Applying the Fourth Amendment to the Internet: A General Approach:
For several years, I have been pondering the very difficult question of how the Fourth Amendment should apply to the Internet. In particular, I've been trying to come up with a set of general principles that should frame how to translate the Fourth Amendment to the Internet. I have just posted a draft article on SSRN that attempts to answer these questions: Applying the Fourth Amendment to the Internet: A General Approach.
Here's the abstract:
Also, for readers who are interested in the broader perspective, this article is the network sequel to an earlier work of mine on the stand-alone computer environment, Searches and Seizures in a Digital World, 119 Harv. L. Rev. 531 (2005).
Here's the abstract:
This article offers a general framework for applying the Fourth Amendment to the Internet. It assumes that courts will seek a technology-neutral translation of Fourth Amendment principles from physical space to cyberspace, and it considers what new distinctions in the online setting can reflect the function of Fourth Amendment protections designed for the physical world. It reaches two major conclusions. First, the traditional physical distinction between inside and outside should be replaced with the online distinction between content and non-content information. Second, courts should require a search warrant that is particularized to individuals rather than Internet accounts to collect the contents of protected Internet communications. These two principles point the way to a technology-neutral translation of the Fourth Amendment from physical space to cyberspace.Comments are very welcome, either in the comment thread or via e-mail. I haven't sent this out to law reviews yet, and so any final publication is likely a year away, and there are still aspects of this general framework that I'm not entirely sure of myself. (There are also some claims about the technology that I believe are accurate, but may not be; technical corrections are as welcome as legal points.)
Also, for readers who are interested in the broader perspective, this article is the network sequel to an earlier work of mine on the stand-alone computer environment, Searches and Seizures in a Digital World, 119 Harv. L. Rev. 531 (2005).
Thank you,
Rich
Way back in the good old days, a man owned his lands from the ground up to the stars (and if he had the mineral rights down to the core).
Then folks invented planes and balloons. How could society (and mostly the rich folks) travel if they couldn't use the air space?
Lots of fighting and fussing later we decided people kind of sort of own the air, but other people can use it.
We also decided that the FARs regulating air travel safety are also the rule for how low the government can be while it is looking at your property from the sky for purposes of a warrantless search.
I am a lawyer, but I am like a railroad lawyer wondering where the system is going to end up on these new fangled planes. I also think the system will lurch around until the courts find an answer everyone thinks is mostly fair.
With the net I think it will be something as easy to agree to as the FAR restrictions, and just as made up. ("Oh, the government agency in charge of flying safety says the lowest you can go over a built up area is 500'? That must be the lowest height for warrantless looking at the property.")
The question is, what is safety on the net, and who will end up making up the safety rule.
Yes, that's the standard size: It's formatted for a law review, which is a smaller size journal.
It's available through SSRN, I see. Isn't that subscription? How much for single copies?
Cheers,
You should therefore add the following first sentence (or something like it) to the introduction: I admit that I am merely a computer scientist and not a lawyer, nonetheless I would think that people like you would want to be read and understood by people like me. Perhaps it is unusual to begin a law article this way. It shouldn't be.
Well, There's a book by David Post, which is highly recommended.
(a) The Bill of Rights is not an obscure document, it can be found and accessed readily
(b) It is unreasonable to ask academics to write journal articles as if they were addressing Joe Citizen off the street. That is not their purpose. There are droves of introductory textbooks to suit that purpose.
But another, and arguably equally important component, which you have overlooked, is the threat to public safety I pose, and how it changes. When I am in my lair, behind closed doors, I can pose very little threat to public safety. I cannot murder someone, unless I fetch him in from the street, that is, unless I commit some fraud or deception or act of compulsion in the public space on my intended victim. In short, the public safety danger I pose is directly correlated with whether I am in the public spaces or not. It's quite reasonable to subject me to increased scrutiny in public, because it's there I pose the greater danger to the public.
This is important, because an application of the 4A to the Internet should indeed ponder the question of when I pose a greater danger to the public. What am I doing? What intrinsic limitations are there on the damage I can do to others? Who is exposed, and who is not, to the consequences of my actions, and is their exposure involuntary or voluntary?
Secondly, I think your argument that the entire Internet is "inside" because it all goes through wires is silly. A better argument could be made that the entire Internet is outside because of the way IP works, namely that routing is not guaranteed, and you have as a rule very little control over where your packets go. The privacy of unencrypted packets is presently protected only by a certain amount of "gentleman's agreement" that computers routing the packets do not read them before passing them on, and by the technical complexity of snooping on the packets.
But these things will not hold as the importance of packets increases, i.e. as people do more and more personally and financially and even politically mission-critical stuff over the Internet. For that matter, just look at the furor over "net neutrality" issues, in which ISPs merely look at the nature and not (yet) the content of packets passing through their computers.
In short, I think most people who are beginning to want to communicate in a private and semi-private way over the Internet feel that it is too "outside," at present, and are looking for ways to make it more "inside."
There is still a vague feeling among the public that communication from here to a place 500 miles away is somehow by its very nature (the distance involved) non-private, but I surmise that's a holdover from a pre-Internet generation. The younger generation, the World of Warcraft generation, which sees no important distinction between a (meant to be) private conversation with a friend in person and a private conversation with a friend located a thousand miles away, is not going to have the same instincts. These people are definitely going to expect to see "inside" stop being a purely local concept, and they are definitely going to feel that the Internet is at present too "outside," and want to wall off parts of it into private virtual gardens.
And it is not just this one idea. Other ideas in the article suffer the same fate.
