Orin Kerr has posted the second part of his technology neutral approach to applying the 4th Amendment to the motherboard over at Volokh, and provides some greater insight into his plan for the future of search and seizure law as applied to the digital world.
So imagine you’re trying to apply the Fourth Amendment to the Internet so that it plays the same role in Internet crime investigations that the Fourth Amendment plays in traditional physical investigations. How can you do that?
The first step is to realize that the Fourth Amendment in the physical world is based on a fundamental distinction between inside surveillance and outside surveillance.
Online, the distinction between “inside” and “outside” no longer makes a lot of sense. Some new distinction is needed to replace the function of the outside/inside distinction.
My article proposes that the online distinction between content and non-content information should replace the physical distinction between inside and outside surveillance. The contents of communications, such as e-mail messages, subject lines, and remotely stored files, should be presumptively protected by the Fourth Amendment. Absent special circumstances such as consent or posting documents on the Internet, the Fourth Amendment should regulate government access to contents. On the other hand, non-content information, such as IP addresses mail header information other than the subject line, should not be protected.
Well, that didn’t take long. The analogy approach that Orin advocates relies on the inside/outside distinction. This is grounded in the “plain view” doctrine, that things observable by police without requiring their acting are in plain view, therefore holding no reasonable expectation of privacy. This is sensible doctrine, provided that things in “plain view” are indeed in plain view, but that’s a problem for another day.
Orin takes the leap from inside/outside to content/noncontent without any cognizable reason. Why is “noncontent” in plain view? Indeed, it’s no more viewable than content, and hence every bit as worthy of privacy as anything else. But the flawed analogy runs far deeper, and in two separate insidious directions.
If we are to utilize the existing 4th Amendment law to provide a framework for searches in the digital world, why then does plain view not stop at anything observable on the outside of your computer? If the police are required to touch a button and boot the sucker up, then they’ve gone inside. If the computer is already on, and anyone can see the screen, then arguably whatever is on the screen is outside. But the second the press a button to open a program, file, or merely maximize a minimized screen, they’ve gone inside. Why does Orin presume that the police are entitled to see anything, anything at all, in the digital guts of a computer?
But there is a collateral issue, for which no good analogy exists, confronting the privacy of our digitalia, and the unique nature of how communications fly through the air from our computer to everywhere else in the world. For the purposes of this point, I’m begging any technogeeks to suspend their brilliance, as this point needs to be developed on two separate levels. At the surface level, there is the issue of what normal people (as in, those who are so naive as to believe that there is any security in the digital world and that their communications are private) believe when they send an email.
At the other end of the spectrum is what really happens when we hit the send button, with whatever technological marvels the government (and it’s telecommunicating analogs) possess. We must recognize that there is a monstrously huge gap between what normal people think is secure and techno-reality, where security is a figment of ordinary people’s imagination. Even if the government can’t access every single thing at the moment, whether because of encryption technology or otherwise, we do well to anticipate that they eventually will be able to “observe” everything that goes in or out of our computers. Whatever we think the government is capable of doing, we frankly have no clue what they have and what they aren’t telling us.
In explaining his position, Orin notes in response to a question posed in the comments,
[Y]ou appear to be assuming that a “reasonable expectation of privacy” is what a reasonable person would expect would remain private. It’s not.
This is, of course, unfortunately true, and part of the problem with using the Katz “reasonable expectation of privacy” rubric as eviscerated by every subsequent decision to mention it. While the subject expectation of privacy is essentially meaningless, the problem is magnified in the digital world by the normal person’s inability to be aware of, and comprehend, the cutting edge of technology. While today we may (and I use the word “may” reluctantly) have a modicum of privacy based on encryption technology, is it objectively reasonable to expect that we will tomorrow?
The government can easily show, through the use of a storefront computer geek, that our ISPs and any other central hubs of digitalia have unfettered access to all sorts of information contained in our digitally transmitted communications, absent encryption. Accordingly, there is no objective expectation of privacy in much of anything we send, and we ought to know that. At minimum, that will be the exception that dismisses what normal people think ought to be private.
