Why The 'Third Party Doctrine' Undermines Online Privacy Protections
from the fourth-amendment dept
There's been an interesting discussion going on between my colleague Jim Harper and legal scholar Orrin Kerr about the third party doctrine, the legal principle that, in effect, you lose your Fourth Amendment rights when you relinquish information to a third party. The doctrine has become increasingly important with the rise of modern technology because we now entrust a host of private data -- including our email, cell phone calling data, credit card transactions, and more -- to private companies, and the third party doctrine would seem to suggest that Fourth Amendment protections would not extend to such information. A couple of weeks ago, Kerr posted a draft paper defending the doctrine, arguing that it brings clarity and simplicity to privacy law and avoids the need for "a complex framework of sui generis rules." Jim strongly disagrees with Kerr, arguing that the third party doctrine was always misguided and that recent technological changes have simply made these flaws more evident.
Jim points out that when the Fourth Amendment was drafted, the vast majority of peoples' private activities occurred inside the home, and so it made sense to make the home focus of Fourth Amendment protections. But as people began conducting more and more of their lives outside of the home, with telephones, email, credit cards, and so forth, using the four walls of the home as the boundary for Fourth Amendment protection made less and less sense. And indeed, that's precisely what the Supreme Court recognized in the famous 1967 case of Katz v. United States, which held that the Fourth Amendment applied to wiretapping of public pay phones because the Fourth Amendment protects "people, not places." The same principle ought to apply to our emails, credit card transactions, and other data of a private nature: what matters is not where the data is located or who has custody over it, but whether the subject of surveillance had a reasonable expectation of privacy in his use of that data.
Kerr responded that "the real judges and Justices that make the rules" have recently shown greater sympathy for Kerr's view of the Fourth Amendment as a narrow doctrine of criminal procedure rather than a broad charter for protecting peoples' privacy. I agree with Jim that this isn't really responsive to his argument. Whether judges currently do see things Kerr's way tells us little about whether they ought to view them that way. Judges have gotten the Fourth Amendment wrong in the past. After all, Katz overruled Olmstead v. United States, a decision that had allowed warrantless wiretapping almost four decades earlier. So the fact that the courts have not yet extended Fourth Amendment protections to email or other digital records doesn't prove that a future court won't recognize that such information is as crucial to personal privacy as paper records and phone calls. Sticking with the third party doctrine would make the Fourth Amendment less and less relevant as technology changes because more and more private information to be held by third parties. If we want the Fourth Amendment to continue to be an effective protection for peoples' privacy, and I think we do, it needs to be continuously updated to reflect changing technological realities.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: fouth amendment, jim harper, orrin kerr, privacy, third party doctrine
Reader Comments
Subscribe: RSS
View by: Time | Thread
Mail
What's the modern version of an envelope? Encryption.
[ link to this | view in chronology ]
Re: Mail
Even still, we're discussing telephone conversations that may digitally pass through a third party's network, but would still be considered private. Private instant communication comes in lots of forms that are rarely encrypted.
[ link to this | view in chronology ]
It is widely known and stated that non-encrypted email is NOT private.
If you want the presumption of privacy in your e-mails, encrypt them, THEN complain if the government circumvents your encryption to read the e-mail.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
I would argue that the fact that in order for me to access my email server to read or write emails, I have to enter a user name and a personalized password, indicate that I should have presumption of privacy, unless you give me your information to access your email account or I unlawfully get your personal information, I cannot access your email because it is private.
Because your home's curtains are open and your wife is taking a shower, doesn't give me the right to stand at the window checking her out. and I say at the window rather than the street, because if I can see her from a public place then it gets murky, but I don't thing that yahoo or gmail emails are readily available to be read by anyone typing a URL, you would need to hack into a system in order to have access to them.
[ link to this | view in chronology ]
Point of no return
Every day you read about another massive "loss" of personal information. Information on millions which should've been encrypted at least and even better locked up somewhere, but no, it was stored on a laptop left in the back seat in plain sight for someone to take or something similar ....
I now have no other conclusion available other than to assume that almost all data breaches are intentional and you rpersonal data is being bought and traded for the highest amount.
Not if, but when you are faced with some entity showing up with their hand out demanding payment - what are you to do ?
I think I'll say "piss off dirtbag" its their own fault, not mine and I'm not paying.
[ link to this | view in chronology ]
Responsibility
[ link to this | view in chronology ]
Re: Responsibility
Where in the 4th amendment does it limit its scope ?
I do not assume that the latest technology needs to be included, it is included unless specificaly stated otherwise.
"secure in their persons, houses, papers, and effects"
I think we all know what the writers had in mind, and it is easy to conclude that both papers and effects would cover your personal email, IMs, storage, etc.
And it is the courts, DAs, and AG who are responsible.
[ link to this | view in chronology ]
Katz and the phone company
How does it make any difference that these days people are handing over digital bits for transport instead of analog electrical impulses?
[ link to this | view in chronology ]
What you want is to document the intent clearly, not examples. Clearly this whole mess got started because someone encoded an example - matters in the house - into law instead of the intent - matters between people.
So whilst I agree with you that it needs updating, I disagree with the continual part. People should stop interpreting things literally but instead focus on the intent.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
It is up to the judicial branch to enforce the existing laws, but you knew that.
I think the point is that the existing laws will do just fine. The default should be to include everything unless specifically excluded, therefore "papers, and effects" would cover email, IMs, etc.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]