that petitioner and petitioner’s housemate shared in the house.26 The FBI accessed this computer with the consent of petitioner’s housemate.27 However, during their search of the computer, the FBI accessed private information of petitioner’s that was password protected.28 Petitioner brought suit against the FBI on Fourth Amendment grounds claiming that the voluntary consent given by the housemate to access the computer did not extend to the protected files of petitioner.29 Conversely, the government contended that since the federal agents were given valid consent by a third party who had joint access to the computer and its contents, petitioner ‘assumed the risk’ that said third party would allow government agents to search all contents on the computer. 30
Following post-Smith reasoning, one might expect the federal court, in this case the Fourth Circuit, to agree with the government’s argument. There was indeed a third party that consistently made mutual use of the computer during the ordinary course of the day. As such, under the precedent of Smith, petitioner did ‘assume the risk’ that this third party would consent to the government accessing the computer and its contents. In fact, the Fourth Circuit did agree with the government on this point.31
However, the Fourth Circuit highlighted a particular fact that called for a different result. Specifically, the Fourth Circuit highlighted that the information in question was password protected. In other words, natural access to the computer did not grant access to the information or files that were guarded by a password. This is different from the numerical information in Smith, as the information was naturally exposed to the Third Party during the telephone transaction. Put a different way, in Smith, the revealing of the numerical information to the third party was innate feature of the telephone call. In Trulock, the access to the password protected information to a third party was not an innate feature of access to the computer. Rather, there was a secondary step that needed to be completed in order to retrieve the information: typing in the correct password. As the court noted, petitioner’s housemate did not have access to petitioner’s passwords.32
In light of this nuanced analysis, the Fourth Circuit held that the housemate’s consent did not extend to the password protected files of petitioner.33 The mere fact that the petitioner and the housemate utilized and shared the same physical hard drive was not sufficient to grant access to all of the data on that hard drive. In the eyes of the Court, the password, a digital barrier, acted much like the phone booth, a physical barrier, in Katz. The password created a reasonable expectation of privacy, as the mere existence of password demonstrates that petitioner affirmatively intended to exclude the third party and others from accessing the information.34
This holding by the Fourth Circuit was a step forward in limiting the reach of the Third-Party Doctrine. The Court in Trulock still applied the reasoning of ‘assuming the risk’ that was implemented in Smith yet recognized that there were limitations to this doctrinal analysis. The Court realized that the rapid changes in technology and society birthed different mechanisms that created new expectations of privacy; the digital password being one of these of new mechanisms. By doing this, the Fourth Circuit subtly illuminated that, in the new technological age, a more complex contextual analysis must be implemented to recognize the type of information afforded Fourth Amendment protections. In Trulock, the Court viewed the presence of a password, a contextual fact, as a dispositive factor in reaching the conclusion that the information in question was entitled to an expectation of privacy. However, after Turlock – a Fourth Circuit decision, it was still unknown if the Supreme Court would implement a more nuanced analysis that recognized the new technological age and the complex nature of modern information. In the years following Trulock, some cases suggested that the Supreme Court was beginning to recognize the rapid changes of technology and with that, societal expectations of privacy.35 It was not until United States v. Jones that the Supreme Court displayed initiatives to adapt to the new technological age and apply a more complex analysis regarding modern privacy interests.36