This process is analogized to the delivery of mail or packages, as in the Fed Ex guy. If you send something to another person in the real world, you realize that the people handling the delivery can see who you’re sending it to. the size and shape of the package, and can shake it to see if anything inside jiggles. If an envelope, they can hold it up to the light to see the shape of what’s inside, and whether any part of it can be seen through the wrapper. So if that’s the case in the real world, why shouldn’t it be the same with anything you send over a network?
The answer, of course, is that physical things are readily observable and understandable by ordinary people. A child realizes that an envelope held up to the light will reveal something about its contents. Then again, the snarky analogy is that a child is more likely to realize how unreasonable it is to expect privacy on a network than an adult. But the real problem is that this paradigm essentially gives carte blanche to the government to obtain anything they want from our transmitted communications. If this is what people want, then it can be accomplished without a techno-neutral theory by simply announcing that nothing sent by email or transmitted from your personal box over the internet should be deemed private. Announce the rule and then nobody can complain later that they didn’t know. Fall back on the existing law and reasonable people are misled.
On the other hand, the mere fact that the government has the technology to intercept everything we send across the airwaves does not make it the correct application of the 4th Amendment. Why should we not be secure in our emails and internet transmissions? Why should the analogy of package delivery constrain our privacy in digital transmission if we, the people, don’t want it to? Why does the authority of law enforcement to exercise every iota of their technological might result in our having no privacy online? One answer is because they can, and many are happy to give away any aspect of privacy in our network communications under the assumption that the government will only be searching and seizing the communications of “those bad guys” and not ours. After all, we’re good guys, and why would the government possibly want to know what we’re up to?
The other answer is the one Orin proposes, which is to take existing 4th Amendment law and apply it by way of dubious analogy to the new digital world. Does the Fed Ex analogy really fit sending an email? When we send a real package to be delivered, we can tape it up, cover it over, put a box inside a box, send it to a post office box or some other dummy location, if we want to conceal its contents and keep its recipient private. We know that we’ve done whatever we think we’ve done because we can see what we’ve done. Can’t do that online. At least normal people would have some problems with doing it.
So is the real message that we’ve given up all “non-content”, as defined by Orin, privacy by entering the digital age? If so, it’s not the model that makes me feel all warm and fuzzy about the vitality of the 4th Amendment. As much as I think highly of the internet, and appreciate that something called a network exists so I can send stuff out to others, I am not prepared to trade off what little remaining privacy I have to enjoy it, and I would appreciate others not giving it away for me.
Discover more from Simple Justice
Subscribe to get the latest posts sent to your email.
Well said and much food for thought
HA! – Good one – “the privacy of our digitalia”.
But seriously, I think you are quite right about the “people” having no clue about what the government is capable of, in terms of accessing content, encrypted or not. There have been hints that the Department of Justice wants, no, feels entitled to having access to digital content. There was a big todo about the “clipper” chip under Clinton, where the DOJ wanted backdoor access to all encryption. Although that was nipped in the bud, I wouldn’t be surprised if the NSA has the capability of breaking most encryption when they want. Also, check out the footnote in the Kyllo v. US (2001) decision, where SCOTUS notes that the DOJ has solicited contract development of all manner of technology that is intended to override the Fourth Amendment.
One problem with having a line drawn between protected and unprotected content when the government has the technology to view the protected content, is that one must then trust them not to step over the line. But how would one know, let alone prove that they have? What checks or balances are available? It sets up scenarios where privacy can be violated but not acknowledged, and the information accessed then used in a pretextual manner, as in pretextual automobile stops.
One principled distinction between content and non-content is that non-content must by nature be readable and understandable by third parties—internet service providers, etc—whereas content could be obscure, arcane, or even encrypted. I’m not sure what this means, but it seems like a good place to draw a line. But it doesn’t imply that envelope information gets absolutely no protection.
