“[M]odern cell phones . . . are now such a pervasive and insistent part of daily life that the proverbial visitor from Mars might conclude they were an important feature of human anatomy.”
-Chief Justice John Roberts
* * * * *
The Stored Communications Act
The Fourth Amendment prohibits the government from conducting unreasonable searches and seizures of our “persons, houses, papers, and effects.”[i] In Riley v. California and United State v. Wurie[ii], the Supreme Court unanimously held that cell phones were within this zone of protection. In answering the long awaited question of what police officers must do prior to searching the contents of a cell phone, Chief Justice Roberts, in a single opinion written for both cases, held that the answer was “simple—get a warrant.”[iii]
While this holding recognized the unique privacy concerns inherent in searches of cell phones, the holding has not been consistently applied to protect cell site location information (CSLI). In fact, the Stored Communications Act (“SCA”), which was passed by Congress to protect stored communications, allows the government to bypass probable cause when gaining access to CSLI.[iv] Two circuit splits have arisen regarding the SCA’s “protection” of CSLI and the Fourth Amendment implications. First, the Fourth, Fifth, and Eleventh Circuits disagree as to whether government acquisition of CSLI is a “search” within the meaning of the Fourth Amendment. Second, if CSLI acquisition is a search, the Fourth and Eleventh Circuits disagree about what the government must show to obtain a court order to disclose the information.
The 2006 Directive
This debate, however, is not unique to the United States. Although Europe is traditionally more protective of its citizens privacy rights,[v] the 2006 Data Retention Directive (“the 2006 Directive”), passed by the European Parliament and the Council of the European Union in response to the growing number of terrorist attacks, limited European citizens’ privacy rights, including one’s privacy to CSLI.[vi] Like the SCA, the 2006 Directive distinguishes between the content of cell phone calls and the location data.[vii] However, the 2006 Directive has been interpreted to require three conditions: (1) the processing must be “done by a public authority or for a public purpose, . . . authorized by a law, accessible to the public, [and] with precise enough provisions to curb arbitrary government action”; (2) the purpose must one recognized under Article 8; and (3) “the interference with private life must be proportional.”[viii]
Proportionality and the Fourth Amendment Balancing Test
While all three pre-conditions to the 2006 Directive serve as a check for the loss of individual privacy rights, the proportionality requirement gets to the heart of the Fourth Amendment balancing test, which weighs the government’s need for the information with the individual privacy interest at stake.[ix] Like the traditional balancing test, “[p]roportionality under EU law implies balancing the importance of the privacy right against the importance of the public purpose and searching for a less intrusive way to accomplish the same purpose.”[x] While a proportionality requirement would not necessarily raise the government’s burden to probable cause, it could serve as a check on arbitrary government searches of CSLI. Although the current standard under the SCA requires the government to show “specific and articulable facts” demonstrating a “reasonable ground to believe the” CSLI is “relevant and material to an ongoing criminal investigation,” this can seemingly be easily shown, a proportionality requirement may demand less intrusive means of monitoring or stricter time limits on the monitoring.[xi] The proportionality requirement would also protect the government’s legitimate need for electronic information gathering, especially in light of investigations of serious crimes.
Whether by means of a proportionality requirement or another safeguard, the SCA is in need of revision due to the advances in technology since its 1986 enactment. In reforming the SCA, Congress should look to the European Parliament and the Council of the European Union’s considerations in passing the 2006 Directive and the 2006 Directive itself, along with EU members’ subsequent legislation, as a case study. This can provide valuable insight into both successes and pitfalls of a piece of legislation that considered the effects of modern technology at its inception.
[i] U.S. Const. amend. IV.
[ii] 134 S.Ct. 2473 (2014).
[iii] Id. at 2495.
[iv] 18 U.S.C. § 2703(d) (allowing disclosure of CSLI when “the governmental entity offers specific and articulable facts showing that there are reasonable grounds to believe that the contents of a wire or electronic communication, or the records or other information sought, are relevant and material to an ongoing criminal investigation”).
[v] See Council Directive 95/46, art. 1, 1995 O.J. (L 281) 31, 38 (EC).
[vi] Council Directive 2006/24, art. 5(f), 2006 O.J. (L 105) 54, 58 (EC).
[vii] Id. art. 5(f)(1)-(2).
[viii] Francesca Bignami, Privacy and Law Enforcement in the European Union: The Data Retention Directive, 8 Chi. J. Int’l L. 233, 242 (2007). Professor Bignami’s article thoroughly explains these requirements, their sources, and their interpretation.
[ix] Riley, 134 S.Ct. at 2483 (“[W]e generally determine whether to exempt a given type of search from the warrant requirement ‘by assessing, on the one hand, the degree to which it intrudes upon an individual's privacy and, on the other, the degree to which it is needed for the promotion of legitimate governmental interests.’”) (quoting Wyoming v. Houghton, 526 U.S. 295, 300 (1999)).
[x] Elise M. Simbro, Disclosing Stored Communication Data to Fight Crime: The U.S. and EU Approaches to Balancing Competing Privacy and Security Interests, 43 Cornell Int’l L.J. 585, 606 (2010).
[xi] Currently, there is a thirty day time limit on monitoring, which can be extended upon an application for extension under 18 U.S.C. § 2518(5).