Stay on Top of Enterprise Technology Trends
Get updates impacting your industry from our GigaOm Research Community
On Tuesday, the Supreme Court of the United States heard oral arguments in a case that could decide how connected the concept of big data is to constitutional expectations of privacy. The case, United States v. Jones, is specifically about whether police needed a search warrant to place a GPS device on a suspect’s car and monitor his movements for 28 days, but the Court’s holding could have a much broader effect. Several justices seized upon a very important question: How much data is too much before allowable surveillance crosses the line into an invasion of privacy?
Technology is at the core of the discussion. In this case, officers used the GPS to gather data about a suspect’s whereabouts every 10 seconds for 28 consecutive days. Physically tracking someone for the same period without a warrant wouldn’t have raised an issue, but it would have consumed considerable resources. In fact, in its brief to the Court, the government cited only one previous instance of a 24-hour surveillance mission, and it lasted only two days.
A GPS, however, does all the work while the police can just sit back and collect the data. Hence, most warrantless police-surveillance activities are relatively brief, maybe following someone for a few hours, or from Point A to Point B. Chief Justice Roberts astutely summarized the difference: “Well, you’re talking about the difference between seeing the little tile and seeing a mosaic. The one gives you information, the other doesn’t.”
His observation echoes the sentiment of the federal judge in the D.C. Circuit appellate court finding the GPS tracking to be a violation of the Fourth Amendment. And while it’s true that the only real issue at hand is whether a search warrant is required to undergo this type of surveillance, the federal judge’s opinion spells out why some find warrantless tracking so troublesome:
It is one thing for a passerby to observe or even to follow someone during a single journey as he goes to the market or returns home from work. It is another thing entirely for that stranger to pick up the scent again the next day and the day after that, week in and week out, dogging his prey until he has identified all the places, people, amusements, and chores that make up that person’s hitherto private routine.
It’s not about GPS at all
In an article earlier this year about big data and the law (when Jones was known as U.S. v. Maynard), attorneys Nolan Goldberg and Micah Miller took a broad view of the appellate court holding that applies well beyond GPS devices:
Maynard suggests that a person’s reasonable expectation of privacy in a data set arises, at a minimum, when the collection or compilation of the data set would not have been reasonably expected. The results of that collection reveal information specific to those individuals that cannot be discerned from the individual pieces of data constituting the set.
That interpretation would seem to apply to any situation in which the government gathers enough individually innocuous datum to start piecing together personal details of a suspect’s life. The kind of information one could obtain, for example, by obtaining someone’s cell phone records and the location data collected by their carriers.
As IBM’s (s ibm) Jeff Jonas explained on his blog back in 2009, the data our wireless carriers gather about subscribers, when taken as a whole, can be incredibly valuable, especially when combined with today’s advanced analytic techniques and high-powered systems that have the entire IT world abuzz about big data and how it will transform their businesses.
And here’s the kicker: That information is, for the most part, obtainable by police without a search warrant. If you’re wondering what providers store and for how long, this little chart unearthed by the ACLU earlier this year is pretty revealing.
During oral arguments in Jones, Justice Sotomayor certainly seemed skeptical of using wireless location data without a warrant, asking the government’s lawyer the following question:
So — under your theory … you could monitor and track every person through their cell phone, because today the smartphones emit signals that police can pick up and use to follow someone anywhere they go.
Your theory is so long as … what’s being monitored is the movement of person, they have no reasonable expectation that their possessions will not be used by you.
The Court needn’t stretch the issue much further to find that numerous other practices once allowable look a lot more questionable since the advent of big data technologies.
In analytics, more data is better
There’s a saying in the analytics world that more data trumps better algorithms; the idea being that one can more accurately detect trends by collecting and analyzing more information than by collecting less information and investing resources in writing better algorithms. Assuming that’s true, law enforcement is in great shape when it comes to finding out information about suspects without ever first obtaining a search warrant.
Phone records, location data, credit card records, email in many cases, online user accounts: all are obtainable without a warrant. And with the right set of technologies in place, all are capable of being analyzed to paint a clear picture of who a suspect is, who he interacts with, where he goes, where he spends his money, what his interests are, you name it. But technology changes everything, as the Court has noted as far back as 1989.
In their article, Goldberg and Miller note a case in which the Court noted “there is a vast difference between the public records that might be found after a diligent search of courthouse files, county archives, and local police stations throughout the country and a computerized summary located in a single clearinghouse of information.” That same logic could easily apply to Jones, and perhaps should.
Justice Alito said during oral arguments that “the heart of the problem that’s presented by this case” is that technology has made it to amass information about individuals that would have taken extraordinary legwork in the past. “So, how do we deal with this?” he asked. “Do we just say, well, nothing is changed, so that all the information that people expose to the public … is fair game? There is no [warrant required] because there isn’t a reasonable expectation of privacy? But isn’t there a real change in this regard?”
If the Court punts, will Congress step up?
Clearly, the Court gets the bigger picture beyond placing a GPS device, but there are questions over whether it’s the Court’s place or Congress’s to decide issues around data collection and new technology. What seems certain, however, is that the Court’s opinion in Jones will at least address these issues and will influence any future cases in which judges are asked to rule on similar issues.
Unless, of course, Congress steps up and does its job by enacting laws that address the gray area between existing data-privacy laws and new technologies. Some claim existing laws are already threatening our civil liberties, as well as affecting burgeoning industries such as cloud computing.
However it happens, something has to give — and soon. We can cry until the cows come home about consumer privacy and what Facebook can and can’t do with our data, but what Facebook knows about users isn’t putting anyone in jail. Whatever the Court or Congress decide, both officers and citizens deserve to know what’s fair game and what’s not before it’s too late.
Feature image courtesy of AdventureJay.com.