Third Party Doctrine

A few months ago I wrote about (and strongly criticized) the Eleventh Circuit’s decision in United States v. Davis, in which the court held that the government needed to obtain a search warrant before it could access cell tower location information that located the defendant’s cell phone.  Now the Eleventh Circuit, in an en banc decision, has overturned the three-judge panel and held that the third-party doctrine applies to these records; thus, a warrant is not required.


The court began by citing the Fifth Circuit decision which also applied the third party doctrine in deciding this issue.  Then the court applied Smith v. Maryland and found that the Davis case was legally no different from Smith:

For starters, like the bank customer in Miller and the phone customer in Smith, Davis can assert neither ownership nor possession of the third-party’s business records he sought to suppress. Instead, those cell tower records were created by MetroPCS, stored on its own premises, and subject to its control. Cell tower location records do not contain private communications of the subscriber. This type of non-content evidence, lawfully created by a third-party telephone company for legitimate business purposes, does not belong to Davis, even if it concerns him. Like the security camera surveillance images introduced into evidence at his trial, MetroPCS’s cell tower records were not Davis’s to withhold. Those surveillance camera images show Davis’s location at the precise location of the robbery, which is far more than MetroPCS’s cell tower location records show.

The Court not only applies the third party doctrine, it presents a robust defense of the doctrine in this context, harkening back to the Katz test:

As to the subjective expectation of privacy, we agree with the Fifth Circuit that cell users know that they must transmit signals to cell towers within range, that the cell tower functions as the equipment that connects the calls, that users when making or receiving calls are necessarily conveying or exposing to their service provider their general location within that cell tower’s range, and that cell phone companies make records of cell-tower usage. See In re Application (Fifth Circuit), 724 F.3d at 613-14. Users are aware that cell phones do not work when they are outside the range of the provider company’s cell tower network. Id. at 613. Indeed, the fact that Davis registered his cell phone under a fictitious alias tends to demonstrate his understanding that such cell tower location information is collected by MetroPCS and may be used to incriminate him.

Even if Davis had a subjective expectation of privacy, his expectation of privacy, viewed objectively, is not justifiable or reasonable under the particular circumstances of this case. The unreasonableness in society’s eyes dooms Davis’s position under Katz. In Smith, the Supreme Court presumed that phone users knew of uncontroverted and publicly available facts about technologies and practices that the phone company used to connect calls, document charges, and assist in legitimate law-enforcement investigations. See 442 U.S. at 742-43, 99 S. Ct. at 2581. Cell towers and related records are used for all three of those purposes. We find no reason to conclude that cell phone users lack facts about the functions of cell towers or about telephone providers’ recording cell tower usage.

Although the third party doctrine has been routinely criticized, applying it makes sense in this context.  As the court notes, surely every reasonable person knows that the telephone company can track their general location using the person’s cell phone–how else could cell phones function?  And, notwithstanding the famous concurrence in United States v. Jones, a person generally does not have a reasonable expectation of privacy in a public place.

The en banc decision also provides an “alternative” justification for its ruling, which is that even if the third party doctrine did not apply, the search was “reasonable” because the intrusion into privacy was minimal, cell tower location information is routinely used by government investigators, Congress has explicitly endorsed this type of investigation in the Stored Communications Act, and the government’s interest in tracking down criminals is “compelling.”  Professor Orin Kerr had a number of withering critique of this alternative justification in his blog post; one of which was that the “reasonableness” test (as opposed to the warrant requirement) should only be applied in non-criminal cases:

A basic summary of the Supreme Court’s cases might run something like this: When the search involves some kind of non-criminal investigation or purpose, the warrant requirement is often suspended. In that non-criminal context, reasonableness instead becomes a general balancing of interests. The Court has been expanding the general balancing cases, most recently in Maryland v. King. But the Katz rule of a warrant by default is still the Supreme Court’s blackletter law for a traditional criminal investigation search.

In this case, the Eleventh Circuit appears to take a different approach. It begins with the Supreme Court’s non-criminal cases and then applies them to the context of a classic criminal investigation. Instead of the Katz rule of a warrant, the court begins with general balancing. It’s important to catch criminals, the court reasons, and the statute has some good protections given that this wasn’t such an invasive practice. So on the whole the government’s conduct based on reasonable suspicion seems reasonable and therefore constitutional.

