Another Federal Court Says No Warrants Needed To Obtain Historic Cell Site Location Info

from the personal-tracking-devices dept

The Supreme Court has yet to examine the issue of historical cell site location info(CSLI). It finally picked a case from the Sixth Circuit to review, years after the warrantless gathering of historic CSLI became a thing. So far, there’s not a single court in the nation that’s found historic CSLI to have an expectation of privacy. The Fourth Circuit Appeals Court briefly did, before reversing its own decision. The original decision had problems with the amount of CSLI gathered: 221 days worth. Upon further review, the court sided with the government and its Third Party Doctrine arguments.

This federal court decision from the Southern District of New York name-checks the pending SCOTUS review, but falls in line with every other decision in the federal court system. The defendant sought to suppress historic CSLI obtained without a warrant, arguing the collection of location data by cell companies is not the same thing as “voluntarily” turning these records over to a third party. (via Courthouse News Service)

From the decision [PDF]:

The relevant question here is whether Serrano voluntarily provided his location to his service provider such that he had no legitimate expectation of privacy in it. The complexity of that question is compounded by the public’s general ignorance regarding the mechanics of how cell phones function, the type of information collected by service providers every time a cell phone is used, or the scope and frequency with which such information is recorded. Serrano contends principally that the third party doctrine has no application to CSLI because it is “not knowingly and intentionally conveyed by the cell phone user to anyone but rather generated automatically by radio waves.” (Mot. at 15–16.) Serrano argues that cell phone users do not actively submit their location information to service providers, nor are they even aware that such information is recorded by service providers without their express consent.

The court disagrees with the defendant’s assessment. While it does recognize cellphones are as omnipresent as air, the generation of location data is a necessary function of cell service. Customers — even if they aren’t familiar with the specifics — do have a general idea their movements are being tracked by every cell tower they connect to.

Though cell phone users do not affirmatively disclose their location to service providers, or understand the breadth of information that is collected through a single phone call, they do know that cell service is necessary to activate their phones. At a minimum, when none of the service bars appear on the interface of a phone, users know that they are “outside the range of the provider company’s cell network.” And when they are in service, they understand that they must “transmit signals to cell towers within range, that the cell tower functions as the equipment that connects the calls, that users when making or receiving calls are necessarily conveying or exposing to their service provider their general location within that cell tower’s range, and that cell phone companies make records of cell-tower usage.” While most people may not be aware of a cell tower’s esoteric functions, they nevertheless understand that by simply placing a call or receiving a text message, they are voluntarily disclosing something location-based and are cognizant that such information will then be used by service providers for a variety of purposes.

The court then goes on to make the argument that even if users weren’t voluntarily providing this data, the government would still be able to obtain it without a warrant because the information itself has no expectation of privacy.

However, that a person voluntarily discloses information to third parties does not end the Fourth Amendment inquiry. Privacy interests in such information may exist depending on their substance and nature. There is, of course, a difference between disclosing the phone numbers that are dialed to call someone and the details of a conversation arising from that call. Here, however, CSLI provides no details about a phone call other than the general vicinity where the user placed or received the call. Voluntarily disclosed location information corresponds not to the user’s precise location, but that of the nearest towers.

The court does seem to recognize the current jurisprudence on cellphone data can’t remain the way it is now: tied to a 1979 decision (Smith v. Maryland) that predates (and could not have foreseen) the explosion in cellphone use.

It is almost as if cell phone users must relinquish some privacy interests—at least related to their location—as a prerequisite to using a device so embedded in everyday life.

As everything stands now, it’s exactly that: cellphone users are generating tons of third party records that can be obtained without a warrant. This includes real-time and near-real time tracking of people’s location through tower pings or cell site simulators. For the most part, courts have been extremely hesitant to erect warrant requirements for so-called Third Party records.

This needs to change. Privacy expectations have changed. While most people are aware certain records must be generated to ensure cell service, very few agree the government should be able to track their movements without a warrant, especially over a long period of time. In this case, thirteen MONTHS of cell site location info was obtained by law enforcement, putting the 221 days in the Graham case to shame. When the courts ask themselves what is “reasonable” in terms of expectations of privacy, they need to spend more time considering how much has changed in the world of communications since 1979.

Filed Under: , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Another Federal Court Says No Warrants Needed To Obtain Historic Cell Site Location Info”

Subscribe: RSS Leave a comment
21 Comments
Anonymous Coward says:

"This needs to change." -- Unless it's Google GRABBING your info without ANY consent or withholding possible. -- And now has your credit / debit records to collate too!

“Privacy expectations have changed.” — Google’s privacy policy is: “You have no privacy.”

Seriou — oh, appeals to reason never work here. — Listen, re-writer: WHY WORRY ABOUT JUST THIS? Can’t you ever be at all consistent and also worry about the biggest violators of privacy: Google and Facebook? Daily getting a thousand times as much data about you? Can’t raise even a twinge of worry?

Anonymous Coward says:

Re: "This needs to change." -- Unless it's Google GRABBING your info without ANY consent or withholding possible. -- And now has your credit / debit records to collate too!

Google and Facebook can serve me more targeted adds.

The government can send me to federal pound in the ass prison.

The government violating my privacy is far more concerning than Google showing me targeted adds

Wendy Cockcroft (user link) says:

Re: "This needs to change." -- Unless it's Google GRABBING your info without ANY consent or withholding possible. -- And now has your credit / debit records to collate too!

