Law in the Internet Society

I. Introduction

As acknowledged in United States v. Jones,

Why isn't this a link to the case you are discussing?

Fourth Amendment jurisprudence must evolve with advances in technology. However, the Supreme Court has yet to accept a case involving Fourth Amendment protections for email (only one circuit has held that citizens have a reasonable expectation of privacy in their email),

What does this mean? There's a statute, the Electronic Communications Privacy Act, that sets the rules for email in much the same way that the statute it amends, Title III of the Omnibus Crime Control and Safe Streets Act of 1968, sets the rules for telephone wiretapping. What Court case are you saying hasn't occurred?

let alone social media or “advances” such as cloud computing.

Why should the constitutional structure require revisiting with every change in IT architecture or buzzword-compliancefest?

Perhaps this reticence to accept cases is due to a belief that a legislative body is better situated to “gauge public attitudes, to draw detailed lines, and to balance privacy and public safety in a comprehensive way.” Jones v. United States, 132 S.Ct 945, 964 (2012) (Alito, Concurring in the Judgment). However, I would argue that courts not legislative bodies have the institutional competence necessary to determine Fourth Amendment protections in cyberspace. Further, such decisions should be reached sooner rather than later, before reductions in privacy expectations forced upon American citizens become prevalent and entrenched.

Why are we choosing between courts and legislators, or regulators, as though privacy were not like environmental protection, or any other complex area of social policy, in which all aspects of the State are involved?

Institutional Competence of Courts

In Jones, Justice Alito, concurring in the judgment, argued legislative bodies may possess the institutional competence to best balance privacy and public safety in light of changes in technology.

Why isn't this a link to the relevant section of the opinion?

Deferring judgment to the wisdom of Congress is the wrong approach for at least three reasons. First, Congress is susceptible to capture by particular interest groups keen on weakening privacy protections in cyberspace. As we have seen with the TSA, privacy is often sacrificed in the name of security. Smaller, well-organized groups with a more particularized interest are more likely to capture institutional power to achieve their goals. In this case, law enforcement is likely to extensively lobby for reduced Fourth Amendment protections in the net. As we have seen with the recent defeat of the Stop Online Piracy Act (SOPA), grass-roots movements to defeat particularized interest groups are possible.

If Google is the one watering the lawn.

However, it is likely to be a much more difficult fight when the threat of reduced security argues for limited Fourth Amendment protections in cyberspace. Second, Congressional action in the near-term on privacy protections in cyberspace is unlikely. Very few bills introduced in Congress are ever passed. Further, with likely republican control in the house and democratic control in the senate and presidency in the near-term, Fourth Amendment protections in cyberspace are unlikely to be addressed. Thus, courts remain the only realistic forum for addressing overreach by law enforcement. Privacy expectations in the net are still being shaped. The longer the question of Fourth Amendment protections in the net is put on hold, the more likely privacy protections will be reduced. Currently, the average person still expect some degree of privacy in the net, but is unaware of how their information is being used and how to adapt privacy settings to share only the information they wish to share. Abuses of privacy expectations by law enforcement and privacy policies of internet sites may set the new norm and entrench expectations of privacy in the net, having drastic and negative consequences for Fourth Amendment protections citizens would currently expect. Further, Congress has already expressed a willingness to sacrifice Fourth Amendment protections in the name of security. Consider the recent extension of the Foreign Intelligence Surveillance Amendments Act (FISAA).

These are generic objections to Congressional behavior dressed up as specific social policy analysis.

Criticisms

It has been argued that judges lack the technical knowledge to make well informed decisions concerning trade-offs between privacy and security. However, can it be said that the members of Congress are more knowledgeable than judges?

The existence of legislative staff, executive branch agency expertise, and lobbyists have all been noticed elsewhere in the essay. Why not here?

If we trust judges to acquire complex knowledge of technology in the intellectual property space, why could they not acquire the rudimentary knowledge necessary to make decisions about how technology and society’s expectation of privacy interact? However, determination of Fourth Amendment rights in cyberspace by courts is likely to produce mixed results. First, the third-party doctrine which holds that a warrant is not required to obtain information released to a third-party must be re-examined in light of the way data is shared and stored in the net.

Why? In what way does "the way data is stored" change the constitutional analysis?

In the context of the net, user-data is often freely given to third parties and hosted on third party servers. Further, in order to create accounts on various sites on the net, users are required to agree to privacy policies. These policies often state that the third-party has access to user data for to the auditing or monitoring purposes. Courts should be willing to acknowledge that these advances in technology may become “so pervasive that some persons my consider it to be an essential means or necessary instrument for self-expression, even self-identification.” United States v. Warshak, 631 F.3d 266, (6th Cir. 2010).

Why isn't this a link to the case? Why is the case important, or was only the rhetoric significant?

However, just because users may be willing to give up limited privacy for one purposes, this does not mean that they are willing to give it up for all purposes. Thus, as acknowledged in Jones, the third-party doctrine should be re-examined and adjusted for the way information is shared on the net. Courts have been reluctant to adapt exceptions for warrantless searches to advances in technology. For example, many courts have permitted cellphones to be considered as “containers” for purposes of the search-incident-to-arrest exception for warrantless searches. Such an interpretation enables law enforcement access to an unprecedented volume of private data which has nothing to do with the traditional concerns of law enforcement safety. However, cramped reasoning by analogy have led courts astray in determining the appropriate level of Fourth Amendment protections.

Conclusion

Although neither solution is perfect, courts rather than legislative bodies are the best option for creating privacy protections matching societal expectations. Congress has already bought into the false dichotomy between privacy and security, and would be susceptible to influence from well-organized law enforcement groups which do not share societal expectations of privacy. Further, such challenges to law enforcement action must be heard sooner rather than later before societal expectations are shaped.

What possible value is there in arguing about who should do something where the something to be done is left undefined?

-- ShyamPalaiyanur - 01 Apr 2013

 

Navigation

Webs Webs

r2 - 16 Apr 2013 - 19:28:10 - EbenMoglen
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM