The Yale Law Journal has published a short essay that I wrote in response to an article by Robert Litt, General Counsel to the Office of the Director of National Intelligence on the Fourth Amendment in the Digital Age. Mr. Litt uses EFF's NSA Spying case Jewel v. NSA and the Klayman v. Obama case, where I argued as amicus, as examples, so it seemed only reasonable that EFF reply. It's here and it's only 10 pages long:
In the article, I agree with a couple of Mr. Litt's observations about how the Fourth Amendment, as currently interpreted, is not suited to the digital age. But, as you might expect, I disagree very sharply with how he’d like it to change.
Specifically, Mr. Litt and I agree that the Fourth Amendment's current “reasonable expectation of privacy” test and the third party doctrine do not work well and should likely be dispensed with for digital search and seizure. Where we disagree, though, is that Mr. Litt removes the reasonable expectation of privacy without offering a replacement, leaving just a balancing test where the people being affected by surveillance have to show that they were individually harmed by the government's activities but the government only has to show potential benefit from its surveillance. Mr. Litt likens his formulation to an insurance policy, which protects its holder even when no claim is filed.
Additionally, within the doctrine this shift would also eliminate the core protections against general warrants which are one of the reasons the Fourth Amendment exists at all, as well as the presumption that searches of content are “per se” unreasonable. So while the "reasonable expectation of privacy" formulation is a problem, we need to search for suitable, privacy protective replacements, not just eliminate it entirely.
Mr. Litt agrees that the third party doctrine, where the government claims that your data in the hands of third parties like your ISP or Facebook or Google or Amazon simply loses all Fourth Amendment protection, should go. On that we agree. But he proposes something worse: that computer searches through masses of data—like those done by the NSA when it searches through the data carried on the fiberoptic cables via its Upstream program at issue in Jewel v. NSA—just shouldn't count for purposes of the Fourth Amendment. I call this the "human eyes" thesis. The idea that no search or seizure occurs until human eyes actually see your communications. I point out why that proposal, variations of which the government has made and lost in other contexts, is dangerous.
On both points, I note that a better place to start than Mr. Litt's suggestions is the Necessary and Proportionate Principles, an interpretation of international human rights law written by an international team of privacy advocates and attorneys and signed on by over 400 organizations, international experts, politicians and political parties around the world. Updating the Fourth Amendment is critically needed, but as I say in the piece:
What is clear is that if we are going to address where the Fourth Amendment should be in the digital age, we must do better than a free-form balancing test where the government will always be perched on the heavy end of the scales, and where the substitution of computers for humans somehow eliminates our Fourth Amendment right to be secure from unreasonable seizures and searches of our most private communications.