Fourth Amendment is For Sale
Jeremy Yeung | June 23, 2022
In the age of information, government agencies are subverting data protection laws by buying your sensitive and “protected” data.
How comfortable would you be to show your friends and family your entire browser history? If you wouldn’t want your friends or family to know something, would you be comfortable with the government knowing just cause? Actually, the government already has access to this data and they don’t need any reason to obtain it. Moreover, Snowden revealed that the intelligence agencies collect text messages, contact lists, photos, and video chats from social networks directly without your consent or court orders [1]. It seems that the phrase, “Big Brother is watching you,” from the book Nineteen Eighty-Four is ever relevant today. This leads to the question: is any of our data even protected from our own government?
When navigating through the different legal texts, it is difficult to tell what data is accessible to government agencies without a warrant. Data protection starts with the Fourth Amendment of the U.S. Constitution, which protects people from unreasonable search and seizures. Though the Electronic Communications Privacy Act of 1986 outlined broad protections to wire, oral, and electrical communications while they were being made or stored, it has been altered by the Communications Assistance to Law Enforcement Act, the USA PATRIOT Act, USA PATRIOT reauthorization acts, and FISA Amendments Act [2]. For example, the ECPA prohibited the interception of any wire, oral, or electronic communication, but the USA PATRIOT Act notably allows the FBI to wiretap citizens without need for a warrant or probable cause. Clarity to these vague data protection laws is often found in Supreme Court cases, especially in Riley v. California (2014) and Carpenter v. United States (2018). These Supreme Court cases recognized a reasonable expectation of privacy in the contents and geolocations of cell phones.
As it turns out, there are much easier ways for law enforcement to obtain sensitive information without probable cause: introducing data brokers. Data brokers are intermediaries that buy data from parties such as weather forecasting apps, which collect precise geolocation data. Law enforcement and government intelligence agencies can in turn buy the sensitive data from data brokers because the current laws only apply when the government forces disclosure. Government agencies including the IRS, DEA, FBI, and ICE have made millions in payments to private companies for mobile location information, many times refusing to reveal how the information was used [3].
Potential for Harm
Besides egregious violations of the Fourth Amendment, these privacy violations have important implications on civil rights. Location data from social media apps are able to track protesters. This technique has been used in China to track people who do not align with the government’s politics, including Muslim Uighers and protesters in Hong Kong. In the latter case, those critical of the government have been tracked and police showed up at their doors at night [4]. It may be hard to imagine something like this happening In the United States, but the potential for geolocation and cell phone data to be weaponized still exists. Law enforcement in possession of widespread personally-identifiable GPS data could easily use intimidation tactics against protestors a part of anti-police-brutality movements such as Black Lives Matter. Even anonymized data can be aggregated with related datasets to quickly re-identify subjects, as shown by a group of MIT scientists.
To be honest, as active participants in society, we don’t have many choices to avoid these privacy violations. A few practical solutions include using a faraday bag [5], opting out of targeted advertising, Alternatively, since we know companies work in their best interest, change can start by advocating for data protection or only using products that protect our privacy. But with the rapid advancement of technology, the goals of previous legislation have become easier to subvert. Nonetheless, the law is the next best way to restrict these agencies. In April of 2021, a bipartisan bill called “The Fourth Amendment Is Not For Sale Act” was introduced to end this privacy loophole. If passed, this would protect geolocation, communication, and other sensitive data from being bought by intelligence agencies. Though the current version of the bill closes the sale of sensitive data, it does not prevent companies from handing over data, per say, in exchange for less regulation [6]. Furthermore, there has been no movement since the introduction of this bill. We must demand the stop to this erosion of our rights and privacy in this ever-evolving age of information.
References:
[1] https://theworld.org/stories/2013-07-09/17-disturbing-things-snowden-has-taught-us-so-far
[2] https://bja.ojp.gov/program/it/privacy-civil-liberties/authorities/statutes/1285
[3] https://www.vox.com/recode/22038383/dhs-cbp-investigation-cellphone-data-brokers-venntel
[4] https://apnews.com/article/asia-pacific-international-news-hong-kong-extradition-china-028636932a874675a3a5749b7a533969
[5] https://www.howtogeek.com/791386/what-is-a-faraday-bag-and-should-you-use-one/
[6] https://cdt.org/insights/new-cdt-report-documents-how-law-enforcement-intel-agencies-are-evading-the-law-and-buying-your-data-from-brokers/
Images:
[1] https://www.wallarm.com/what/securing-pii-in-web-applications
[2] https://khpg.org/en/1519768753