In United States v. Jones, police believed that the defendant Antoine Jones was involved in a drug trafficking operation.37 Based on this suspicion and information gathered in their investigation, police obtained a warrant to place a GPS tracking device on the car that Jones utilized in his daily operations.38 However, police failed to follow the limitations and bounds set forth by the warrant.39 The police ended up tracking Jones for twenty-eight days and installed the device outside the permitted district.40 Jones filed a motion to suppress the GPS information gathered on Fourth Amendment grounds.41 The government asserted that Jones had no reasonable expectation to privacy in his vehicle’s location while that vehicle was in any public place.42
The Supreme Court in a unanimous decision ruled in favor of Jones, however, the Court was not unanimous in its reasoning. Following the categorizations of Stephen E. Henderson, a professor at The University of Oklahoma College of Law, the Court was separated into three groups: the Scalia Five, the Alito Four, and the Sotomayor Solo.43 The Scalia Five, which did in practicality include Associate Justice Sotomayor, hinged on the Fourth Amendment trespass test that was popular pre-Katz. As Henderson details, “[The Scalia five reasoned] when police placed the GPS device upon the vehicle, they physically trespassed upon constitutionally protected area (an “effect”) in order to obtain the information and thereby engaged in a Fourth Amendment search.”44
Conversely, the Alito Four viewed the majority’s opinion as antiquated and misguided – so much so that Alito designated more of his opinion to criticizing the majority’s opinion than analyzing the case.45 That in and of itself suggests that the Court was beginning to view the Fourth Amendment and information in a different light. Ultimately, the Alito Four resorted to the Katz “reasonable expectation of privacy” test from which they concluded that the long-term monitoring of the Jones’ movements constituted a Fourth Amendment search.46
The Alito Four’s opinion is not revolutionary for the Third-Party Doctrine. However, the analysis employed by the four Justices illuminated new important features to be considered in analyzing modern information: the quantity and quality of the information. Alito focused on “whether the use of GPS tracking involved a degree of intrusion that a reasonable person would not have anticipated.”47 In this analysis, Alito was interested in the characteristics of the data. Unlike the other aforementioned cases, there was no mechanism that suggested that the defendant affirmatively did not want others to access or have the information in question.
As such, the Justices shifted the analysis to the information itself. Was there something about the data collected that made it per se intrusive? Alito answered in the affirmative as to long-term GPS tracking.48 Alito reasoned that a reasonable person would not expect their daily movements to be tracked consistently over the long-term unless for the “most serious of crimes.”49 Here, Alito highlights that when considering the information in question, daily movements (quality), together with the inhuman ability to monitor said information non-stop (quantity), the government’s actions amount to a Fourth Amendment search.
Now, Alito fails to identify the point in which surveillance becomes long-term surveillance, which is problematic for future implementation of his analysis.50 Nonetheless, this analysis suggested by the Alito Four was another revolutionary step in Fourth Amendment and Third-Party Doctrine Analysis. The Alito Four’s concurring opinion illuminated that there is something constitutionally relevant about the very nature of particular information (in this case, daily movements), separate and apart from factors such as physical spaces and privatizing mechanisms (i.e. passwords or phone booths).51 The Justices suggested that innate informational sensitivity, not only informational secrecy, was a factor to be considered in determining if a reasonable expectation of privacy existed.
Unlike the Scalia Five and Alito Four, Associate Justice Sotomayor, in her solo concurring opinion, directly confronted the Third-Party Doctrine. Throughout her opinion, Sotomayor agreed with Alito that informational sensitivity was an important factor to be considered under the reasonable expectation of privacy test. She also advanced Alito’s proposition one step further urging that collecting and aggregating an individual’s movements may enable the government to ascertain much more about an individual than is reasonably expected (i.e. political and social beliefs, habits, and so on).52 It was from this assertion that Sotomayor confronted the Third-Party Doctrine.
