Despite my admiration for Orin Kerr’s mix of scholarship and practicality, one area where I disagree strongly with him is his “technology neutral” approach to search and seizure, where he essentially seeks to apply the law developed over the years to deal with brick and mortar, car chases and snail mail, to the digital world by analogy.
Dealing with search and seizure in the digital age is one of Orin’s primary areas of scholarship, and (unfortunately, to the extent he disagrees with me) his thoughts carry far more weight than mine. It’s a problem if we have any hope that the disastrous development of 4th Amendment law over the past century, you know, where the courts have developed a half dozen exceptions to every platitude about our being secure in our persons and effects so that pretty much every warrantless search is okey-dokey, won’t serve as our baseline for the future.
Case in point, Orin writes about an 11th Circuit decision last week, Rehberg v. Paulk :
Dealing with search and seizure in the digital age is one of Orin’s primary areas of scholarship, and (unfortunately, to the extent he disagrees with me) his thoughts carry far more weight than mine. It’s a problem if we have any hope that the disastrous development of 4th Amendment law over the past century, you know, where the courts have developed a half dozen exceptions to every platitude about our being secure in our persons and effects so that pretty much every warrantless search is okey-dokey, won’t serve as our baseline for the future.
Case in point, Orin writes about an 11th Circuit decision last week, Rehberg v. Paulk :
The Eleventh Circuit held that constitutional protection in stored copies of e-mail held by third parties disappears as soon as any copy of the communication is delivered. Under this new decision, if the government wants get your e-mails, the Fourth Amendment lets the government go to your ISP, wait the seconds it normally takes for the e-mail to be delivered, and then run off copies of your messages.
Orin strongly disagrees with the decision. Not, mind you, because emails are the techno equivalent of what we would like to believe is a private communication, but because of the rationale employed.
I think the Eleventh Circuit’s analysis is wrong. To see why, let’s start by considering Rehberg’s outgoing e-mails, which seem to be the focus of the Eleventh Circuit’s opinion. It is true that when information is disclosed to a third party, the Fourth Amendment no longer protects the information disclosed. That’s the teaching of Miller and Smith (and, for what it’s worth, and I think those teachings are correct). But when many copies of information are made, you have to treat different copies differently. As a result, the fact that one copy of the communication has been received does not mean that all copies lose Fourth Amendment protection.
Got a headache yet? Can you imagine how far into the argument about how different copies of emails have to be treated differently before the judge said, “get to your point, counselor?”
All of these legal shenanigans are caused by the fortuitous mechanics of our digital life, that my email to you goes through something called an ISP, that has something called a server, where my email is stored along with a gazillion other emails both between sending and receiving and afterward. Even though in my dinosaur brain, the email is between the two of us, the reality is that it’s between and us and my ISP as well. If you have a different ISP, then we’ve got another intermediary and another server involved. According to how our ISPs work, there could be more intermediaries that we don’t know anything about.
There is a bottom line question to all of this, ignored almost entirely by the elegant, sophisticated and, in my view, ultimately irrelevant arguments made in trying to jam the round email peg into the square search and seizure hole. Should any of the mechanics of email transmission have anything whatsoever to do with our right to be secure in our persons and effects?
We’ve been offered a plethora of new techie means of communicating, and particularly problematic is that the means by which they fly through the air changes hourly, rendering any court decision based upon the particular means employed outdated by the time the hard copy opinion is issued. But none of this is floating through our heads as we hunt and peck our email, of DM, or whatever means of seemingly private communication is devised tomorrow. We believe that our communications are private. We want to believe this. We are, unfortunately, gravely wrong to believe this.
Throughout Orin’s post, he analogizes his theory to real world application, such as the arguments applicable to snail mail. Given how technology has changed the behind the scenes mechanics, we will ultimately, and invariably, lose the battle for privacy. There will always be a ton of other people’s fingers in our communications pie going forward, and to the extent that we perceive our communication as existing only on our little computer and our recipients, it will never be so again.