This alternative holding is a major development, I think. It’s at odds with the usual rule that a criminal search requires a warrant, and instead replaces it with a totality of the circumstances inquiry into whether the criminal search was the kind of thing that we would generally say is good or would generally say is bad. There’s not only no warrant requirement, there’s no probable cause requirement: It’s just a free-floating reasonableness inquiry.

Professor Kerr has a good point here, but he might be fighting a losing battle.  In reality,  the distinction between “criminal searches” and “non-criminal searches” is becoming blurred almost beyond recognition.  Special needs searches have always been evaluated on a “reasonableness” standard, and many of them are nothing but criminal searches thinly masquerading as non-criminal searches (for example, testing for drugs in schools, stopping cars to check for drunk drivers, and searching passengers before they board an airplane).  Most recently, in Maryland v. King, the Supreme Court applied the reasonableness test to DNA swab of arrestees which was used to determine if the arrestee had committed any other crimes was not a “criminal search.”  Applying the reasonableness test to the obtaining of cell phone location data in a bank robbery investigation definitely pushes the envelope even further, but it continues a trend which has been building for a while.

Of course, this aspect of the Davis en banc decision is merely dicta, so perhaps nothing at all will come of it.  But as far as the holding of the case is concerned, the court has at least brought consistency back to this area of law.


City of Los Angeles v. Patel involves a couple of technical but important issues about the scope of Fourth Amendment protections in the context of administrative searches.  Los Angeles has passed an ordinance which requires all hotel operators to keep records of all of their guests, and to make those records available for inspection by any member of the Los Angeles Police Department.  A hotel operator who fails to comply with this regulation faces up to six months in jail and a $1,000 fine.  The Patel family, who run a hotel in Los Angeles, brought a facial challenge to the statute under Section 1983, arguing that the statute violated the Fourth Amendment.

hotel records

In a split en banc decision, the Ninth Circuit held that the government was indeed conducting a Fourth Amendment search when it looked through the hotel’s records, and that the search should be analyzed as an “administrative search.”  The court then held that even under the low standards of administrative searches, the Los Angeles ordinance that authorized these searches was facially invalid because it did not provide the hotel operators an opportunity to challenge the reasonableness of the search request in court before penalties were assessed.

The Supreme Court granted cert on two questions:

First, whether it is ever appropriate to bring a facial challenge based on the Fourth Amendment to an ordinance or a statute; and

Second, whether a hotel has an expectation of privacy under the Fourth Amendment in a hotel guest registry where the guest-supplied information is mandated by law and an ordinance authorizes the police to inspect the registry,

and if so, whether the ordinance is facially unconstitutional under the Fourth Amendment unless it expressly provides for pre-compliance judicial review before the police can inspect the registry.

First we should discuss what is not at stake in Patel: the Supreme Court will not (and should not) use this case to re-visit the third-party doctrine.  Some commentators have argued (here and here) that this might be a chance for the Court to reform dismantle or reform this much-maligned doctrine.  After all, most individuals would believe that the true victims of the invasion of privacy are the hotel guests, not the hotel itself.

As much as this argument has intuitive appeal, Patel appears to be a very weak case for a re-examination of the third-party doctrine.  Most of the modern critiques of the third-party doctrine have to do with the “passive” sort of sharing that is the inevitable consequence of using modern technology, such as disclosing the content of your e-mail to your internet service provider or your location to your cell phone company.   This  sort of “disclosure” to third parties could never have been imagined by the Court that authored Smith v. Maryland; thus, the argument goes, Smith should not apply to this type of third-party disclosure.  Other critiques of the third party doctrine revolve around the potential abuse of meta-data: using an algorithm to sift through all the phone numbers that a suspect calls over a multi-year period, or using a computer program to review the recipients of all of your e-mails.  Again, this kind of mass processing of meta-data is arguably beyond the scope of the humble pen register used in Smith.

But the third-party disclosure in Patel bears a much stronger resemblance to the phone numbers dialed in Smith than to the passive sharing of data that is inherent in the use of new technologies.  In fact, the disclosure in Patel is more like the sharing of bank records in Smith‘s less controversial precursor, Miller v. United StatesThere is no question that the guests in Patel knew they were giving information to a third party, and no particular reason why they would think that the government would be unable to access that information.