Sotomayor claimed that the Third-Party Doctrine is ill-suited for the digital age.53 In today’s society, Sotomayor highlighted, a great deal of information is being shared by individuals to third parties to complete mundane tasks.54 This information when taken in the aggregate and analyzed reveals many intimate aspects of an individual’s life, such as habits, preferences, medication history, etc.55 Sotomayor referenced the danger the Third-Party Doctrine poses in the current state of society. The government can easily build a comprehensive and intimate ‘profile’ on an individual by focusing their searches on third parties. She doubts that society is willing to accept without complaint the warrantless disclosure to the Government of information that, when synthesized together, gives the Government access to the most intimate aspects of their lives.56
To Sotomayor, there is a continuum of sensitivity upon which information falls, which in turn dictates varying expectations of privacy in that information regardless of its disclosure status to third parties.57 There is some data that is meaningless and there is some data that innately calls for an expectation of privacy.58 However, there is also data that falls in between the two extremes. It is this data that Sotomayor conceptualizes as most worrisome in today’s technological age. From first glance, this ‘in-between’ data says inherently little about the individual in question. Yet, when taken together with a multitude of other ‘in-between’ data points, the aggregated whole can paint a relative picture of an individual’s life.59 For Sotomayor, as data gets ‘less sensitive’ on the continuum of sensitivity, the ‘quantity’ factor becomes increasingly important. Thus, Sotomayor concluded that she would not “assume that all information disclosed to some [third party] for a limited purpose is . . . disentitled to Fourth Amendment protection.”60
Ultimately, the majority in Jones, while limiting government surveillance, did not address the Third-Party Doctrine and transform Sotomayor’s analysis into governing jurisprudence. However, the Jones decision reflected two key elements regarding the state of the Supreme Court by 2012. First, the Court was beginning to hear and understand the calls for restraint of invasive government surveillance, which is reflected by the Court delivering a 9-0 result in favor of Jones.61 Moreover, Justices on the Supreme Court were beginning to transform their overall perspective concerning privacy and information. As the Alito Four and Sotomayor Solo opinions show, Justices were starting to consider the quality and quantity of the information itself, as well as the intrusive affects that aggregating large swaths of information could have on individuals.
This transformation of the Supreme Court’s analysis took even more shape in the case Riley v. California, which occurred two years after Jones. In Riley, the defendant was arrested for a possession of a concealed and loaded firearm.62 After his arrest, police confiscated the defendant’s smartphone that was on his person at the time of the arrest.63 Then, subsequently, police accessed the smartphone without a warrant, which suggested that the defendant was associated with gang-related activities.64 This prompted the police to launch a more in-depth examination into the contents of the defendant’s smartphone.65 Defendant challenged the search on Fourth Amendment grounds.66 The government objected to this challenge by asserting that digital searches on a cell phone are indistinguishable from permitted searches of physical items found on an arrestee’s person (i.e. a purse).67 The Supreme Court rejected this assertion made by the government.68
The Riley Court’s majority opinion directly reflected and built upon the Alito Four’s and Sotomayor’s concurring analyses set forth in Jones. The opinion dedicated much ink to explaining why digital searches were different both quantitatively and qualitatively to physical searches.69
On the quantitative differences, Chief Justice Roberts, delivering the majority opinion for the Court, highlighted the advanced storage capacity that is imbedded in smart phones.70 As a result of this storage capacity, the amount of information that police can digitally access on a smart phone cannot be feasibly obtained by a standard physical search. The sheer amount of information collected on a cell phone makes access to even a particular aspect of the cell phone that more revealing than a physical search.71 Roberts also highlights that cell phones in today’s society not only contain an immense amount of information but specifically, an immense amount of diverse information. Roberts continues by stating that this mass quantity of diverse information can “reveal much more in combination than any isolated record.”72 Here, the Court is directly reflecting the aggregation theory posited by Justice Sotomayor in Jones.
On the qualitative differences, Roberts focused on the contents of the ‘digital memory’ of cell phones. The opinion not only is concerned with the revealing impact that the aggregation of stored cell phone data could have on an individual but also with the varying types of information that is blended and sprinkled throughout the phone’s memory.73 Information that is centered on sexual interests, medical concerns, medical history, pinpoint location movements, etc. Roberts opines that these ‘information types’ are so sensitive that under a non-digital search, they would not be revealed to law enforcement officers. Actually, Robert states,
[A] cell phone search would typically expose the government to far more than the most exhaustive search of a house: a phone not only contains in form many sensitive records previously found in a home; it also contains a broad array of private information never found in a home in any form – unless the phone is.74
This quote is quite revealing. It shows that Robert believes that cell phones, or modern technology, creates a medium in which individuals translate intimate information, that would otherwise not exist in any form, into digital form.
