At a press conference on Monday, U.S. Attorney General William P. Barr called last month’s naval air station shooting in Pensacola, Fla. an act of terror and pleaded for Apple to provide access to two of the gunman’s cellphones. In this investigation (as with previous investigations of domestic terrorism), Apple has indicated it will remain steadfast in its commitment not to provide law enforcement with a “backdoor” that would allow them to unlock an iPhone that they don’t have the credentials necessary to access. This has spurred a national debate on the topic of data privacy and whether law enforcement should be given special access to encrypted technologies, with civil libertarians on one side of the issue and domestic security advocates on the other.
Everyone and their neighbor seems to have a strong opinion on whether Apple should or shouldn’t comply with the FBI’s request to create a backdoor encryption tool. However, amid all this passionate discourse over data protection, no one seems to be talking about the “legal backdoor” that already jeopardizes individuals’ privacy: the third-party doctrine.
Under the Fourth Amendment, government agents must, generally, obtain a warrant supported by probable cause before they can search or seize your private information. However, the third-party doctrine provides a major exception to this requirement. Government agents don’t have to get a warrant before obtaining information you’ve shared with another person or entity, even when “the information is revealed on the assumption that it will be used only for a limited purpose.”
This is dangerous, because not every company has the same zeal for data privacy as Apple. What happens when tech companies are more than happy to work with law enforcement? What happens when the FBI, or more likely your local police department, asks your car manufacturer to hand over your vehicle’s GPS location data from the past three weeks?
Whether it’s your emails, texts, search history, or the first draft of your novel that you have saved on the cloud, if a tech company or another third-party hosts information and is willing to comply, then law enforcement can access it.
In a world where tech companies gather so much data about their consumers, the third-party doctrine creates a kind of “legal backdoor” for law enforcement to avoid the warrant standard.
So while the rest of America is arguing about Apple creating a tool to unlock specific iPhones, law enforcement agents across the country have the sweeping (and terrifying) ability to access the vast majority of your information with ease. It may sound Orwellian, but this is the current state of Fourth Amendment jurisprudence in the United States.
Fortunately, there is a solution. While the Supreme Court is unlikely to overturn the third-party doctrine anytime soon—though it has narrowed its scope in recent years, with cases like Carpenter v. United States—legislatures can always step in and provide citizens with greater protection. Whether it’s at the federal or state level, policymakers can put rules in place that limit law enforcement’s ability to access this information, such as holding government agents professionally responsible when they try to obtain information held by third parties or making that data inadmissible in court. Though legislation may not have the same long-term solidity as Supreme Court doctrine, it would still go a long way in protecting Americans’ private data.
It’s great that people are passionate about Apple and its praiseworthy commitment to customers’ privacy. But we should use that same passion to talk about the third-party doctrine and find ways to provide better protection for so much of the data we use in our day-to-day lives.