The two issues that the Patel case does involve are important enough, however.  The first question is purely procedural: whether a party can bring a facial challenge to a statute under the Fourth Amendment.  The dissenters in the Ninth Circuit argued that a statute should survive a facial challenge as long as “a court can find any circumstance in which it could constitutionally be applied.”  Thus, in order to succeed in their facial challenge, the Patels must prove that “all requests made under the ordinance must violate the Fourth Amendment.”  But, as the dissent pointed out, if the police demanded the records after having obtained a warrant, or pursuant to exigent circumstances, or pursuant to the community caretaking function, the demand  would obviously not violate the Fourth Amendment.  Thus, there is a strong preference for as-applied challenges, since they are the “basic building blocks of constitutional adjudication.”

The question asked by the Supreme Court goes beyond this argument, however, and asks whether there can ever be a Fourth Amendment facial challenge.  It would be logical for the Court to answer this question in the negative and prohibit all such facial challenges, since (as the Ninth Circuit dissent pointed out), courts would otherwise be called upon to give advisory opinions by trying to imagine all possible hypothetical cases in which a law might be applied.

If the Court does indeed prohibit facial challenges, it need not reach the second question, since the Patels did not allege any actual actions by the police which violated their Fourth Amendment rights.  If the Court allows these challenges, however, it should have no problem concluding that a demand for information pursuant to the ordinance constitutes a “search” under the Fourth Amendment.   The Patels (and other hotel operators) clearly have a reasonable expectation of privacy in this information; even the dissenters in the Ninth Circuit agreed that this was true.   The real issue in the second question is its second part, in which the Court must decide whether a demand for this information is a reasonable exercise of police power.  The Court’s answer should provide useful guidance regarding the underdeveloped administrative search doctrine, in two ways.

First, the purpose of these searches of hotel registries (according to the government) is to deter drug dealing and prostitution, which sounds much more like a law enforcement purpose than the regulatory purposes usually associated with administrative searches.  Administrative searches, like other special needs searches, are supposed to have a non-law enforcement purpose, although the Court has applied the administrative search doctrine to searches which have a distinctively crime-control flavor to them.   If the Court upholds this law, it will be taking another unwelcome step towards broadening the allowable purpose of administrative searches.

Second, if the Court does hold that this is a permissible purpose for administrative searches, it will need to decide what procedure is necessary to ensure that the search is “reasonable.”   The majority opinion in the Ninth Circuit stated that a demand to inspect should not be “made and enforced by the inspector in the field”–rather, the ordinance must allow for judicial review of the demand for records before any punishment can be imposed.  If not, the majority argued that there would be no way of ensuring that the demand is “sufficiently limited in scope, relevant in purpose, and specific in directive so that compliance will not be unreasonably burdensome.”   The Supreme Court will probably agree with the Ninth Circuit and require some kind of judicial review of these searches.  The sheer breadth of the authorization allowed by the ordinance seems to invite law enforcement abuses, and the narrowness of the administrative search doctrine’s purpose would be gutted even further if there is no judicial oversight of the police action.

But my prediction is that the Court will not even reach the second question.  Instead, it will deny the facial challenge and tell plaintiffs who wish to attack statutes on Fourth Amendment grounds that they must wait until the government takes some specific action against them before taking the police to court.


Like many users of child pornography, Michael Meister kept his photos and videos on his computer.  When his computer stopped working, he took it into a computer repair store, True North, to transfer the data from the inoperable hard drive to a new computer.  During the transfer process, the technician noticed the child pornography and contacted the police, who immediately seized the computer.  The police also looked  transferred the offending data–now inside True North’s system–onto two separate DVDs, and conducted two separate searches of that data.  Based on the information found on the hard drive, the police obtained a search warrant and then conducted another search of the laptop.

broken laptop

After Meister was arrested, he moved to suppress all the information found on his computer.  Unsurprisingly, the  District Court denied the motion, and the Eleventh Circuit agreed.  The court held that this was a simple application of the third party doctrine:  “The Fourth Amendment only applies to governmental action; ‘it is wholly inapplicable to a search or seizure, even an unreasonable one, effected by a private individual not acting as an agent of the Government or with the participation or knowledge of any governmental official.’  Once a private individual, acting of his own accord, conducts a search—even one that frustrates a defendant’s reasonable expectation of privacy—the Fourth Amendment does not forbid the government from replicating the search.”  Furthermore, even if the pre-warrant searches by the police were beyond the scope of the third party doctrine, the police would have found all of the contraband images eventually after they obtained their warrant, and so the searches fell under the inevitable discovery doctrine.