Hence, the majority opinion in Riley concludes that digital searches are fundamentally different than permitted searches of physical items. In doing so, the Supreme Court finally held that the Fourth Amendment calculus must be re-adjusted when considering information stored on modern technology – specifically, cell phones. Modern technology has allowed individuals to create, knowingly or unknowingly, a comprehensive profile of themselves on digital platforms (i.e. cell phones). From one click of a button or swipe on a screen, the government (or anyone) could gain access to an individual’s layered identity.75 An identity that contains information that would not otherwise be revealed under any other search permitted by law. In transforming their analysis and recognizing the sensitive and comprehensive nature of information stored on cell phones, the Supreme Court took another step in limiting the government from circumventing Fourth Amendment protections. Yet, while Riley progressed Fourth Amendment analysis and bolstered Fourth Amendment protections, the Supreme Court had yet to directly constrain the reach of the Third-Party Doctrine. However, the stage had been set in Riley for a damaging strike against the Third-Party Doctrine and all that was needed was the proper case. In 2018, that case came in the form of Carpenter v. United States.
In Carpenter v. United States, the government obtained and utilized defendant’s cell-site location information (“CSLI”) to establish a connection between the defendant and particular robberies.76 The government sought to establish that the defendant, Timothy Carpenter, was proximately located by each of the robberies in question, in turn, creating an evidentiary nexus between Carpenter and the robberies.77 The government used CLSI information that consisted of approximately four months, 12,898 location points, of the defendant’s movements.78 The defendant was eventually convicted for these crimes. Carpenter appealed and moved to suppress the use of the CSLI evidence by the government on Fourth Amendment grounds.79 The government challenged Carpenter’s motion on Third-Party Doctrine grounds.80
The majority opinion rejected the government’s argument that the Third-Party doctrine applied to CSLI.81 As such, the Court held that the government may not collect historical CSLI from a cell phone service provider without a warrant.82 In reaching this holding, the majority opinion conducted a qualitive and quantitative assessment of the CSLI information. To begin, the Court recognized that the CSLI information was deeply revealing as, similar to GPS tracking information, the data provided an intimate window into a person’s life.83 Further, the Court focused on the “depth, breadth, and comprehensive reach” of the CSLI information. As Roberts for the majority highlights, there are serious privacy concerns regarding the pinpoint chronicle of a person’s physical presence over a period of time that is constructed by the constant storage of CSLI.84 “As with GPS information, the time-stamped data provides an intimate window into a person's life, revealing not only his particular movements, but through them his ‘familial, political, professional, religious, and sexual associations.’”85 Much like the analysis implemented by the Court in Riley, the Carpenter Court considered the sensitivity of the information, as well as the comprehensive linked nature of the information.
The Court, however, did not stop at analyzing just the quality and quantity of the information in question. Rather, the Court also focused on a third factor: the inescapable and automatic nature of how the information is collected.86 The Carpenter Court, quoting the Riley Court, recognized that there are forms of technology that exist today that are “such a pervasive and insistent part of daily life.”87 As such, a device such as a cell phone, in today’s society, can be seen as an indispensable device. Now, CSLI is an automatic consequence of owning a cell phone. As the Court explains, CSLI is automatically collected by cell service providers, as the CSLI record is generated or “exposed” – to use Smith terminology – whenever an individual uses said service.88 The user meanwhile is not granted the ability to opt out of the collection of their CSLI data. The Court marks an inherent problem in this provider-user relationship: users, in today’s modern society, are shackled to their cellular devices yet are not granted the opportunity to avoid being perpetually tracked by the providers of the cellular devices and services.89 This inescapable, unbalanced relationship prompts the majority in Carpenter to reject the proposition that the defendant “assumed the risk” when purchasing and using a cell phone.90 Here, the Court explicitly rejects the rationale implemented in Smith used to justify the application of the Third-Party Doctrine.