No one is obliged to use either Google or Facebook. Don’t sign into Facebook and remember that other search engines exist. https://searchenginewatch.com/2016/02/25/say-goodbye-to-google-14-alternative-search-engines/

Roger Strong (profile) says:

Re: Re: "This needs to change." -- Unless it's Google GRABBING your info without ANY consent or withholding possible. -- And now has your credit / debit records to collate too!

Well… sort of.

Microsoft has suggested to those of us creating ASP.NET web sites, that we drop the old web site authentication scheme in favor of OAuth. This is an open standard used by Google, Facebook, Microsoft and Twitter to permit the users to share information about their accounts with third party applications or websites. Those folks will automatically be logged into your site if they’ve already logged into FaceBook, and vice versa.

Which sounds horrific from an security and privacy point of view, and the Wikipedia page backs this up. But then Microsoft’s "suggestion" was rather forceful, with the tools needed to manage the old authentication scheme being removed from Visual Studio.

So from now on when you log into private company sites not in any way affiliated with Facebook or Google, it’s… vague… how much they know about it. Especially if a Google or Facebook ad on a page in another tab notices that you’ve just been authenticated.

Anonymous Coward says:

Re: Re:

It is only current law because as you have admitted, you do not recognized the Constitution as a Superior Statute. You have chosen to observe that it is legal for them to use the 3rd party doctrine to circumvent the 4th, when the 4th makes it clear that regardless of the location, medium, or time of the data that a warrant is required for law enforcement to obtain it. there is no exception.

Anonymous Coward says:

Re: Re: Re:

However, it is the supreme courts job to interpret the constitution. Their most recent ruling on the matter is that the third party doctrine is law. This ruling is law and is the “official” interpretation of the 4th amendment that the courts need to abide by.

Just like citizens united, i think they got it wrong but it’s the official law of the land.

Personanongrata says:

Kangaroo Courts and Federal Court Jesters

It is almost as if cell phone users must relinquish some privacy interests—at least related to their location—as a prerequisite to using a device so embedded in everyday life.

When cell phone users enter into an agreement with their cellular service provider it is a private business transaction between a business and a customer.

When a customer (ie cell phone users) uses their device and connects with their service providers network it is in the form of another private business transaction between business and customer.

What the petty authoritarian control freaks infesting the US government have done is interject the government into the middle of a private business transaction that it has no place being – especially with out articulable probable cause and a warrant signed by a judge/magistrate.

It is impossible to agree with the US governments defective belief that when a person voluntarily divulges private information during a business transaction they wave their unalienable rights.

Third party doctrine is a specious legal theory where unaccountable federal court jesters have arbitrarily decreed that any private business transaction they decide can be inspected by the US government for it’s wholesomeness under the ridiculous assumption that when persons willingly conduct private business transactions and voluntarily exchange information it some how magically voids their unalienable rights.

Federal court jesters love specious legal theories (eg qualified/absolute immunity, third party doctrine etal) because they make expediency the watch-word of the "law".

Specious legal theories present "judges" with a legalistic form of deus ex machina that precludes the need for thought and examination when rendering a decision as they simply defer to the specious legal doctrine du jour – Constitution be damned.

freedomfan (profile) says:

1. The government’s third party doctrine argument is garbage and it always has been. It is nonsense that somehow the Constitutional requirements for trolling through your information go out the window because some third-party with whom you have a private agreement holds that information. It’s frankly ridiculous that the courts have ever thought otherwise.

2. The Court’s reasoning about a mobile user’s expectation of privacy is silly and doesn’t withstand the simplest analogy. That is, everyone also knows that when you’re listening to for instance an FM radio that when you go out of range will you lose the signal. But no one thinks that the FM radio stations are tracking you. But, as has been pointed out, it’s really the third party doctrine that encourages finding these sorts of loopholes.

Anonymous Coward says:

"no expectation of privacy"

Where the judge wants to go with this:

“While most people may not be aware of a cell phone’s esoteric functions, they nevertheless understand that by simply placing a call or receiving a text message, they are voluntarily disclosing their communications and are cognizant that such communications will then be used by service providers for a variety of purposes.”

See how close what the judge said is to that? That’s on purpose, for future use.

Anonymous Coward says:

Even the judge doesn't quite understand it.

“by simply placing a call or receiving a text message, they are voluntarily disclosing something location-based and are cognizant that such.”

Wrong. The connection information can be still collected without placing a single call or receiving a single message as long as the phone is powered on and connected to a cell. So, if the judge himself doesn’t understand the system, how can he sit there, with a straight face, and proclaim that everyone else does?

Anonymous Coward says:

Warrants for some people, but not others?

Despite what this judge is claiming, I definitely know people who DON’T understand this (even the judge got it partly wrong) and DO expect such privacy. So, based on this idiotic ruling, a warrant WOULD be required to get the location information of those people. But not other people. Seems pretty screwy to me.

David (profile) says:

Most people do understand that cell towers must be able to identify a phone in order to provide service. They probably do not know that a history is kept. That history is not required in order to provide service. The only history that is required is a list of calls made and received. The list of cell towers used during the call is irrelevant. I can understand them keeping track of calls on the edge of service that dropped because no cell was available to take the call as the user moved out of a cell. That information can help the company know where to expand coverage. They don’t need to know that I’m the one that lost signal.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...