Photo of Brian J. Willett

The Fourth Amendment has received significant attention in recent court rulings involving surveillance, electronic data retrieval, and other types of technology. Two rulings issued on October 21, 2019 demonstrate how difficult it can be to anticipate the outcome of Fourth Amendment disputes relating to technology. In one, the Georgia Supreme Court found the warrantless search of electronic data from a car following a fatal accident to be unconstitutional. In the second, the U.S. Court for the Western District of Tennessee held that the Fourth Amendment permitted the warrantless placement of a government surveillance camera on a man’s private hunting and fishing property.

Mobley v. State (Ga. Oct. 21, 2019)

In Mobley, the Georgia Supreme Court ruled that a trial court erred in denying a motion to suppress evidence that law enforcement retrieved from the electronic data recorder in the defendant’s car. In coming to this conclusion, the Mobley court ruled that – regardless of any reasonable expectation of privacy – the physical entry of a police officer into the defendant’s car to retrieve the electronic data was a search for Fourth Amendment purposes.

The Mobley case arose after a car driven by defendant Mobley collided with a car that pulled out of a private driveway; both occupants of the latter car died. Before the cars were removed from the accident scene, a police investigator entered both cars, and attached a crash data retrieval device to data ports in the cars to download available data. The data revealed that shortly before the collision, Mobley’s car was traveling almost 100 miles per hour. The next day, law enforcement applied for a warrant to seize the electronic data recorders. The warrant was issued, but no additional data was retrieved from the recorders. A grand jury indicted Mobley on a number of counts, including vehicular homicide.Continue Reading Courts continue to consider intersection of Fourth Amendment and technology: without a warrant, retrieval of car’s electronic data unconstitutional, but surveillance on hunting property permissible

Addressing an issue of first impression, the Pennsylvania Superior Court ruled last week that a venue analysis dating to 1967 focusing on the location of dissemination of allegedly defamatory newspapers applied to online defamation suits as well.  As a result, the proper venue for Pennsylvania defamation suits based on website content is any county where a third party who knows the plaintiff personally reads the content and understands it to be harmful to the plaintiff’s reputation. The ruling enlarges the potential venue options for defamation plaintiffs and could lead to website publishers and social media posters being sued in any county in Pennsylvania.
Continue Reading Pennsylvania Superior Court holds county where reputational harm occurs is proper venue for Internet defamation suits, confirming 50-year-old inquiry applies to website-based claims

The Supreme Judicial Court of Massachusetts issued two rulings last week addressing law enforcement access to and use of cell phone location data. In the first, the court found that pinging a cell phone’s real-time location constitutes a search in the constitutional sense. In the second, the court held that warrantless location tracking was an unlawful search and that information obtained as a result of that tracking was “fruit of the poisonous tree” that the defendant could suppress. The rulings acknowledge the challenges inherent in adapting age-old legal concepts to new technology, but also show that some invasions of privacy may be permissible depending upon the circumstances. While the court’s decisions addressed Article 14 of the Massachusetts Declaration of Rights rather than the Fourth Amendment to the U.S. Constitution, the analytical decisions may offer guidance as to how other courts may rule on similar issues in the absence of on-point precedent from the U.S. Supreme Court.

Commonwealth v. Almonor

On April 23, 2019, the court ruled that law enforcement compelling a suspect’s wireless service provider to ping the suspect’s cell phone, revealing its GPS coordinates, was a constitutional search for purposes of Article 14 of the Massachusetts Declaration of Rights, which states, in relevant part, that “[e]very subject has a right to be secure from all unreasonable searches, and seizures, of his person, his houses, his papers, and all his possessions.” However, after deciding that issue of first impression, the court found the warrantless search was adequately supported by probable cause and was thus reasonable under the exigent circumstances exception to the warrant requirement.

In Almonor, the defendant was suspected of murder. After the police learned Almonor’s phone number, they requested real-time location of his cell phone from his wireless service provider. The provider pinged the phone, and police used the resulting GPS coordinates to find the defendant and subsequently seized a sawed-off shotgun and bulletproof vest from his hiding place pursuant to a search warrant. Almonor successfully moved to suppress the evidence as fruit of an unlawful search, and the government appealed.Continue Reading Massachusetts High Court issues rulings defining contours of constitutional protection for cell phone location data

The Fourth Amendment right of the people “to be secure in their persons, houses, papers, and effects” has been center stage in debates over technology that scarcely could have been imagined at the time it was written. See, e.g., Carpenter v. United States, 138 S. Ct. 2206 (2018); United States v. Jones, 565 U.S. 400 (2012). With less fanfare, however, the Fifth Amendment has emerged as another critical consideration in recent cases focused on the protection of information accessible only through biometric scans (such as fingerprint or facial recognition). In the latest example of this trend, the U.S. District Court for the Northern District of California found that the Fifth Amendment right against self-incrimination prohibited the compelled use of biometric smartphone unlocking features, such as fingerprint, thumbprint, facial, or iris recognition, in In the Matter of the Search of a Residence in Oakland, California, No. 4-19-70053, 2019 WL 176937 (N.D. Cal. Jan. 10, 2019). Cases like this one read the right even more broadly than those dealing with the compelled production of passwords. Practitioners should monitor this ongoing judicial dialogue about how the Fifth Amendment should apply to issues newly arising in the information age.

