RSS
Do You Have Any Legal Right To Privacy For Information Stored Online?
from the there's-a-legal-fight-brewing dept
A year and a half ago, we had an interesting discussion here about whether or not the Fourth Amendment and your right to privacy extended to information you stored online via any sort of "cloud" service. The arguments basically fell into two camps, with some citing the "third party doctrine," which basically says that once you gave up info to a third party, you no longer have any right to expect it to be kept private. This argument came from a lawsuit (Smith v. Maryland) that basically said phone numbers you dialed were not "secret" because you were supplying them to the phone company. Of course, the other side of that argument is that it's ridiculous to extend this concept to online storage, noting that the Supreme Court had recognized in the Katz case (about wiretapping public pay phones) that the Fourth Amendment applies to "people, not places."
It looks like this debate is kicking off again, with a discussion on News.com over whether or not the Fourth Amendment covers information stored in "the cloud." It tackles some of the same ground that we covered a while back, but points to a recent law review paper on this topic (pdf) by David A. Couillard.
The paper does a good job separating out the thinking here, and explaining why the Fourth Amendment absolutely should apply to information you store online. As it notes, while the Smith case said that phone numbers dialed might not be private, that did not extend to the contents of the phone call itself. And that's key. The reason that the phone company gets the phone numbers dialed is because that information is key to it delivering its service of connecting the phone call. So you can make a reasonable argument that while such information (the information needed to initiate a service) might not be subject to privacy protection, everything else communicated or stored via that service still deserves those protections.
The issue is that right now we really don't know how the courts feel about this -- and you can bet this is going to become an issue that shows up in the court system before too long. Hopefully, the courts will recognize that any "third party doctrine" when it comes to the Fourth Amendment is limited to a very narrow subset of information provided for a particular purpose, rather than all information stored on third party servers.
It looks like this debate is kicking off again, with a discussion on News.com over whether or not the Fourth Amendment covers information stored in "the cloud." It tackles some of the same ground that we covered a while back, but points to a recent law review paper on this topic (pdf) by David A. Couillard.
The paper does a good job separating out the thinking here, and explaining why the Fourth Amendment absolutely should apply to information you store online. As it notes, while the Smith case said that phone numbers dialed might not be private, that did not extend to the contents of the phone call itself. And that's key. The reason that the phone company gets the phone numbers dialed is because that information is key to it delivering its service of connecting the phone call. So you can make a reasonable argument that while such information (the information needed to initiate a service) might not be subject to privacy protection, everything else communicated or stored via that service still deserves those protections.
The issue is that right now we really don't know how the courts feel about this -- and you can bet this is going to become an issue that shows up in the court system before too long. Hopefully, the courts will recognize that any "third party doctrine" when it comes to the Fourth Amendment is limited to a very narrow subset of information provided for a particular purpose, rather than all information stored on third party servers.
Reader Comments
Subscribe: RSS
View by: Time | Thread
Depends on terms of service
And the terms of service should say, quite clearly "we will not divulge to law enforcement unless compelled by a court order". Then if they breach this, you sue them.
And there should be penalties if they breach (whether deliberate or through incompetence). Based on the same "how many people COULD have downloaded your stuff" metrics that the RIAA use...
[ reply to this | link to this | view in chronology ]
Re: Depends on terms of service
[ reply to this | link to this | view in chronology ]
Does technology negate the Constitution?
[ reply to this | link to this | view in chronology ]
Re: Does technology negate the Constitution?
"We the People" care about American Idol and stupid celebrities more than what happens to us or our money.
"We the People" get more angry over a racial comment than over the fact that our government spends trillions of dollars of our money on bailing out huge banks and car companies that are too stupid to survive, er, "too big to fail".
"We the People" are idiots.
"We the People" have lost any rights to claim our god given rights as human beings and as Americans. This nation is the nation we have given ourselves.
Hope you enjoy the next season of American Idol.
[ reply to this | link to this | view in chronology ]
Re: Does technology negate the Constitution?
it will help me alot
[ reply to this | link to this | view in chronology ]
13 Stars in a circle
The Founders said individuals in a free society have a right to privacy. This is a condition of Democracy. This is a moral, ethical notion, not something to be determined by corporations or a judge paid-off by one.
An individual's right to privacy must apply everywhere, regardless of the counterparty, or we're all seriously just flippin' it off till it cums.
[ reply to this | link to this | view in chronology ]
Re: 13 Stars in a circle
[ reply to this | link to this | view in chronology ]
Re: Re: 13 Stars in a circle
[ reply to this | link to this | view in chronology ]
recipe for success
2. break that promise
3. kiss your users goodbye
4. rinse, repeat
[ reply to this | link to this | view in chronology ]
The real problem.
The Constitution was written at a time when issues like this couldn't be imagined. The threat was government, not private entities. Today private entities are by far the bigger threat to privacy.
My belief is that the core change that will do the most good is making private information about me my 'property' which requires my permission to duplicate/transmit/sell/disclose without a warrant. We bend over backwards expanding IP rights that restrict what we can do with "ideas" yet don't seem to care about the - much more important in my view - intimate information our lives.
[ reply to this | link to this | view in chronology ]
[ reply to this | link to this | view in chronology ]
Canada
[ reply to this | link to this | view in chronology ]
Duh.
[ reply to this | link to this | view in chronology ]
[ reply to this | link to this | view in chronology ]
Re:
[ reply to this | link to this | view in chronology ]
What should be expected?
The EXPECTATION of privacy will never be guaranteed 100% despite any laws or policies. Common sense should dictate the moment secured information is placed on restricted, yet secured system, the information isn't guarded against internal users.
Thus, any loss of privacy should be a consideration when moving to the "cloud" world. Whining about breach of privacy is pointless when it's the user who took the chance to begin with.
I can't imagine what resolution companies or people think will occur when the data has already been breached. More laws?
As if these have ever had an impact.
[ reply to this | link to this | view in chronology ]
Maybe Technology Holds the Answer
Isn't TOS like a contract? If they break it they have violated their contract with the user.
Is there an analogy in the physical world that might apply?
Would you consider a letter sent through the USPS or a package sent via UPS or FedX to be a good example? That is, can anyone open your letter or package without a court order? I guess the USPS is a special case with it's own set of laws, but the other delivery services might be a good analogy.
[ reply to this | link to this | view in chronology ]
Tech who found Child porn
How is on-line storage any different? If anything, it is less secure than your personal hard drive and open to be looked at and shared with whomever. Even worse, someone could hide their child porn in your account and if it is found, you take the fall.
[ reply to this | link to this | view in chronology ]
In a way it is quite similar to storing information in the cloud, only the kind of information differs.
Should that information also be public?
[ reply to this | link to this | view in chronology ]
Privacy.
Encryption is the envelope of the mail, would you send letters without and envelop or seal?
Encryption is the box in the bank without it you are not really being private.
[ reply to this | link to this | view in chronology ]
Say hello to key escrow!
[ reply to this | link to this | view in chronology ]
Challenges of Cloud Computing adoption in the enterprise
[ reply to this | link to this | view in chronology ]
[ reply to this | link to this | view in chronology ]
Data Protection
Great articles thanks
[ reply to this | link to this | view in chronology ]
Information shared with Club officers
[ reply to this | link to this | view in chronology ]
Add Your Comment