From a technogeek point of view, I’m also inclined to give little protection to wireless communication. If I’m sitting in my car outside your house monitoring traffic on your wireless internet, I don’t think you have much expectation of privacy. After all, the only reason I can pick this information up in my car is because you created electromagnetic waves that you allowed to reach me. Then again, the same argument applies to monitoring a house’s heat output—infrared is also electromagnetic waves—or listening in on cell phones, and I think both of those require some kind of suspicion.
I know my comments are missing the point, but this post just knocked a couple of things loose…
While it is true that the inside/outside distinction harnesses plain view, strict adherence to that principle in the Internet setting would seem to mean that the Fourth Amendment doesn’t apply to the Internet at all.
Everything online is exposed to the plain view of third party computers, so every internet transmission is a third party disclosure that automatically reveals everything. The entire network becomes like Smith v. Maryland, and the Fourth Amendment doesn’t apply at all.
In contrast, looking more generally at the function of the inside/outside distinction maintains the basic balance of the Fourth Amendment whether in physical space or Internet space.
Or this could be a very good reason why use of old doctrine in a new bottle isn’t viable? The entire position changes if you let go of the assumption that we need to apply existing law by analogy, rather than develop a new paradigm to deal with non-comparable situations.
SHG,
I’m kind of confused: I thought you were criticizing me for not applying the old doctrine (plain view), and now you seem to be suggesting that it would be foolish to stick to the old doctrine.
In any event, I am intrigued by your proposal for a “new paradigm”. What is your “new paradigm”?
I also want to point out, just for the record, that you actually told a law professor that he needed to stop thinking in terms of the actual law and to instead “develop a new paradigm.”
😉
I’m sorry if I was confusing. First, I would never criticize you, but merely offer my limited thoughts on a subject you’ve clearly given a great deal of thought. I just play it out. I am not in favor of applying old doctrine, both because it sucks and because I don’t think it fits well. My reference to plain view was just for comparison purposes, or example, but not to suggest that I think it’s the proper approach.
I don’t so much have a “new paradigm” as a hope (prayer?) that the old one, one that I consider miserably unprotective and rife with exceptions that swallow the rule, won’t be the starting point for the new digital world. I want a paradigm that provides real protection and reinvigorates the 4th Amendment protections as applied to the digital sphere. For me, all of the digitial world is a reflection of inner thoughts and ideas, and I submit that it is unreasonable for the Government to access any of it without a warrant and probable cause.
Then again, I find the application to current technologies inconsistent with the 4th Amendment, even though the arguments (such as with pen registers) aren’t factually incorrect. They are, however, used by courts to reduce privacy rights rather than protect them. Decisions search for reasons not to require warrants, rather than ways to protect privacy. It’s all conceptually wrong, with every effort made to avoid the 4th Amendment rather than adhere to it. I just don’t want it to continue in the digital world, and I want something better.
Damn. I knew I should have been more careful than to use the word “paradigm”. Us trench lawyers always get in trouble when we use those fancy words.
Scott,
Your concern definitely matches a counterargument I have often heard when presenting this paper: Technology neutrality is bad because we need more privacy, not equal privacy. My sense is that this argument usually comes from a sense of personal preference that is more pro-privacy than most: The hope is that courts will interpret the Fourth Amendment to confer more privacy than it has. because more privacy would be a good thing. It’s certainly a fair argument, but this paper takes technology neutrality as a goal so it’s not really the paper for that concern.
But if technology neutral starts with the bar set that low, then its problematic as it can only get worse.
Fitting Round Technology Into A Square Hole
Following the discussions of Orin Kerr’s “technology neutral” approach to the application of the 4th Amendment in a world of new technologies comes this apocryphal post by Nicole Black.
Fitting Round Technology Into A Square Hole
Following the discussions of Orin Kerr’s “technology neutral” approach to the application of the 4th Amendment in a world of new technologies comes this apocryphal post by Nicole Black.
Fitting Round Technology Into A Square Hole
Following the discussions of Orin Kerr’s “technology neutral” approach to the application of the 4th Amendment in a world of new technologies comes this apocryphal post by Nicole Black.