The Northern District of California’s Fifth Amendment analysis in Oakland

In Oakland, the Government applied for a warrant authorizing investigators to compel any individual present at a residence connected to two extortion suspects to utilize biometric features to unlock digital devices found at the residence. Relying on recent U.S. Supreme Court decisions directly addressing the Fourth Amendment, including Carpenter, U.S. Magistrate Judge Kandis A. Westmore ruled that law enforcement could not force suspects to use biometric features to unlock digital devices because using such a feature would be testimonial for purposes of the Fifth Amendment’s protection against self-incrimination. In addition, Judge Westmore ruled that the “foregone conclusion” exception did not apply. She thus denied the warrant application.

In her analysis of whether using biometric features would be testimonial, Judge Westmore was mindful of the fact that “technology is outpacing the law” in some areas. She noted the U.S. Supreme Court’s direction in Carpenter to take technological advances into account when addressing constitutional issues and noted that courts “have an obligation to safeguard constitutional rights and cannot permit those rights to be diminished merely due to the advancement of technology.” 
Continue Reading Recent rulings indicate Fifth Amendment may join Fourth Amendment as critical consideration in courts’ efforts to apply constitutional protections to smartphones and other new technology

On October 24, 2018, the Florida Court of Appeal for the Fourth District ruled that the state could not compel the production of a defendant’s iPhone passcode and iTunes password because doing so would violate the Fifth Amendment’s protection against self-incrimination. The ruling in G.A.Q.L. v. State of Florida is encouraging for privacy advocates but may set up a showdown at the Florida Supreme Court, as it conflicts with a 2016 ruling from the Florida Court of Appeal for the Second District in which the court ruled that compelled production of a passcode did not violate the Fifth Amendment. The two pair of decisions highlights the variety of ways courts can choose to apply long-standing legal principles to new technology – and the resulting lack of predictability for practitioners.

Would compelled passcode production violate the Fifth Amendment?

The issue in G.A.Q.L. arose after G.A.Q.L., a minor, crashed his vehicle while driving under the influence, resulting in the death of one of his passengers. Upon searching the vehicle, police found an iPhone 7 alleged to belong to the minor. After obtaining a warrant to search the phone, the police sought an order compelling the minor to provide the iPhone passcode and the password for an associated iTunes account because the phone couldn’t be searched before an update was installed. The police wanted to search the phone because a surviving passenger stated she had communicated with G.A.Q.L. on the day of the crash via text messages and Snapchat. In response to the police’s motion to compel, the minor argued that compelled disclosure of the iPhone passcode and iTunes password would violate the Fifth Amendment. The trial court disagreed and ordered the production, so G.A.Q.L. petitioned the Florida Court of Appeal for a writ of certiorari to quash the trial court’s order.Continue Reading Florida Appeals Court rules Fifth Amendment bars compelled production of iPhone passcode, iTunes password

In his dissent in Carpenter v. United States, 138 S. Ct. 2206 (2018), Justice Kennedy observed that “the Cyber Age has vast potential both to expand and restrict individual freedoms in dimensions not contemplated in earlier times.” Justice Kennedy worried that the ruling, which held that a warrant is generally required for police to access cell site location information, would hamstring law enforcement by “transform[ing]” prior precedent into “an unprincipled and unworkable doctrine.” The Carpenter majority insisted, however, that its June 2018 decision was “a narrow one.” Future decisions will determine how far Carpenter will in fact reach, but recent decisions from the U.S. Courts of Appeals for the Second and Seventh Circuits demonstrate one important limit: the “good faith” exception to the exclusionary rule. While acknowledging Carpenter’s holding, both courts rejected the respective defendant-appellants’ appeals of suppression motion denials relating to searches predating Carpenter based on that exception.

Most recently, in United States v. Curtis, No. 17-1833, 2018 WL 4042631 (7th Cir. Aug. 24, 2018), the Seventh Circuit held that “even though it is now established that the Fourth Amendment requires a warrant for the type of cell-phone data present [t]here, exclusion of that information was not required because it was collected in good faith.” In Curtis, the appellant challenged the district court’s denial of his motion to suppress cell phone location information collected pursuant to the Stored Communications Act (SCA). Mr. Curtis did not dispute that the government had complied with the SCA, but argued he had a reasonable expectation of privacy in the location information and thus a search warrant was required. The district court denied the motion and permitted the location information to be offered as evidence, and Mr. Curtis was convicted of various crimes.