On one level, the Meister case is very straightforward.  But it also raises an interesting issue regarding the third party doctrine.  Today, more and more courts are criticizing the application of the third party doctrine to digital information, arguing that the doctrine should not apply to such data because in modern times so much data is entrusted–sometimes unknowingly, sometimes unavoidably–to third parties.  When computer data is stored in the cloud, or when e-mails in transit pass through remote servers on the way to their recipient, the owner of the data may not have consciously entrusted the data to a third party.  Thus, the argument goes, entrusting digital data to third parties is not at all like the “assumption of risk” that occurs when you give financial records to a bank or confide to a police informant.  This argument was first made well before the computer age, by the dissenting Justices in the much-maligned Smith v. Maryland who decried the application of the third-party doctrine to data about outgoing telephone numbers that were held by a telephone company:

Implicit in the concept of assumption of risk is some notion of choice. At least in the third-party consensual surveillance cases, which first incorporated risk analysis into Fourth Amendment doctrine, the defendant presumably had exercised some discretion in deciding who should enjoy his confidential communications. By contrast here, unless a person is prepared to forgo use of what for many has become a personal or professional necessity, he cannot help but accept the risk of surveillance.  It is idle to speak of “assuming” risks in contexts where, as a practical matter, individuals have no realistic alternative.

No doubt Meister’s actions fall under the category of being a “conscious choice”–he physically took his computer to a repair store and asked them to transfer the data.  But it is not hard to tweak the facts a bit and make the case more like the scenario described by the Smith v. Maryland dissenters.  What if Meister’s data had been corrupted, and so he sent his data electronically to a company to fix it?  Probably still a conscious choice.  What if he stored it in the cloud, and one of the data storage units in the cloud had become damaged, and a technician (without Meister’s knowledge) had to transfer the data from one storage unit to another?  Probably not a conscious choice.  Of course, under current Fourth Amendment law, the mere storing of the data in the cloud would trigger the third party doctrine.  But as the courts are revising the third party doctrine to exclude data that is automatically stored or transferred by third party actors, they will need to refine exactly when (if ever) repair and maintenance of that data might re-invoke the doctrine.

One of the more interesting Fourth Amendment issues created by our ubiquitous use of cell phones involves law enforcement obtaining historical records of our cell phone’s location in order to determine where we were at any given time in the past.  The Eleventh Circuit recently ruled in United States v. Davis in that the government must obtain a warrant before it can access this information; the case is now on appeal to the entire circuit en banc.

cell phones       time machine

This issue has already been considered by the Third Circuit and the Fifth Circuit, both of which refused to apply the Fourth Amendment to the acquisition of historical cell phone location data.  But in Davis, the government received over 11,000 records of the defendant’s location–one for every eight seconds during the sixty-seven days covered by the records.  In order to acquire these records, the government did not seek a warrant, because the prosecutor argued that under the third party doctrine of Smith v. Maryland, a warrant was unnecessary. (The government did obtain a “D-order” under 18 U.S.C. § 2703(d) of the Stored Communications Act, which only requires that the government demonstrate “specific and articulable facts” that the information is “relevant and material” to an ongoing criminal investigation).

The judgment of the Davis case is consistent with Justice Alito’s concurring opinion in United States v. Jones.  The Jones concurrence held that although following a car over public highways for one trip was not a Fourth Amendment “search,” tracking the movements of a person’s car over public highways for one month did constitute a search.   In Davis, the government tracked the defendant’s movements for sixty-seven days; thus, under the mosaic theory of the Fourth Amendment, tracking the defendant for such an extended period of time violated his reasonable expectation of privacy.   Thus, there is a good chance that on these facts, the Eleventh Circuit might uphold the judgment of the three-judge panel.

