By Daniel de Zayas
As technology advances, new forms of data are created, providing new avenues for law enforcement to investigate unlawful activity. While the law struggles to keep up with these technological and investigative advances, courts must decide whether the scales have shifted too far in either direction. In one of its most recent equilibrium adjustments, the Supreme Court of the United States held in Carpenter v. United States that law enforcement must obtain a probable cause warrant to acquire seven days or more of historical cell-site location information (CSLI). While Carpenter represented a victory in kind for privacy advocates, law enforcement officials are now increasingly utilizing geofence warrants to circumvent the privacy rights explicitly and implicitly established in Carpenter. After assessing Carpenter’s impact, this Article analyzes law enforcement’s use of geofence warrants and argues that they violate the Fourth Amendment post-Carpenter.
Carpenter’s Impact on the Fourth Amendment Landscape
Carpenter v. United States changed the legal landscape in two significant ways. First, Carpenter circumscribed the antiquated third-party doctrine, which espouses that a person does not have a reasonable expectation of privacy in information voluntarily conveyed to third parties. The Carpenter Court clarified that the third-party doctrine is not a one-size-fits-all doctrine; rather, the Court recognized the existence of a “distinct category of information”—historical CSLI being the founding member in the Court’s eyes—to which the doctrine does not apply because the information is comprehensive and not voluntarily conveyed to a third party. Second, Carpenter established that individuals have a reasonable expectation of privacy in seven days or more of their historical CSLI. The Court highlighted that location data collected and held by mobile phone service providers reveals comprehensive, intimate details of a person’s life and allows the government to effectively “travel back in time” to track any cellphone owner in the country.
While Carpenter arguably furthered the jurisprudential plot, the opinion is hamstrung by the Court’s failure to explain why a reasonable expectation of privacy attaches no sooner than seven days. This “bright line” rule is buried in a footnote, perhaps evincing the Court’s unwillingness to attempt to strike a balance between privacy interests and law enforcement needs. As I have argued previously, the interests substantiating the expectation of privacy in location data can be implicated by less than seven days of location data, such as where data is particularly comprehensive or, contrary to the Carpenter Court’s refusal to extend its holding to tower dumps, where information pertains to numerous data subjects. Some service providers who have also picked up on this arbitrary seven-day rule have imposed policies requiring warrants for all non-emergency demands for historical CSLI, regardless of whether the demand is for less than seven days of information. However, for now, the seven-day rule is the line in the sand, and law enforcement have utilized unique tools that, at least, implicate Carpenter and, at most, contravene its reasoning.
Geofence Warrants and Chatrie
Post-Carpenter, law enforcement officials have exponentially increased their use of geofence warrants. Geofence warrants authorize law enforcement to acquire location data from any device near a specific location at a specific time. In practice, law enforcement obtain geofence warrants when they know a crime occurred at a specific location and time (e.g., a bank robbery at Blackacre Bank on May 20, 2019) but do not know the identity of a suspect. To identify a suspect, law enforcement use a geofence warrant to compel service providers to disclose several rounds of information. First, the service provider discloses location information for all devices near the scene of a crime during a specified window; however, the identity of the device owners is not disclosed. After reviewing each device’s location history, law enforcement narrow the list of suspects and demand slightly more location history for the narrowed list of suspect devices. After determining that a certain device’s location history matches a potential suspect, the government compels the service provider to reveal the subscriber information (e.g., name, address, service connection records) associated with that device. To be clear, geofence warrants are issued pursuant to a finding of probable cause that a crime has been committed; however, their questionable constitutionality derives from their arguable lack of particularity as to whose information is to be seized and searched.
United States v. Chatrie, an on-going case out of the Eastern District of Virginia, is potentially the first case in the nation to challenge the use of geofence warrants. In Chatrie, law enforcement seeking to identify a bank robber used a geofence warrant to compel Google to disclose location history data associated with nineteen phones running Google’s Android operating system located within 150 meters of a credit union during a one-hour window. Notably, Google collected the location data by means of GPS, as well additional datapoints such as proximity to Wi-Fi networks and other sensors. Chatrie argues that geofence warrants are unconstitutional, alleging inadequate particularity and probable cause, among other things. Along these lines, the following section argues that geofence warrants violate the Fourth Amendment post-Carpenter.