On appeal, the Seventh Circuit agreed that, per Carpenter, a warrant was required for the information, but that the Supreme Court “has not spoken to what should happen next.” According to the Curtis court, the answer was clear: the evidence did not have to be excluded because it was obtained in good-faith reliance on pre-Carpenter precedent.Continue Reading Federal Appeals courts decline to exclude cell phone location information collected without warrants pre-Carpenter, but Carpenter’s future impact still unclear

In a decision that may give genetic testing companies reason to breathe a sigh of relief, the U.S. Court of Appeals for the Ninth Circuit affirmed on August 21 the denial of a class certification bid by consumers suing under Alaska’s Genetic Privacy Act (the Act). In Cole v. Gene by Gene, Ltd., Plaintiff sought to represent a class of individuals alleging that Gene by Gene, Ltd. (Gene by Gene) violated Alaska Stat. Ann. § 18.13.010(a)(1) by disclosing customer DNA results and information without informed, written consent. According to the Ninth Circuit, the U.S. District Court for the District of Alaska did not abuse its discretion in finding that Plaintiff failed to show that common questions predominated over any questions affecting only individual members of the proposed classes, and that a class action was not superior to other methods of resolution. Thus, Plaintiff could not satisfy Fed. R. Civ. P. 23(b), and the litigation was not suitable for class treatment.

Plaintiff brought suit alleging that when consumers return DNA testing kits provided by Gene by Gene, the company not only permits consumers to view the results of its analysis, but also publishes the results of the DNA testing on publicly available websites – unbeknown to consumers. According to Plaintiff, this disclosure without consumer permission “carries serious and irreversibly privacy risks” and violates the Act. In his class certification motion, Plaintiff emphasized issues he claimed were common to all class members, such as whether consent was provided and whether the disclosure of information was for profit. Additionally, Plaintiff pointed out that the process for genetic information collection was the same, and the same types of genetic information were disclosed for each consumer.Continue Reading Ninth Circuit affirms class certification denial in genetic information privacy case

The U.S. Court of Appeals for the Sixth Circuit recently ruled that a data breach defendant waived its attorney-client privilege for investigation-related communications with counsel after disclosing investigative findings in discovery request and relying on the findings to assert affirmative defense. The attorney-client privilege is a powerful tool, but it must be handled with care.

“[I]f inaccurate information falls into a government database, does it make a sound?” Partly affirming summary judgment for the defendant in Owner-Operator Indep. Drivers Ass’n, v. DOT, No. 16-5355 (D.C. Cir. Jan. 12, 2018), the U.S. Court of Appeals for the D.C. Circuit answered its own question in the negative and held that a handful of truck drivers lacked standing to sue over the existence of allegedly inaccurate driver information in a government database. However, the court also ruled that two truck drivers about whom information was disseminated could overcome the Spokeo bar that sunk the claims of their peers and permitted their claims to go forward. In doing so, the appeals court helped clarify what actions in the digital realm rise to the level of concrete harm.

Plaintiffs in Owner-Operator were five commercial truck drivers and their industry association. Pursuant to federal regulations, the drivers’ safety records were contained in the Motor Carrier Management Information System, which employers may access through the Department of Transportation’s (DOT) Pre-Employment Screening Program. Each of the plaintiff drivers successfully challenged safety citations they had received in court, and then asked to have the citation reports removed from the safety record database.Continue Reading D.C. Circuit finds dissemination, but not mere existence, of inaccurate information in government database satisfies Article III standing requirement post-Spokeo

Ruling on what it characterized as an issue of first impression, the U.S. Court of Appeals for the Sixth Circuit suggested that a judgment of liability in a copyright infringement case may be a tipping point justifying the unmasking of anonymous internet users. The Sixth Circuit remanded Signature Mgmt. Team v. Doe, No. 16-2188 (6th Cir. Nov. 28, 2017) to the district court with instructions to reconsider unmasking the anonymous defendant, finding it had “failed to recognize the presumption in favor of open judicial records,” which is particularly strong at the judgment phase.  However, the 2-1 majority pointed out reasons why unmasking still might not be necessary, triggering a dissent suggesting the majority didn’t go far enough.

In Signature Mgmt. Team, the plaintiff, a multi-level marketing company, sued defendant Doe after he posted on his blog a link to the entirety of a book copyrighted by plaintiff.  Among other relief, the plaintiff moved to compel the identity of Doe.  The district court required Doe to reveal his identity to the court and plaintiff, but found that unmasking Doe was “unnecessary to ensure that defendant would not engage in future infringement.”  Further, the district court found that, because Doe declared that he had destroyed all copies of the infringed work in his possession, no further injunctive relief was necessary.  Plaintiff appealed, arguing in part that the district court improperly disregarded the strong presumption in favor of openness of judicial records.Continue Reading Sixth Circuit Suggests Liability for Copyright Infringement May Justify Reduced First Amendment Protection for Anonymous Speech, But Recommends Consideration of Context and ‘Practical Need’ for Unmasking