Ultimately, the Court, when analyzing the quality, quantity, comprehensiveness, and inescapability of the information, ruled that historical CSLI is granted Fourth Amendment protections regardless of its third-party disclosure status. The evolution of the Supreme Court’s Fourth Amendment and Third-Party Doctrine had finally entered its next stage.
The True Limitation of the Third-Party Doctrine is the ‘New’ Carpenter Analysis
As Paul Ohm, a Professor of Law and Associate Dean at Georgetown Law Center, highlights, “Carpenter has been heralded by many as a milestone for the protection of privacy in an age of rapidly changing technology.”91 It should be noted that the Court in Carpenter explicitly states that their holding should be interpreted narrowly and should not be seen as an attempt by the Court to overrule or disturb the holdings of Miller and Smith. However, as noted, the true landmark development of Carpenter is in the Court’s analysis.
Until Carpenter, the Supreme Court and federal courts have tended to pay more attention to the nature of the police intrusion required to obtain information than to the nature of the information obtained.92 This is best seen in cases like Trulock, where the police had to bypass a password to access the information.93 Now, starting from Jones and progressing to Riley, the Court started to consider the nature of information and transform their analysis into, what is now seen as, the Carpenter analysis. Yet, in both Jones and Riley, the Court still did not fully disconnect the analysis from police intrusion.94 Carpenter, on the other hand, reinvents the “reasonable expectation to privacy test” set forth in Katz. The Carpenter Court’s analysis finds a reasonable expectation of privacy based primarily on the nature of the information divorced from the actions of police, data owners, or the target of the investigation.95
As a result, whenever there is a massive database containing large swaths of non-public information, courts will likely conduct a qualitive and quantitative assessment of the information to determine if a reasonable expectation of privacy exists.96 The reason for this is that Carpenter makes clear that the quality of the data, the scale of data collection, and the inescapability of forfeiting the data matters analytically.97 And, as recognized by the courts, mundane information stored on modern databases can reveal much about an individual’s private life when taken in the aggregate.98
This is analytical framework is therefore limiting for police, as much of the data given to third parties today is stored on massive databases. This especially holds true when you consider Cloud storage, the various kinds of digital assistance for smart technology, DNA and genetic testing companies, third-party applications on smart phones, etc.99 As Eunice Park, an Associate Professor of Law at Western State College of Law, explains,
Smart devices rely upon autonomous relaying of personal data and the ability to connect and interface with a network. These devices communicate with the network by sending data across it and using that data in their operations. . . Wearable devices, “equipped with microchips, sensors, and wireless communication capabilities. . . can collect data, track activities, and customize experiences to users' needs and desires.” Highly sensitive information from smart devices can also include “browsing habits to purchasing patterns to real-time location to personal health information.100
Hence, today’s society is built on these digital networks or ecosystems: Apple ecosystem, Microsoft ecosystem, Samsung ecosystem, Amazon ecosystem, Google ecosystem and many more. 101 In order for these ecosystems to exist, there must be a third-party intermediary storing all of an individual’s information on a major data system.102 Carpenter suggests that the majority of the non-public information stored by these third parties is no longer presumed to lack a reasonable expectation of privacy as held in Smith. Rather, all of the non-public information given to third parties that are stored on these massive databases are at least entitled to a qualitative and quantitative assessment. As such, given that digital interconnectivity has increasingly become a norm of individual’s lives coupled with the Carpenter analysis, much of the information relinquished to third parties today is at least entitled to a Carpenter assessment.
Now, a Court might still find that certain information is not entitled to a reasonable expectation of privacy under the Carpenter analysis. However, the government now has to show that the information in question is not entitled to Fourth Amendment protections due to its nature rather than its disclosure status to a third party. This a much more burdensome standard for the government to overcome. Thus, the Carpenter analysis in and of itself is limiting to the Third-Party Doctrine.