It is more than reasonable to expect academics writing articles about the internet to act as if they are addressing Joe computer scientist off the street. And if they can include the astounding amount of redundancy that they do, then surely there is room to mention the name of the country whose constitution they are addressing, and to describe the law that they wish to interpret.
You seem frustrated and maybe even angry with the norms of legal scholarship. I get it; duly noted. You're welcome to continue if it makes you feel better to vent, but I would suggest e-mailing me with your frustrations rather than posting them in a comment thread.
Best,
Orin
It is unreasonable to ask a professor to write to every imaginable audience. The fact of the matter is that law journal pieces are directed primarily, if not exclusively, to professors, legal practitioners and judges/ justices. That's why the article does not give the entire history of 4th Amendment jurisprudence. Considering that many of his articles are on the 4th Am, it would be really ridiculous for Prof. K to have to do that.
Also, if you ask almost anyone who follows legal scholarship, Prof. K is one of the best writers out there.
Prof. K~
Interesting as always and I love the joke about John McCain and his houses.
1. Your basic Fourth Amendment analysis (content/non-content imperfectly analogized to inside/outside) strikes me as relatively non-controversial. Frankly, I thought you wrote far more on this initial point than was necessary. IMHO, the relationship between pen registers and mail covers versus the Fourth Amendment is so well-settled that I would argue the obvious analogy from that body of law to the Constitutional status of Internet addressing/routing/non-content metadata, by itself, is worth writing about only to set the stage for the more interesting arguments that follow. It's also the way the statutory scheme under SCA/ECPA has been set up for over 20 years now, so agents, prosecutors, defense counsel and judges have long analyzed the basic issue this way, whether or not they link the analysis to the Fourth Amendment.
2. Your discussion of the warrant requirement is interesting on several levels. Perhaps I missed it in my initial skim, but I was bothered by what appears to be the identical Constitutional treatment of real-time interception of communications that are akin to a wiretap, versus retrieval of stored data or communications. I've always assumed there is a greater expectation of privacy in the former than the latter. But if there's no Constitutional difference, then isn't the logical conclusion that there is a Fourth Amendment problem with at least SCA/ECPA's authorization at §2703(b)(1)(b) to use mere subpoenas to get content stored in a remote computing service, especially with delayed notice per §2705? That sort of argument would really rock the house.
3. Another issue, as you point out at footnore 129, is third-party consent. This seems ripe for analogy to the physical world to determine when an ISP "landlord" may enter the subscriber's "apartment" and give access to others. But there may be an even bigger related problem: the communications data store->copy->forward technology that permits content to remain in multiple third-parties' custody, potentially indefinitely. Splurge's comment, above, suggests this is an increasingly well-understood weakness of the Internet. Doesn't this "physical" fact of lots of known and unknown third-parties having simultaneous access to content lead to the conclusion that there should be a reduced expectation of privacy in Internet electronic communications generally?
4. The "roving wiretap" analogy is an innovative argument, and I would love to see it expanded. One concern is that you imply the Constitutional requirement is lower than the statutory requirement of §2518(11)(b) [which already authorizes roving electronic communications wiretaps but requires particular averments per §§(ii)], in that your formulation appears not to require any showing that the subject is even using multiple accounts for criminal purposes? Without at least some probable cause to believe the subject is using multiple accounts, isn't this like seeking a single, non-particularized search warrant for every office, house, vacation chateau and hotel suite that Bernie Madoff has ever used, without even a showing that he used ANY multiple locations for his illicit business?
These are all just quick, off-the cuff reactions to a fast first read. I explicitly reserve the right to admit I'm totally wrong...
If it was illegal for a private citizen to do it, it was illegal for a police officer to do it without showing probable cause and getting a warrant first.
Just one rule: police are public servants, not a higher caste. And all we'd have to do to apply it is stop contorting our brains into the double-standard of thinking that the same action might either be "felony wiretapping" and "unauthorized access to a computer system" or "just part of the job" depending on which side of the blue line is doing it.
Even if you think that's what the Fourth Amendment means in the physical world, how do you think would that apply online? What is legal or illegal online is widely disputed; see, for example, the Lori Drew case. Also, what happens if Congress passes privacy laws -- do they automatically become constitutionalized?
Personally, I didn't think this proposal was necessary to the main point of the article. The caselaw is the caselaw on what to do about "plain view" contraband outside the scope of a warrant, and IMHO there's no reason to apply it differently for internet searches than for standalone computer searches or physical premises searches, except perhaps to mollify the squeamish. There's no rational basis to make a Constitutional distinction for Internet searches, and if folks have a problem with the general rule and believe there need to be additional prophylactic protections regarding evidence that's outside the scope of an Internet search warrant, the easiest way to address the issue would be through an amendment to the Stored Communications Act.
If you have a comment about spelling, typos, or format errors, please e-mail the poster directly rather than posting a comment.
Comment Policy: We reserve the right to edit or delete comments, and in extreme cases to ban commenters, at our discretion. Comments must be relevant and civil (and, especially, free of name-calling). We think of comment threads like dinner parties at our homes. If you make the party unpleasant for us or for others, we'd rather you went elsewhere. We're happy to see a wide range of viewpoints, but we want all of them to be expressed as politely as possible.
We realize that such a comment policy can never be evenly enforced, because we can't possibly monitor every comment equally well. Hundreds of comments are posted every day here, and we don't read them all. Those we read, we read with different degrees of attention, and in different moods. We try to be fair, but we make no promises.
And remember, it's a big Internet. If you think we were mistaken in removing your post (or, in extreme cases, in removing you) -- or if you prefer a more free-for-all approach -- there are surely plenty of ways you can still get your views out.