The Vanishing Distinction Between Real-time and Historical Location Data

A congressional inquiry, which recently revealed that cell phone carriers disclose a huge amount of subscriber information to the government, has increased the concern that Big Brother tracks our cell phones. The New York Times reported that, in 2011, carriers responded to 1.3 million law enforcement demands for cell phone subscriber information, including text messages and location information. Because each request can acquire information on multiple people, law enforcement agencies have clearly obtained such information about many more of us than could possibly be worthy of suspicion. Representative Markey, who spearheaded the inquiry, has followed up with a thorough letter to Attorney General Holder that asks how the Justice Department could possibly protect privacy and civil liberties while acquiring such a massive amount of information.

Among many important questions, Representative Markey’s letter asks whether the DOJ continues to legally differentiate between historical (those produced from carrier records) and real-time (those produced after an order is issued) cell site location information and what legal standard the DOJ meets for each (or both). Traditionally, courts have accorded less protection to historical location data, which I have criticized as a matter of Fourth Amendment law in my amicus briefs and in my scholarship. The government’s applications for historical data in the Fifth Circuit case, which is currently considering whether agents seeking historical location data must obtain a warrant, provide additional evidence that the distinction between real-time and historical location data makes no sense.

Some background. Under the current legal rules for location acquisition by law enforcement, which are complex, confusing, and contested, law enforcement agents have generally been permitted to acquire historical location data without establishing probable cause and obtaining a warrant. Instead, they have had to demonstrate that the records are relevant to a law enforcement investigation, which can dramatically widen the scope of an inquiry beyond those actually suspected of criminal activity and yield the large number of disclosures that the recent congressional inquiry revealed. Generally, prospective (real-time) location information has required a higher standard, often a warrant based on probable cause, which has made it more burdensome to acquire and therefore more protected against excessive disclosure.

Some commentators and judges have questioned whether historical location data should be available on an easier to satisfy standard, positing the hypothetical that law enforcement agents could wait just a short amount of time for real-time information to become a record, and then request it under the lower standard. Doing so would clearly be an end run around both the applicable statute (ECPA) and the Fourth Amendment, which arguably accord less protection to historical information because it is stored as an ordinary business record and not because of the fortuity that it is stored for a short period of time.

It turns out that this hypothetical is more than just the product of concerned people’s imagination. The three applications in the Fifth Circuit case requested that stored records be created on an ongoing basis. For example, just after a paragraph that requests “historical cell-site information… for the sixty (60) days prior” to the order, one application requests “For the Target Device, after receipt and storage, records of other information… provided to the United States on a continuous basis contemporaneous with” the start or end of a call, or during a call if that information is available. The other two applications clarify that “after receipt and storage” is “intended to ensure that the information” requested “is first captured and recorded by the provider before being sent.” In other words, the government is asking the carrier to create stored records and then send them on as soon as they are stored.

To be clear, only one of the three applications applied for only a relevance-based court order to obtain the continuously-created stored data. That court order, used for historical data, has never been deemed sufficient for forward-looking data (as the continuously-created data would surely be as it would be generated after the order). The other two applications used a standard less than probable cause but more than just a relevance order. It is not clear if the request for forward-looking data under the historical standard was an inadvertent mistake or an attempt to mislead. But applications in other cases have much more clearly asked for forward-looking prospective data, and didn’t require that data to be momentarily stored. Why would the applications in this case request temporary storage if not at least to encourage the judge considering the application to grant it on a lower standard?

I am optimistic that the DOJ’s response to Representative Markey’s letter will yield important information about current DOJ practices and will further spur reform. In the meantime, the government’s current practice of using this intrusive tool to gather too much information about too many people cries out for formal legal restraint. Congress should enact a law requiring a warrant based on probable cause for all location data. It should not codify a meaningless distinction between historical and real-time data that further confuses judges and encourages manipulative behavior by the government.

You may also like...

2 Responses

  1. Orin Kerr says:

    Susan, does anyone argue that there should be a different standard as a normative matter? My sense is that DOJ wants a uniform standard, too. The disagreement seems to focus on what the uniform standard should be: Should it be reasonable suspicion (law enforcement’s view) or probable cause (the privacy advocates’ view)?

    As for why the standard is different as a purely descriptive matter, it seems to me that this is just a quirk of history in the surveillance statutes. Berger v. New York required a divide that led to two different statutes, T3 and the SCA, which had a different scope; As technology changed, the default position from Rule 41 ended up requiring a warrant for prospective acquisition but the SCA required reasonable suspicion for retrospective access. Etc. etc. But I agree with you that it doesn’t make much sense to require a different standard as a matter of policy for cell-site info.

  2. Susan Freiwald says:

    Orin: thank you for your comment and I’m delighted that you agree that there should be a single standard as a matter of policy.

    I have seen normative arguments that assert that it is more intrusive to have information gathered on a prospective rather than retrospective basis but I haven’t seen compelling support for them. It is much easier to get large amounts of historical information because you don’t have to wait to compile it. Historical information can immediately provide a full picture of someone’s activities and associations that intrudes on privacy, chills speech, and risks pernicious abuses of power.

    I’m not sure how Berger required the divide. I’m not sure that stored communications were on the table in 1967 (Berger) or 1968 (Wiretap Act). ECPA (1986) codified the misguided Smith v. Maryland case (1979 – phone numbers) and US v. Miller (1976 – bank records) and does not clearly apply beyond ordinary carrier business records. If the SCA is read to cover cell site location data(a big stretch – in part because, as the above shows, they may show up in subscriber records only because the DOJ asks for them to be recorded), then that should be found to violate the Fourth Amendment, as Judge Smith found in the Southern District of Tx.