Conclusion: Narrow Holdings and Broad Implications
Ultimately, on the surface, the Third-Party Doctrine appears to be limited to a few narrow holdings. These few narrow holdings consist of password-protected information, comprehensive GPS tracking information, and comprehensive historical CSLI information. However, when one examines the transformation of the Supreme Court’s constitutional Fourth Amendment analysis, the limitations on the Third-Party Doctrine appear much broader. As shown, the analysis of the Supreme Court has shifted from the nature of police intrusion, as in Smith, to the nature of the information, as in Carpenter. This analytical shift has granted individuals the ability to establish a privacy interest in information that has been given to third parties. In other words, the analytical shift that was actualized in Carpenter has removed the blanket conception that once information is relinquished to another (a third party), its original owner loses any expectation of privacy. Now, the qualitative and quantitative nature of information is to be considered, as well as the inescapable and automatic nature of third-party collection. Hence, the breadth of Carpenter has yet to be determined. However, in today’s world of technological interconnectivity, the implications of the Carpenter Court’s analysis seem positively broad for private individuals and negatively limiting for the government.
Endnotes
1.) U.S. Constit. Amend. IV.
2.) Riley v. California, 134 S. Ct. 2473, 2494 (2014).
3.) Eunice Park, Objects, Places and Cyber-Spaces Post-Carpenter: Extending the Third-Party Doctrine Beyond CSLI: A Consideration of IOT and DNA, 21 Yale J.L. & Tech. 1, 9 (2019).
4.) Lucas Issacharoff & Kyle Wirshba, Restoring Reason to the Third Party Doctrine, 100 Minn. L. Rev. 985, 985 (2016).
5.) See Katz v. United States, 389 U.S. 347, 360 (1967) (Harlan, J., concurring).
6.) Id. at 348.
7.) Id.
8.) Id.
9.) Id. at 352.
10.) Id. at 353.
11.) Id. at 351.
12.) Issacharoff & Wirshba, supra note 4 at 988.
13.) United States v. Miller, 425 U.S. 435, 436 (1976).
14.) Id. at 440.
15.) Id. at 443.
16.) United States v. Smith, 442 U.S. 735, 737 (1979).
17.) Id.
18.) Id. at 737.
19.) Id. at 744.
20.) Id.
21.) Id.
22.) Id.
23.) Daniel J. Solove,Fourth Amendment Codification and Professor Kerr's Misguided Call for Judicial Deference, 74(2)fordham l. rev.747, 753 (2005).
24.) See generally Trulock v. Freeh, 275 F.3d 391, 398 (4th Cir. 2001).
25.) Id. at 397.
26.) Id. at 398.
27.) Id.
28.) Id.
29.) Id. at 399.
30.) Id. at 402-403.
31.) Id. at 403.
32.) Id.
33.) Id. at 402-403.
34.) Id. at 403.
35.) See City of Ontario v. Quon, 130 S. Ct. 2619, 2629-30 (2010)(stating that, “Rapid changes in the dynamics of communication and information transmission are evident not just in the technology itself but in what society accepts as proper behavior. . . . At present, it is uncertain how workplace norms, and the law's treatment of them, will evolve. . . .”).
36.) See generally United States v. Jones, 565 U.S. 400 (2012).
37.) Id. at 402.
38.) Id. at 402-403.
39.) Id. at 403(stating that the warrant required the GPS tracker be installed within 10 days from issuance of the warrant in order to be valid and whereby the police installed the tracker on the 11th day).
40.) Id. at 403.
41.) Id.
42.) Id.
43.) See Stephen E. Henderson, After United States v. Jones, After the Fourth Amendment Third Party Doctrine, 14 N.C. J.L. & Tech. 431, 448-455 (2013).
44.) Id. at 449.
45.) Id. at 452.
46.) See Jones, 565 U.S. at 419-431.
