The cell phone has come a long way since its predecessor, the brick phone, became immortalized as Gordon Gekko’s favorite accessory. Chief Justice John Roberts acknowledged as much in his majority opinion in Riley v. California, where he wrote that smartphones were more like “minicomputers that…could just as easily be called cameras, video players, rolodexes, calendars, tape recorders, libraries, diaries, albums, televisions, maps or newspapers.”
While the Supreme Court acknowledged in Riley that police would need warrants to access information stored within smartphones, it has not yet addressed whether this requirement also applies to data that wireless providers collect from cell phones. This information, known as historical cell site location data, is transmitted by smartphone users whenever they make calls, send texts, or access the internet, and can be used to pinpoint a smartphone user’s location and movements. Such data can lead to invaluable information and prosecutors have taken notice. AT&T and Verizon, for example, each received over a quarter of a million demands for subscriber information related to civil and criminal cases in 2016 alone. That's slightly fewer than 700 requests, every single day.
The status quo could be changing soon, however, as the Supreme Court agreed to hear Carpenter v. United States last week. The case, for which the ACLU sought cert in September, addresses whether the warrantless seizure and search of a smartphone user’s historical cell site location information providing information about the user’s movements and whereabouts over a 127-day period is constitutional under the Fourth Amendment. The Supreme Court’s eventual holding will not only dictate the fate of a robbery suspect who currently faces a roughly 116-year prison sentence, but also how easily the government will be able to access sensitive smartphone data for years to come.
Carpenter Has Raised the Stakes for Smartphone Privacy
Carpenter v. United States is a criminal case with major civil rights implications. The dispute revolves around a series of armed robberies committed by the petitioner, Timothy Carpenter, and other individuals at electronics supply stores in Ohio and Michigan. After one of the perpetrators volunteered his cell phone number and the phone numbers of the other robbery participants after confessing, the government approached a number of magistrate judges to request cell site location data from the defendants’ smartphones. With that data, the government could potentially confirm that the suspects had been at or around the robberies when they occurred. The government did not rely on a warrant, however. Instead, it requested a court order to acquire 152 days of historical cell site location data and other records from the petitioner’s cell phone provider and roaming service provider, MetroPCS and Sprint respectively. This aspect of the government’s investigation, along with the district court’s subsequent denial of Carpenter’s motion to suppress this data, is what’s being taken up by the High Court.
Today, electronically-stored information about service provider subscribers is governed by the Stored Communications Act. While the SCA generally prohibits the government from compelling service providers from acquiring subscriber information without first obtaining a warrant, it allows the government to get around this requirement if it obtains a court order from a court in a competent jurisdiction. While the court could always refuse to grant an order, it will issue one if the government offers specific and articulable facts showing reasonable grounds to believe that the contents of the electronic information sought are relevant and material to an ongoing criminal investigation.
Here, the government was eventually able to obtain a court order for these records, and MetroPCS and Sprint not only turned over several months' worth of historical cell site data for Carpenter’s cell phone, but also delivered a comprehensive list of each company’s cell site towers in the region. By cross-referencing the cell site tower locations with Carpenter’s location data, prosecutors showed that Carpenter was at or near the location of four of the robberies at the time they occurred. At trial, the government relied on Carpenter’s location data as a material part of its case, and a jury found Carpenter guilty on several robbery-related charges and sentenced him to about 116 years in prison. On appeal, the Sixth Circuit upheld the district court’s decision to allow in Carpenter’s location data, holding they were business records that Carpenter could not have had a subjective, reasonable expectation of privacy in. One judge, however, disagreed with this analysis, but concurred in the judgment by stating the facts supported admitting the evidence under the good faith exception to the exclusionary rule.
Possible Implications of the Supreme Court’s Decision
In the end, Carpenter could present major consequences for criminal defendants in a country where roughly 3 in 4 of its citizens own smartphones. It will also present the Court with an opportunity to revisit precedent it established in cases such as Smith v. Maryland and U.S. v. Miller. Those cases have collectively distilled the principle of “third-party doctrine” that the Sixth Circuit relied on in making its decision. Under the third-party doctrine, courts have recognized that there is no reasonable expectation of privacy in information conveyed to third parties, such as banks, internet service providers, and, yes, phone companies.
Smith, however, was decided in 1979, holding that there is no reasonable expectation of privacy under the Fourth Amendment in the short-term surveillance of phone call information collected by pen registers. Miller came even earlier, in 1976, holding that there is no reasonable expectation of privacy in information voluntarily provided to banks.
The ACLU is arguing in part that the Court needs to revisit these precedents and take modern smartphone and tracking technology into account, as the Court did in Riley and U.S. v. Jones, which recognized that 4th Amendment protections applied to smartphone data and long-term GPS surveillance respectively. The government, in its opposition brief, argues in part that this analysis would not even matter in the end, given that the Sixth Circuit’s concurring opinion relied on the good faith exception to the exclusionary rule applied to justify admitting in the evidence.
Regardless of the outcome, the stakes brought about by Carpenter will be high for all smartphone users. When one considers that smartphones can be tracked even when turned off, Americans will either gain additional protections for sensitive information transmitted to wireless carriers, or put such information outside Fourth Amendment warrant safeguards. If the Supreme Court upholds the current status quo, then police and the government will continue to rely on the SCA’s statutory loophole to acquire information that would normally require a warrant, perhaps at even greater rates. Not only would a ruling supporting the government's position complicate matters for criminal defense and civil rights attorneys, but it could also inch us closer to a legal environment where—to paraphrase George Orwell—Big Brother will find it easier to watch us.
This post was authored by Eric Pesale, the founder of Write For Law, who writes regularly about eDiscovery, cybersecurity and other legal topics for law firms, publications, and companies. He is a graduate of New York Law School and the University of North Carolina at Chapel Hill, and recently passed the New York bar exam. Eric can be reached at eric@writeforlaw.com or on Twitter at @writeforlaw.
