Senators Lindsey Graham (R-S.C.), Tom Cotton (R-Ark.) and Marsha Blackburn (R-Tenn.) have introduced the Lawful Access to Encrypted Data Act, a bill that would require tech companies to assist law enforcement in executing search warrants that seek encrypted data.  The bill would apply to law enforcement efforts to obtain data at rest as well as data in motion.  It would also apply to both criminal and national security legal process.  This proposal comes in the wake of the Senate Judiciary Committee’s December 2019 hearing on encryption and lawful access to data.  According to its sponsors, the purpose of the bill is to “end[] the use of ‘warrant-proof’ encrypted technology . . . to conceal illicit behavior.”

The bill has three main provisions:
Continue Reading Lawful Access to Encrypted Data Act Introduced

On Wednesday, the Supreme Court heard oral arguments in Carpenter v.  U. S., a case that involved the collection of 127 days of Petitioner Thomas Carpenter’s cell site location information as part of an investigation into several armed robberies.  We attended the argument to gain any insights into how the Supreme Court may resolve this important case.

The central issue in the appeal is whether the government can access this type and amount of individual location data without a warrant.  But an equally important issue is whether the Supreme Court should reevaluate the “third-party doctrine” exception to the Fourth Amendment’s warrant requirement in light of dramatic changes in the way individuals interact with technology in the digital era.  The “third-party doctrine” provides that individuals have no expectation of privacy in any information that is voluntarily released to a third party—a mobile-phone provider, cloud service provider, and the like.  The Court’s decision will have major implications for technology companies’ ability to protect customer data against warrantless searches by law enforcement officials.

During the 80-minute, extended oral arguments, the Justices broadly acknowledged that technology has changed dramatically in the decades since the Court originally recognized the third-party doctrine.  Each Justice, however, appeared to place varying weight on the import of that change on current legal standards.  Justices Kennedy and Alito focused on the information itself, rather than the technology, asking whether location information should be considered more sensitive than the bank information that United States v. Miller permitted law enforcement to access without a warrant, suggesting that banking information might be considered more sensitive.  
Continue Reading The Supreme Court Arguments in Carpenter Show that It May Be Time to Redefine the “Third-Party Doctrine”

By Lala Qadir

The Supreme Court of Canada recently issued a 4-3 decision that gave the police a green light in conducting warrantless searches of an arrestee’s cell phone as long as the search is directly related to the suspected crime and records are kept.  Over three dissenting judges that characterized mobile phones as “intensely personal and uniquely pervasive sphere of privacy,” the majority held a balance can be struck that “permits searches of cell phones incident to arrest, provided that the search—both what is searched and how it is searched—is strictly incidental to the arrest and that the police keep detailed notes of what has been searched and why.”

Canada’s high court ruling stands in stark contrast to that of the United States.  Earlier this year, the United States Supreme Court heard argument on two cell phone cases—Riley and Wurie—ultimately holding that warrantless searches of cell phones, even when held incident to an arrest, were unconstitutional unless they were subject to specific exceptions to the Fourth Amendment’s warrant requirement.
Continue Reading Canada’s Highest Court Rules That Police Can Search Cell Phone Contents After Arrest

Continuing a flurry of recent legislative activity (see posts here and here), the California legislature on Tuesday passed a bill requiring that California law enforcement agencies obtain a search warrant to compel the production of communications content (e.g., emails and social media messages) from providers of electronic communication services.  A service provider may provide stored content to law enforcement without a search warrant if the service provider, in good faith, believes that an emergency involving the danger of death or serious physical injury to a person require disclosure without delay.  The bill—S.B. 467—was introduced by Senator Mark Leno and is sponsored by the Electronic Frontier Foundation and supported by the ACLU of California.  It will be enacted into law and become effective on January 1, 2014 if signed by Governor Jerry Brown or if Governor Brown has not vetoed the bill before October 13, 2013. 

Currently, the Stored Communications Act (“SCA”) (part of the federal Electronic Communications Privacy Act (“ECPA”)) requires law enforcement to obtain a search warrant for stored communications held by a service provider for less than 180 days or that have not been opened by the recipient, but only requires less rigorous forms of legal process—for example, a subpoena—for opened, stored communications held for more than 180 days.  (This distinction arose because in 1986 when the SCA was enacted, email typically was hosted on service providers’ servers temporarily and then downloaded by users after a short period of time).


Continue Reading CA Passes Legislation Requiring Search Warrant For Disclosure of Stored Content