Feeds

US judge: Warrant required to access mobile location data

'We're getting too close to Orwell's 1984 Oceania'

Security for virtualized datacentres

The US government should have to obtain a warrant before mobile phone providers have to hand over multiple geolocation data records about customers, a US judge has said.

In Europe, privacy watchdogs have called on geolocation data to be classed as personal data, information that can be used to identify someone. EU data protection laws set out special rules on how personal data can be used by organisations that hold it.

Mr Justice Garaufis said that an exception to privacy rights set out in the United States' Fourth Amendment should not apply to the collection of multiple records of mobile users' geolocation data.

The Fourth Amendment guarantees that "[t]he right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."

An exception to those privacy rights exists under the Fourth Amendment when it states a "person has no legitimate expectation of privacy in information he voluntarily turns over to third parties," a principle known as the "third-party-disclosure doctrine".

"The fiction that the vast majority of the American population consents to warrantless government access to the records of a significant share of their movements by 'choosing' to carry a cellphone must be rejected," the judge said in his ruling (22-page/673KB PDF).

"In light of drastic developments in technology, the Fourth Amendment doctrine must evolve to preserve cellphone user's reasonable expectation of privacy in cumulative cell-site-location records," he said.

The judge was ruling on whether to grant the US government a court order against mobile provider Verizon. The government had asked the court to issue an order forcing Verizon to hand over at least 113 days' worth of geolocation data about an individual it said was under criminal investigation.

The government had asked for the order under the terms of the US' Stored Communications Act.

The Act states that the US government can force "electronic communication service or remote computing service" providers to disclose information about customers – excluding the contents of communications – when the government obtains a court order for the disclosure. The Act states that a court should only issue an order if the government "offers specific and articulable facts showing that there are reasonable grounds" that the contents of information they are asking for is "relevant and material to an ongoing criminal investigation".

The judge said that the legal standard for obtaining information under the provisions of the Act was "lower than the probable cause standard required for a search warrant" set out in the Fourth Amendment. He said the information the US government was looking for was "protected by the Fourth Amendment".

"While the government's monitoring of our thoughts may be the archetypical Orwellian intrusion, the government's surveillance of our movements over a considerable time period through new technologies, such as the collection of cell-site-location records, without the protections of the Fourth Amendment, puts our country far closer to Oceania than our Constitution permits," the judge said in his ruling.

"It is time that the courts begin to address whether revolutionary changes in technology require changes to existing Fourth Amendment doctrine. Here, the court concludes only that existing Fourth Amendment doctrine must be interpreted so as to afford constitutional protection to the cumulative cell-site-location records requested here. For the foregoing reasons the government's motion for orders ... is denied," he said.

Copyright © 2011, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Intelligent flash storage arrays

More from The Register

next story
Scrapping the Human Rights Act: What about privacy and freedom of expression?
Justice minister's attack to destroy ability to challenge state
WHY did Sunday Mirror stoop to slurping selfies for smut sting?
Tabloid splashes, MP resigns - but there's a BIG copyright issue here
Google hits back at 'Dear Rupert' over search dominance claims
Choc Factory sniffs: 'We're not pirate-lovers - also, you publish The Sun'
EU to accuse Ireland of giving Apple an overly peachy tax deal – report
Probe expected to say single-digit rate was unlawful
Inequality increasing? BOLLOCKS! You heard me: 'Screw the 1%'
There's morality and then there's economics ...
Hey Brit taxpayers. You just spent £4m on Central London ‘innovation playground’
Catapult me a Mojito, I feel an Digital Innovation coming on
While you queued for an iPhone 6, Apple's Cook sold shares worth $35m
Right before the stock took a 3.8% dive amid bent and broken mobe drama
EU probes Google’s Android omerta again: Talk now, or else
Spill those Android secrets, or we’ll fine you
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.