Indeed, given the nature of digital communications, there could be a million copies of every email we send floating around servers all over the world, and we would never really know it. Is it hard to imagine the government getting our friendly neighborhood ISP to route everything through a server in Latvia so that it can access anything it wants over there? On a less conspiratorial note, if a mere subpoena is all that’s needed for the government to get its hands on our communications in the hands of third parties,
Here’s the point: Given that emails and other electronic communications are our future, and given that the means by which they are transmitted will never eliminate the involvement of third parties and the maintenance of copies on somebody’s equipment somewhere, are we satisfied to be arguing over the arrangement of deck chairs on the Titanic (see, I can use analogies too)? Unless we develop a brand new approach to the future of communications, that does not rely on hard copy precedent and recognizes that people want to have a secure means of communication available to them in the future (and the future is a very long time), we’re watching the death of privacy in our own communications happen before our eyes.
This does not meet my reasonable expectation of privacy. We need to rethink the approach, start to finish, to deal with the digital world and whether we will have any privacy whatsoever in our future communications. How about a simple new rule: Emails are private communications and require a warrant upon probable cause as determined by a neutral magistrate? Who cares about ISPs and servers, multiple copies stored on servers worldwide. We are people, not merely the end of technological pipelines.
For these reasons, the court should have analyzed access to the e-mails stored with the ISP based on whether there was a reasonable expectation of privacy in that remotely stored copy accessed, independently of delivery of another copy. Given that we’re only at the 12(b)(6) stage, and we don’t yet know all the facts, I don’t think we have any basis to conclude that Rehberg did not have a reasonable expectation of privacy in the e-mails obtained.Orin then goes into the alternative rationales, however, that would allow the same result under different theories, not that he necessarily agrees with them but that there are numerous approaches to emails that have been employed by the courts, all of which end up with the same result. The government gets them, provided they serve the right paper to the right party. His points are highly nuanced and not easily captured in brief here. Read Orin’s post if you want to have a firm handle on his arguments, as I’ve done a poor job of explaining them, and despite my good intentions, can’t figure out a better way without incorporating his entire post into this one.
All of these legal shenanigans are caused by the fortuitous mechanics of our digital life, that my email to you goes through something called an ISP, that has something called a server, where my email is stored along with a gazillion other emails both between sending and receiving and afterward. Even though in my dinosaur brain, the email is between the two of us, the reality is that it’s between and us and my ISP as well. If you have a different ISP, then we’ve got another intermediary and another server involved. According to how our ISPs work, there could be more intermediaries that we don’t know anything about.
There is a bottom line question to all of this, ignored almost entirely by the elegant, sophisticated and, in my view, ultimately irrelevant arguments made in trying to jam the round email peg into the square search and seizure hole. Should any of the mechanics of email transmission have anything whatsoever to do with our right to be secure in our persons and effects?
We’ve been offered a plethora of new techie means of communicating, and particularly problematic is that the means by which they fly through the air changes hourly, rendering any court decision based upon the particular means employed outdated by the time the hard copy opinion is issued. But none of this is floating through our heads as we hunt and peck our email, of DM, or whatever means of seemingly private communication is devised tomorrow. We believe that our communications are private. We want to believe this. We are, unfortunately, gravely wrong to believe this.
Throughout Orin’s post, he analogizes his theory to real world application, such as the arguments applicable to snail mail. Given how technology has changed the behind the scenes mechanics, we will ultimately, and invariably, lose the battle for privacy. There will always be a ton of other people’s fingers in our communications pie going forward, and to the extent that we perceive our communication as existing only on our little computer and our recipients, it will never be so again.
Indeed, given the nature of digital communications, there could be a million copies of every email we send floating around servers all over the world, and we would never really know it. Is it hard to imagine the government getting our friendly neighborhood ISP to route everything through a server in Latvia so that it can access anything it wants over there? On a less conspiratorial note, if a mere subpoena is all that’s needed for the government to get its hands on our communications in the hands of third parties,
Here’s the point: Given that emails and other electronic communications are our future, and given that the means by which they are transmitted will never eliminate the involvement of third parties and the maintenance of copies on somebody’s equipment somewhere, are we satisfied to be arguing over the arrangement of deck chairs on the Titanic (see, I can use analogies too)? Unless we develop a brand new approach to the future of communications, that does not rely on hard copy precedent and recognizes that people want to have a secure means of communication available to them in the future (and the future is a very long time), we’re watching the death of privacy in our own communications happen before our eyes.
This does not meet my reasonable expectation of privacy. We need to rethink the approach, start to finish, to deal with the digital world and whether we will have any privacy whatsoever in our future communications. How about a simple new rule: Emails are private communications and require a warrant upon probable cause as determined by a neutral magistrate? Who cares about ISPs and servers, multiple copies stored on servers worldwide. We are people, not merely the end of technological pipelines.
