The US Supreme Court on Friday ruled that the government cannot obtain cell phone location data without a specific warrant, marking a major decision in what the New York Times called “one of the biggest Fourth Amendment cases in years.”
In a 5-4 decision, the court ruled that cell phone location data falls under the Fourth Amendment’s search protections, barring the government from tracking cell phone users’ movements by simply asking service providers for data.
At issue in the case was whether the government has the right to obtain location data from cell towers about individual users without a specific criminal warrant. It stems from a 2011 case where Timothy Carpenter was accused of being involved in a string of armed robberies of cell phone stores in Michigan. Investigators in the case relied in part on 127 days of cell tower location data for 16 phone numbers that the phone companies provided without a warrant.
The majority opinion, written by Chief Justice John Roberts, states that “there is a world of difference” between the kinds of business records the government could access without a warrant under previous rulings “and the exhaustive chronicle of location information casually collected by wireless carriers.”
The opinion noted that the decision was narrow and does not address “conventional surveillance techniques and tools, such as security cameras; does not address other business records that might incidentally reveal location information; and does not consider other collection techniques involving foreign affairs or national security.”
Roberts wrote that “when the Government tracks the location of a cell phone it achieves near perfect surveillance, as if it had attached an ankle monitor to the phone’s user, adding that “the retrospective quality of the data here gives police access to a category of information otherwise unknowable.”
The government had argued that the phone data used to catch Carpenter was fair game, pointing to case law known as the third-party doctrine, whereby information provided to a third party is not presumed to be private and can be accessed by the government without a warrant. The doctrine was essentially the law of the land for years, but in a 2014 ruling, Riley v. California, the court unanimously ruled that the government needed a warrant to search someone’s cell phone. Although that case didn’t involve data shared over a network, privacy advocates saw the ruling as a sign that the court was evolving in its views of digital privacy.
The defense argued that by obtaining the data without a warrant, the government violated Carpenter’s Fourth Amendment rights against unreasonable search and seizure.
A court ruling in the government’s favor “would imperil the privacy of all kinds of data that we really can’t avoid creating in the digital age,” ACLU staff attorney Nathan Freed Wessler, the attorney who argued the case on behalf of Carpenter before the court, told Verge in November. “The choice that Americans have is to either opt out of society totally to protect privacy or to give up all of our privacy rights in order to be modern human beings. That just can’t be the right choice.”
Major tech companies like Apple, Airbnb, Dropbox, Google, Facebook, and Microsoft backed Carpenter in an August 2017 amicus brief, arguing that as “technologies… are increasingly integrated into daily life, people reasonably expect that their data will be stored securely and remain private.”
Justice Sonia Sotomayor sounded a similar, but even stronger note, in 2012, in her concurring opinion written with the majority in US v. Jones—a case where the court voted against the government’s use of tracking devices on individuals’ vehicles without warrants. It “may be necessary to reconsider” the third-party doctrine, Sotomayor warned, as such an approach is “ill suited to the digital age, in which people reveal a great deal of information about themselves to third parties in the course of carrying out mundane tasks. People disclose the phone numbers that they dial or text to their cellular providers; the URLs that they visit and the e-mail addresses with which they correspond to their Internet service providers; and the books, groceries, and medications they purchase to online retailers.”