But the underlying holding of the Davis case did not rely on the mosaic theory.  The court went further and held that any use of cell phone location data constituted a search:

“Davis has not voluntarily disclosed his cell site location information to the provider in such a fashion as to lose his reasonable expectation of privacy.

In short, we hold that cell site location information is within the subscriber’s reasonable expectation of privacy. The obtaining of that data without a warrant is a Fourth Amendment violation. Nonetheless, for reasons set forth in the next section of this opinion, we do not conclude that the district court committed a reversible error.”

The ACLU has duly filed an amicus brief for the en banc appeal in Davis, urging the panel to let the original decision stand.  A lawyer for the ACLU explained their position in a recent article in the Wall Street Journal:

“[Cell phone location information] gives the police a power that they have never had before in the history of law enforcement, which is a time machine into where somebody was going and what somebody was doing in the past,” said Nathan Freed Wessler, an American Civil Liberties Union lawyer who has also filed a brief in the case. “It’s an incredibly powerful investigative tool. And with an appropriate warrant police can get that, but what is absolutely essential is they can’t just sort of walk their way into that time machine without demonstrating probable cause.”

Thus, according to the Eleventh Circuit’s opinion, the government should never be able to use the positional information from our cell phones to learn our past location, even if the government is only seeking records from one specific point in time.  The ACLU argues that this is analogous to using a “time machine” to spy on our past movements, and argues that police have never before had this power.  But this is surely an exaggeration.   This type of “back-dated” surveillance is quite common.  Surveillance cameras in public places have been around for decades.  And the government has routinely used historical data to track the past movements of suspects–they could tell when a certain car entered a parking garage or crossed a toll bridge; they could check the person’s home phone logs and determine whether the person was present at home at a certain time;  they could tell when a person punched in at work; and so on.

As is usually the case, the difference between historical cell phone location data and other, more familiar types of historical surveillance is a difference in degree, not kind.  Cell phone location data makes law enforcement more efficient–if the police want to know whether a suspect was at a certain location at a certain time, they are much more likely to be able to determine that fact now than they were in the past with more traditional techniques.  As the government notes in its brief, this type of information can absolve the innocent as well as inculpate the guilty; the innocent suspects would then be spared being the subject other, far more intrusive surveillance and investigative techniques.

If we apply the Katz test to this question, it seems unlikely that an average person would believe that they have a reasonable expectation of privacy in their physical location.  The vast majority of people make no secret of their physical location at any given time; the very idea that their location should be kept secret would strike them as strange.  It is only when the government is trying to obtain massive amounts of information covering an extended period of time that the mosaic theory kicks in that the government begins to learn truly private information about the person, thus transforming this surveillance into a Fourth Amendment search.

Granted, there are certain times when individuals–both the innocent and the guilty–would like their location to be secret.  But if that is the case, we would expect a reasonable person to take precautions so that others would not know where he or she was.  In the past, that would perhaps mean wearing a disguise, or sneaking away at night, or avoiding populated areas.  In the modern era, it now also means turning a cell phone off, or leaving the cell phone at home, or using a cell phone that cannot be traced back to its user.  This requires extra effort on the part of the individual who wishes to remain hidden,  but–again–this is not a new phenomenon.  For example, assume a person wishes to make a secret trip to a motel.  The most convenient method of doing so would be for her to drive her own car and park it outside the motel.  But this runs the risk of somebody seeing  the license plate on the car, either while it is being driven or while it is parked outside.  Thus, to ensure secrecy, the person must either walk, or use a different car, or park some distance from the motel.  Does imposing these restrictions mean that the person’s reasonable expectations of privacy are being violated?  Should we therefore preclude police from the conducting  warrantless checks of the license plates of cars that are in public view?

Certain technological advances–such as cars and cell phones–have become ubiquitous because they provide an enormous increase in convenience.  As it turns out, these advances also provide the police with more efficient tools to conduct criminal investigations.  As long as these tools are not revealing previously secret, hidden, private information (and a person’s physical location does not seem to fit into that category), it makes sense to allow the police to use these tools to save resources, track down the guilty, and exonerate the innocent.