Discover more from Simple Justice
Subscribe to get the latest posts sent to your email.
I’m not sure you and Orin are so far apart. The issue seems less that real world 4th Amendment models are being applied to Internet communications, and more that the wrong ones are. He’s basically counseling for the courts to use more sensible ones than they have been (for instance, IIRC, it’s not Orin who’s hung up on the ISP thing; it’s the court who decided to read too much into it) so that we don’t lose equivalent protections we would have had for the same communications sent via more traditional means.
Which is not to say that there’s no room for reconceptualizing our concept of privacy for Internet communications (I’m sure he would agree that the Wiretap Act and Stored Communications Act are hardly fit for Internet purposes) but at the same time, it’s really our concept of privacy altogether that needs reworking. When courts are bending over backwards to make every real world search and seizure valid, it’s hardly surprising that they aren’t also finding ways to do that in the virtual world too.
Thanks for insight.
I know that’s what you’re advocating for too. I’m saying that Orin’s approach isn’t adverse to that interest.
I agree with that. My big issue with this area is that I’ve never liked courts ruling on the legal status of computer technologies by using reasoning by analogy on something that is already an analogy – email isn’t actually like a letter, so you shouldn’t use postal precedents to decide how to deal with it, or there aren’t actually files and folders inside your computer, so treating them as if they were paper files and folders is the wrong way to do it.
Orin’s approach is the polar opposite of what I’m advocating, and the only thing I’m advocating is for a new approach the search and seizure law pertaining to computers and digital communications that is not based on existing law stretched by analogy, as in letter to email, file cabinet to computer. Orin advocates for the exact opposite of that.
If we were to start over for the digital world, given the post-9/11 climate, I fear we’d lose even more ground on privacy. Even in non-digital cases, we’ve seen so much erosion of Fourth Amendment protections that some days I dread reading FourthAmendment.com. Chief Judge Kozinski’s recent rant/dissent in United States v. Lemus was heartening, but he’s obviously in the minority. If the courts can’t get the basics right, are they going to get it right with issues of privacy in the digital world? I don’t think so.
While there’s no doubt in my mind that some federal statutes need to be revised (Paul Ohm has done a great job of articulating some of those issues), unless we want to have to enact a different law for every new development or risk legislators writing new watered-down protections, I think there’s merit in trying to hang on to the non-digital thinking as much as possible and trying to apply it to the digital world.
The masses went along with the warrantless surveillance of American’s communications in the name of “security.” This President and this Congress are no more protective of our civil liberties than their predecessors. I don’t want them writing new laws that would only legalize what they shouldn’t be doing.
Lose more? There really isn’t any more to lose.
Not arguing… Trying to understand. I’m all for greater privacy protections in Internet communications, but how would this work?
Take the Wiretap Act. It articulated in statute the 4th Amendment protections available for private communications, but even if the statute wasn’t there, the 4th Amendment logic should have reached the same result. Having the statute though meant that courts couldn’t meander away from the warrant requirements so easily.
Then the Wiretap Act got amended by ECPA in 1986, which was terrible. In trying to ensure the Wiretap Act reached electronic communications it was so over-specific as to make the law almost completely inapplicable to everything. Unfortunately, having ECPA in place sucked up all the oxygen, so no one ever takes a step back to apply 4th Amendment privacy principles to Internet communications afresh.
I, probably you, and probably even Orin would all agree that the Wiretap Act needs to be properly amended, to dispose of ECPA and statutorily encode 4th Amendment privacy principles towards Internet communications more effectively.
But what shape would that law take? How would it apply 4th Amendment principles? It would seem to need to have some bearing on how the technology actually worked (e.g., how do you account for the intermediaries?), but how do we get something like the original Wiretap Act, which looked at the technology and figured out how to apply privacy protections to it, and not something like ECPA, which looked at the technology and found excuses to deny it privacy protections? If we are in an era where even real-world 4th Amendment protections are so readily gutted, how do we get a rule more like the former and less like the latter?
(At least if we use Orin’s tact to analogously apply 4th Amendment rules from the real world we can pick those rules which were created back when preserving privacy was more of a legal priority than it has been lately.)