47.) Id. at 430.
48.) Id.
49.) Id.
50.) Henderson, supra note 43, at 453.
51.) Michael Gentithes, The End of Miller’s Time: How Sensitivity Can Categorize Third-Party Data After Carpenter, 53 Ga. L. Rev. 1039, 1061 (2019).
52.) Jones, 565 U.S. at 415.
53.) Id. at 417.
54.) Id.
55.) Id. at 415.
56.) Id. at 417.
57.) See Gentithes, supra note 48, at 1063.
58.) One comparison is data that states the person’s name (relatively meaningless) versus data that reveals an individual’s elaborate medical history (meaningful and intimate).
59.) This is known as the Mosaic Theory. “The mosaic theory posits that citizens have reasonable expectations of privacy ‘in certain quantities of information and data even if they lack reasonable expectations of privacy in the constituent parts of the whole.’” Gentithes, supra note 48, at 1062.
60.) Jones, 565 U.S. at 418.
61.) Henderson, supra note 41, at 456.
62.) Riley v. California, 573 U.S. 373, 378 (2014).
63.) Id. at 379.
64.) Id.
65.) Id.
66.) Id.
67.) Id. at 393.
68.) Id.
69.) See Id. at 393-394.
70.) Id.
71.) Id. at 394.
72.) Id.
73.) See Id. at 396.
74.) Id.
75.) An identity composing of sexual interests, medical history, medical concerns, personal habits, hobbies, places frequently visited, friends, family, etc.
76.) Carpenter v. United States, 138 S Ct. 2206, 2212 (2018).
77.) Id. at 2213.
78.) Id. at 2212.
79.) Id.
80.) Id. at 2213.
81.) Id. at 2217.
82.) Id.
83.) Id. at 2218.
84.) Id. at 2220.
85.) Id. at 2217 (quoting United States v. Jones, 565 U.S. 400, 415 (2012)).
86.) Id. at 2223.
87.) Id. (quoting Riley v. California, 573 U.S. 373, 385 (2014)).
88.) Id. at 2220.
89.) Id.
90.) Id.
91.) Paul Ohm, The Many Revolutions of Carpenter, 32 Harv. J.L. & Tech. 357, 358 (2019).
92.) Id. at 362.
93.) See generally Trulock v. Freeh, 275 F.3d 391 (4th Cir. 2001).
94.) In Jones, the Court still focused on the physical intrusion of the GPS tracking device. In Riley, the Court still focused on the accessing of a physical cell phone.
95.) Ohm, supra note 84, at 363.
96.) Id. at 378.
97.) Id. at 365.
98.) See Carpenter v. United States, 138 S Ct. 2206, 2217 (2018).
99.) Park, supra note 3, at 30.
100.) Id. (citing Adam D. Thierer, The Internet of Things and Wearable Technology: Addressing Privacy and Security Concerns Without Derailing Innovation, 21 rich. j.l. & tech. 6, at *1 (2015)).
101.) See Tamim Saleh, et al., The Age of Digital Ecosystems: Thriving in a World of Big Data, Boston Consulting Group (July 23, 2013), https://www.bcg.com/en-us/publications/2013/technology-industries-digital-ecosystems-thriving-world-big-data.aspx (“Consumers will increasingly access, monitor, and control their connected digital products and services remotely over the Internet, using smartphones, tablets, laptops, desktop PCs, and other devices. Massive streams of complex, fast-moving “big data” from these digital devices will be stored as personal profiles in the cloud, along with related customer data.”).
102.) Eric Johnson, Lost in the Cloud: Cloud Storage, Privacy, and Suggestions for Protecting Users’ Data, 69 Stan. L. Rev. 867, 872 (2017) (stating that, “Cloud storage services allow users to store data and applications on remote servers owned by others. These remote servers are essentially global storage facilities [used] to store information electronically and grant access to uploaded information using any electronic device from any location at any time.”).