Carpenters, Carriers, and Cell-Sites (Oh My!): SCOTUS to Hear Mobile Locational Privacy Case
On June 5, 2017, the United States Supreme Court granted cert in Carpenter v. United States, a case in the hotly contested area of mobile cellular location data privacy. The question before the Court is whether law enforcement must obtain a warrant for historical cell-site location information. The case stems from 2014, when Timothy Carpenter was sentenced for his alleged role in coordinating a series of armed robberies of smartphone vendors. To support its case, law enforcement obtained access to 127 days’ worth of Mr. Carpenter’s cell-site location records through what is commonly referred to as a “D order” (after the subsection of the act under which the records were requested). Whereas warrants require the government to show probable cause, under the Stored Communications Act, a D order merely requires that law enforcement present “specific and articulable facts showing that there are reasonable grounds to believe” that the records requested “are relevant and material to an ongoing criminal investigation.” 18 U.S.C. § 2703(d). By utilizing historical cell-site location records, law enforcement was able to identify a pattern of contact between Carpenter and his alleged co-conspirators in close proximity to the locations of the robberies at the time they occurred. The prosecution built its case in part around such location information and successfully obtained a conviction before a U.S. District Court in Michigan. Carpenter challenged his conviction in the Sixth Circuit. Reasonable Expectations of Locational Privacy? On appeal, a panel of the Sixth Circuit upheld Carpenter’s conviction. In the majority opinion, Judge Kethledge concluded that the Fourth Amendment does not require a warrant for law enforcement officers to request historical cell-site location information. In reaching this conclusion, Judge Kethledge relied on the third-party doctrine, which stands for the proposition that individuals do not have a reasonable expectation of privacy in information that they voluntarily disclose to third parties such as mobile carriers. Notably, in a concurring opinion, Judge Stranch expressed concern about applying the third-party doctrine to records which reveal personal location information, noted that “[d]etermining the parameters of the Fourth Amendment is the task of the judiciary”, and stated that the courts “have more work to do to determine the best methods for assessing the application of the Fourth Amendment in the context of new technology.” Judge Stranch is far from the first to invite reexamination of the third-party doctrine. To give but one example, in a concurring opinion in the 2012 GPS-tracking case United States v. Jones, Justice Sotomayor wrote, “I would not assume that all information voluntarily disclosed to some member of the public for a limited purpose is, for that reason alone, disentitled to Fourth Amendment protection.” The FCC’s Role in Cellular Locational Privacy Regardless of whether the Supreme Court accepts Judge Stranch’s invitation, Carpenter v. United States may hold important compliance implications for carriers. Historically, the Federal Communications Commission (“FCC”) has played an important role in location privacy matters:
- In its Third CALEA Compliance Report & Order (vacated in part by the D.C. Circuit in 2000), the Commission adopted technical standards that required carriers to be capable of providing location information to law enforcement.
- In its E911 Phase II program, the Commission requires wireless carriers to provide location information to Public Safety Answering Points (“PSAPS”) under accuracy standards generally within 50 to 300 meters, depending on the particular technology used.
- In its 2013 Mobile Device Customer Proprietary Network Information (“CPNI”) Declaratory Ruling, the FCC concluded that “[t]he location of a customer’s use of a telecommunications service… clearly qualifies as CPNI.”
- Most recently, in the newly repealed 2016 Broadband Privacy Order the Commission categorized geo-location information as sensitive customer proprietary information pursuant to section 222 of the Communications Act.