On the face of it, that's one victory for government snooping and one defeat. But both decisions highlight the precariousness of privacy in an age when we routinely store huge amounts of sensitive information outside our homes.
The Fourth Amendment prohibits "unreasonable searches and seizures" of our "persons, houses, papers and effects." But according to the Supreme Court, the Fourth Amendment does not protect our papers once we entrust them to someone else.
In a 1976 case involving bank records, the court declared that "the Fourth Amendment does not prohibit the obtaining of information revealed to a third party and conveyed by him to government authorities, even if the information is revealed on the assumption that it will be used only for a limited purpose and the confidence placed in the third party will not be betrayed." Three years later, in a case involving phone records, the court reiterated that "a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties."
This dubious "third-party doctrine," enunciated before the Internet existed and mobile phones became ubiquitous, was crucial to the outcome of a case decided by the U.S. Court of Appeals for the 11th Circuit last week. The court said an armed robber named Quartavious Davis had no constitutional grounds to object when the FBI linked him to several crime scenes with cellphone location data that it obtained without a probable-cause warrant.
The court's logic was straightforward: Those records did not belong to Davis; they belonged to MetroPCS, his mobile phone company. So even though they revealed everywhere he went over the course of 67 days, he had no reasonable expectation that the information would remain private.
Dissenting Judge Beverly Martin noted that the majority's reasoning invites even bigger intrusions. "Under a plain reading of the majority's rule," she said, "by allowing a third-party company access to our email accounts, the websites we visit and our search-engine history -- all for legitimate business purposes -- we give up any privacy interest in that information."
That means the government can find out what we watch on YouTube, what we look up on Wikipedia, what we buy on Amazon, and whom we "friend" on Facebook or date via Match.com -- "all without a warrant." In fact, Martin noted, "the government could ask 'cloud'-based file-sharing services like Dropbox or Apple's iCloud for all the files we relinquish to their servers."
The U.S. Court of Appeals for the 2nd Circuit also noted the privacy threat posed by such data grabs in its ruling against the NSA's mass collection of phone records. But that decision was based on Section 215 of the PATRIOT Act, which the court said did not authorize the NSA program, contrary to the position taken by the Obama administration.
Congress is currently debating reauthorization of Section 215, which expires at the end of this month. Even if the provision is renewed unchanged, the 2nd Circuit's decision (assuming it's not overturned) means the NSA can no longer use Section 215 to collect everyone's phone records.
That outcome, while welcome, leaves unresolved a deeper issue that the 2nd Circuit mentioned but did not address: "whether the availability of information to telephone companies, banks, Internet service providers and the like, and the ability of the government to collect and process volumes of such data that would previously have overwhelmed its capacity to make use of the information, render obsolete the third_party records doctrine." Until the Supreme Court grapples with that issue, such highly revealing and deeply personal information will have only as much protection as legislators decide to give it.