Stoll Keenon Ogden PLLC | Advertising Material
by Douglas Brent, Attorney at Stoll Keenon Ogden PLLC
Andrew Hagerman, Summer Associate at Stoll Keenon Ogden PLLC
With much of our lives centered on mobile devices that regularly share information, our personal views about what is “private” change constantly. For example, if you use a navigation app on your smartphone, it may have occurred to you that your GPS-generated location information is being shared with a service provider. But what if you simply carry a standard wireless phone? Do you think it similarly reveals information about where you are? And how does that affect your personal privacy rights?
One federal appeals court tackled that question in considering the appeal of a violent armed robbery suspect nabbed in part thanks to information provided to the police by the suspect’s wireless carrier. U.S. v. Davis is a case we’ve written about before. Last year, a three-judge panel rejected the warrantless use of location data deduced from the records of a wireless carrier, reasoning that users don’t voluntarily share their location information with their provider and have a reasonable expectation in the privacy of the information.
Prosecutors sought rehearing even though the conviction of Davis was upheld on other grounds. On review, the full court reversed course. Why?
Do you know how your cellular provider’s network reveals your movements?
In 2011, Davis was charged with, among other things, robbery and knowingly using a firearm in a violent crime. During trial, the court admitted location evidence based on stored cell site information obtained without a warrant. The information obtained placed Davis in the general vicinity of six of the seven robberies.
The location evidence consisted of records obtained from wireless service providers pursuant to the Stored Communications Act, which allows the government to obtain service records with a court order rather than a warrant, which does not require a showing of probable cause. The location information used here included a record of calls made, and revealed which cell tower carried the call to or from the customer. Davis was a relentless caller, and there were more than 5,000 call records to or from his phone during a 67-day period when the robberies were committed. This large dataset allowed investigators to overlay information showing the correlation between the location cell sites that had handled calls from Davis and the location of crime scenes. So even though investigators couldn’t pinpoint his location, the historical data still revealed a rich history of his general movements.
Why a warrant is not required for cell site location information
The 4th Amendment is a critical privacy protection against unreasonable searches by law enforcement. But the protection is shaped by considering what privacy expectations are reasonable. The Supreme Court, in its 1967 decision in United States v. Katz, put forth the “reasonable expectation of privacy” test. Under this test the Court asks first whether the party in question had a subjective expectation of privacy, and then whether society recognizes that expectation of privacy as reasonable.
Here, dispensing as irrelevant Davis’s subjective expectations of privacy, the Eleventh Circuit held that society recognizes no reasonable expectation of privacy for Davis with respect to the location of the cell towers associated with the calls he made during the 67-day period of the seven robberies.
First, the Court used the prior Supreme Court decisions of United States v. Miller and Smith v. Maryland forming the core of the “3rd-party doctrine,” holding that a person has no reasonable expectation of privacy with respect to information voluntarily turned over to 3rd parties, specifically when such information is owned and maintained by the 3rd party in the ordinary course of business. In Miller, the defendant had voluntarily conveyed the pertinent account information to the banks where he was committing fraud. Similarly, in Smith, by making the telephone calls, the defendant voluntarily conveyed the numerical data to the telephone company. In each of these two cases, the information sought by the government was owned and maintained by the 3rd party in the ordinary course of business.
MetroPCS, the 3rd-party service provider for Davis, kept data records of historical cell tower location information in the ordinary course of business, which included the data pertaining to Davis’s cell phone calls during the 67-day robbery span. The Court said Davis voluntarily conveyed this data to MetroPCS when he chose to make telephone calls.
Second, as it pertains to telephone records, the Court reasoned that, though Davis may have harbored subjective expectations of privacy, he should have reasonably understood that he was transmitting his phone number and the phone numbers he was dialing to the wireless provider. Additionally, he must have known that this information would be sent to a cell tower within range of his phone, and that the cell tower itself would ultimately connect his call. Therefore, he should have reasonably expected that he was conveying and exposing to MetroPCS his general location within that particular cell tower’s range. Also, Davis should have understood that MetroPCS would then maintain such records in the ordinary course of business.
The question remains, though, whether the ordinary U.S. citizen and cell phone user has any idea exactly how their text messages and cell phone calls are actually transmitted by their wireless provider, and additionally, whether they really anticipate that their cell service provider, or any supporting company that provider may use, will retain the data collected from such text messages and cell phone calls in the ordinary course of business. The Eleventh Circuit’s decision in United States v. Davis imputes such knowledge to criminal suspects who are investigative targets.
Interestingly, U.S. Supreme Court Justice Sotomayor stated in her concurrence to the 2012 decision in United States v. Jones that she had concerns regarding the government’s seemingly unrestrained power to assemble data on U.S. citizens, and the premise that a person may harbor no reasonable expectation of privacy in information voluntarily turned over to 3rd parties may need to be reconsidered in light of modern technology. While the Eleventh Circuit noted Justice Sotomayor’s concerns in the Davis opinion, it said this raises an issue for Congress, not the courts.
Comparing voluntary disclosure to forced disclosure. How far can law enforcement go?
The Davis case dealt with historical call details generated by an active caller and later retrieved by law enforcement from a 3rd-party wireless service provider. But what if law enforcement had a hand in generating the call detail (and location) information?
Kentuckians should be aware of a 2012 panel decision from the Sixth Circuit that seems to give law enforcement broad authority to turn a suspect’s wireless phone into a virtual beacon conveying real time information about location.
United States v. Skinner involved tracking a suspected drug trafficker known to be carrying a prepaid cell phone. The phone number had been discovered in an investigation, but law enforcement did not know who was carrying the phone. After obtaining a court order, but not a warrant, the government had the carrier repeatedly “ping” the cell phone in order to track its real time location using the phone’s GPS data generated by the pings. The phone eventually stopped moving along an interstate highway, and a motorhome was searched after a dog detected contraband. The Skinner court stated that the defendant had no reasonable expectation of privacy “in the data given off by his voluntarily procured pay-as-you-go cell phone.” That language seems rooted in suspicion about why anyone uses a prepaid phone, and glosses over the warrantless law enforcement activity that caused the transmission of GPS information. This represents a significant difference from the Davis case. In Davis, the suspect voluntarily transmitted his cell phone data to the cell towers by making telephone calls, with the data then placing him in the general vicinity of that particular cell tower. By contrast, the defendant in Skinner had his precise location and movements tracked in real time even while he was not using his phone.
The Sixth Circuit panel’s broad statement that “law enforcement tactics must be allowed to advance with technological changes” is questionable today in light of the 2014 Supreme Court decision in Riley v. California, where the court rejected warrantless searches of the contents of arrestees’ wireless phones. In contrast, the Eleventh Circuit’s willingness to impute to users basic knowledge about how wireless carrier networks function seems to be a reasonable extension of the 3rd-party doctrine.