The Supreme Court decided Friday that cell-site location information is protected by the Fourth Amendment’s guarantee against unreasonable searches and seizures. Carpenter v. United States offers a rare bright spot in the uphill battle for digital privacy. Even more significant than the ruling is the reasoning: The Supreme Court has finally rejected the outdated idea that we voluntarily surrender our privacy simply because we own a digital device.
Our phones leave digital footprints wherever we go. Cell-site location information is a type of metadata — information about a communication (phone calls, emails, text messages) that does not include its contents. While the courts normally require a warrant to eavesdrop on calls or read the contents of messages, until now there was no constitutional protection for metadata, making it fair game for the mass surveillance state.
The government’s argument has been that when we use our phones, we agree to provide this information to a third party. If so, we can’t complain no matter how the data is used. Chief Justice John Roberts firmly rejected this reasoning in his opinion for the court. No one consents to handing over “a comprehensive dossier of his physical movements” just by using a phone.
Carpenter involved a criminal investigation. The court was careful to leave “other collection techniques involving foreign affairs or national security” to future cases. Nevertheless, it is in the sweeping mass surveillance programs of the U.S. intelligence community where the court’s decision is likely to have its biggest impact.
In June 2013, the world learned about a massive program of secret metadata collection from Edward Snowden, a contractor for the National Security Agency who stole a trove of classified documents and gave them to reporters. One of the first documents to be disclosed was a top-secret court order to Verizon for “all call detail records or ‘telephony metadata’” belonging to the company. The order was issued under a law that gave the government the power to obtain “relevant” metadata — the same standard the Supreme Court rejected today.
At the time, I was wrapping up a job as a privacy official for Director of National Intelligence James Clapper. He was becoming infamous because of his false answer to Sen. Ron Wyden (D-Ore.) just a few months earlier. Asked whether “the NSA [collects] any type of data at all on millions or hundreds of millions of Americans,” Clapper responded, “No, sir. Not wittingly.” That, of course, was not true, as anyone with knowledge of the NSA’s bulk collection programs knew.
I knew, because the intelligence community had taken a chance on hiring me — a lawyer for the American Civil Liberties Union and a critic of surveillance — in a new office dedicated to ensuring privacy protections in intelligence programs. My work included reviewing some of the NSA’s most sensitive programs, including the massive telephone records program that was now dominating the headlines.
I urged strong privacy safeguards for the program. Still, it was surprisingly hard to argue that such a sweeping program of domestic data collection should be ended altogether. The notion that we surrender our privacy by providing our information to telephone companies made no sense in the digital age, but it was deeply embedded in the law. According to the secret court that reviews intelligence surveillance, there simply was “no Fourth Amendment interest” in metadata provided to phone companies. It didn’t matter whether the government was looking for the records of 300 million people or just one. Any number multiplied by zero was still zero, the court reasoned.
The public still doesn’t know whether the NSA’s collection of telephone records in bulk ever included cell-site location information. At a hearing in September 2013, Wyden asked another of his famous pointed questions: Has the NSA “ever collected, or made any plans to collect Americans’ cell-site information in bulk”? The NSA director, Gen. Keith Alexander, refused to give a straight yes or no answer. He would say only that, at that time, the NSA “is not receiving cell-site location data and has no current plans to do so.”
In 2015, Congress passed the USA Freedom Act, which limits the domestic collection of metadata in bulk. The NSA now must use a “specific selection term” to collect metadata. But the law offers only limited protection. Even after this reform, the NSA has reported that it collected more than half a billion records last year under the Freedom Act. Furthermore, the Freedom Act expires at the end of next year, and — like any federal law — it can be changed by Congress.
The Constitution is far less fragile. Under the Fourth Amendment, the chief justice reminded us, “the Government’s obligation is a familiar one — get a warrant.” A warrant requirement dooms collection in bulk because mass surveillance programs involve billions or trillions of records. After Friday, it won’t be so easy for the NSA to brush aside constitutional objections to mass surveillance by saying “it’s only metadata.” The government may have to rethink mass surveillance altogether.
Timothy Edgar is a senior fellow in international and public affairs at Brown University and is the author of “Beyond Snowden: Privacy, Mass Surveillance and the Struggle to Reform the NSA.”