Analysis
To argue that geofence warrants violate Carpenter first requires that the sought-after data—in this case, the historical location data of numerous devices over a period of time less than seven days—is in fact protected under Carpenter. While the Carpenter Court explicitly limited its holding to seven days or more of historical CSLI, courts have recognized that the Carpenter reasoning applies with equal force to other types of data, such as real-time location data and 24/7 pole camera surveillance and, accordingly, have applied Carpenter to these alternative types of data. In each case, the court emphasized that these alternative forms of data, like historical CSLI, raise the same concerns about comprehensive, retrospective, and pervasive tracking that reveal intimate details about an individual’s life, thus furthering the narrative that the expectation of privacy attaches to the comprehensiveness of the data, as opposed to the type of data itself. These concerns apply with equal, if not greater, force to the time limited location data sought by geofence warrants.
Like that in Carpenter, the information at the core of the Chatrie geofence controversy is location data; however, the Chatrie location data is more comprehensive and accurate than that in Carpenter. Whereas Carpenter involved only historical cell-site location information, Chatrie involves location information derived not only from GPS, which can pinpoint a device much closer than CLSI, but also refined through additional datapoints such as proximity to Wi-Fi networks and other sensors. These more accurate data streams and data points result in location data that is more comprehensive and thus more revealing than CSLI alone. Moreover, the location data in Chatrie, although distinct in form, enables law enforcement to engage in the same pervasive and unrestrained retrospective surveillance that the Carpenter Court denounced. For these reasons, and many more beyond the limitations of this article, the location data sought in Chatrie and by geofence warrants generally is protected under Carpenter.
Having established that the location data sought by geofence warrants falls within the warrant requirement, there are several reasons why geofence warrants do not provide adequate Fourth Amendment protections post-Carpenter. First, geofence warrants launch a side-door attack on the protections afforded by the warrant requirement. Geofence warrants employ “artificial anonymity” to circumvent post-Carpenter de jure and de facto rules mandating that law enforcement acquisition of location information requires a warrant both issued pursuant to a finding of probable cause and particularly describing the persons or things to seized and searched. The artificial anonymity issue manifests during the first couple of rounds of data disclosure, wherein law enforcement request the location data of multiple individuals—while intentionally foregoing requesting identifying subscriber information at these earlier steps—to obtain information that, but for the geofence warrant mechanism, requires individualized probable cause warrants that particularly describe the persons or things to be searched. This artificial anonymity contravenes the Carpenter Court’s attempts to circumscribe the government’s ability to engage in retrospective surveillance based on location data collected not just from “persons who might happen to come under investigation” but also every device owner in the country. Unlike the disclosure requests in Carpenter, geofence warrants compel the disclosure of multiple individuals’ location information—many of whom are innocent bystanders. While this is may seem to be a natural consequence of law enforcement investigations, this overbreadth should not be condoned as permissible constitutional collateral damage. In sum, although at face value geofence warrants acknowledge Carpenter’s probable cause warrant requirement, their failure to particularly describe the persons or things to be seized both violates the particularity requirement and dilutes protections afforded by the probable cause requirement.
Conclusion
It is necessary to strike a functional equilibrium between privacy interests and law enforcement’s investigative needs, but geofence warrants unduly tilt the scales in favor of law enforcement. Law enforcement’s ability to circumvent the full protections afforded by the warrant requirement by use of dragnet process starkly contrasts with the post-Carpenter legal landscape. However, future research should compare the use of geofence warrants with the network investigative technique warrant that courts have generally upheld in the Playpen cases, assessing how both warrants authorize watering hole based searches and seizures. While geofence warrants present a formidable test for Carpenter—the result of which is uncertain—Carpenter will continue to serve as a tool to pursue, and potentially maintain, the elusive equilibrium between privacy and law enforcement needs.
Comments