If, in the early 1980s, the U.S. government had proposed a new crime-solving program requiring every adult to carry a small device that not only performed location tracking but also recorded the phone numbers of all recent contacts, opposition would have been swift and indignant. Such a proposal would have been socially, politically and legally untenable given the standards of the day. Yet, by using mobile phones and GPS receivers, we are opting into systems that routinely gather our location data and often much more.
The question of whether police need a warrant to affix a GPS tracking device to a suspect’s vehicle has made it all the way to the Supreme Court, which begins hearing arguments today. A ruling is expected in the spring.
This case is important because some of the most profound questions relating to privacy in the 21st century turn directly on the handling of the information associated with mobile devices. It is an issue that is complicated because technology and cultural expectations regarding privacy are changing so quickly. The legal landscape related to privacy and mobile devices is complex, contradictory, and evolving.
In the United States, for example, the Ohio State Supreme Court ruled in December 2009 that warrantless search of the contents of a cell phone during an arrest was generally prohibited by the Fourth Amendment. In January 2011, the California State Supreme Court reached the opposite conclusion, and California’s Governor recently vetoed legislation that would have in effect overturned that ruling.
The location tracking information embodied in the list of cell sites to which a particular phone transmits is another area of legal divergence. An August 2010 U.S. District Court ruling held that cell site information could not be obtained without a warrant. However, in October 2011 a different US. District Court reached a different conclusion, stating that a warrant was not required for obtaining cell site information because, among other things, the resulting data provided “only an approximate position from which a user placed a call.” And there’s the case now before the Supreme Court on the constitutionality of warrantless use of a vehicle-mounted GPS tracking device to perform surveillance of a suspect.
Technology is changing so fast that assumptions used to frame legal rulings can be outdated not long after the ink is dry. As anyone who has used the newest smartphones can attest, the Ohio State Supreme Court’s 2009 statement that cell phones are “are still, in essence, phones, and thus they are distinguishable from laptop computers” now sounds quaint. The belief expressed in the October 2011 court ruling that cell site information only provides approximate location information is already becoming obsolete as wireless network providers continue to upgrade their networks with higher density, smaller cell sites to support increased data traffic. In areas of high population density, cell site information acquired using these emerging networks will often deliver location accuracy rivaling that of GPS.
Rather than tying privacy standards to ephemeral technology trends, it is better to go straight to the end game: In a world in which our mobile devices can track our location to within feet and can store and access essentially every piece of information relevant to our lives, how can privacy be protected? And, equally importantly, we must recognize that there is another side of this issue that bears directly on the ability of governments to ensure the safety and well being of their citizens. Privacy can be exploited by terrorists, human traffickers, identity thieves, and other criminals to mask illicit activity and to confer anonymity, from where it is only a short hop to impunity.
The cold, hard truth is that we can maximize privacy at some cost to national and individual security or we can maximize security at some cost to privacy. We can not simultaneously maximize both. What we can do, however, is acknowledge the magnitude of the challenge facing those charged with proposing, enacting and interpreting laws related to mobile phone privacy. A dialog conducted with a recognition of the many nuances involved will go a long way towards ensuring that the solutions we end up with, imperfect though they will inevitably be, reflect the very legitimate concerns of both the privacy and security communities.