by Anthony W. Accurso
A bill introduced in mid-April by Ron Wyden (D-OR), Rand Paul (R-KY) and 18 other U.S. Senators would make it illegal for law enforcement and intelligence agencies to purchase Americans’ sensitive information—including geolocation data or the content of communications—from any company that collects such data.
This proposed law comes in response to reports that agencies like the DEA and DHS have been purchasing bulk user location data from brokers such as Venntel, a company that describes itself as a “pioneer in mobile location information.”
This behavior seems to violate the spirit of the U.S. Supreme Court’s ruling in Carpenter v. United States, 138 S. Ct. 2206 (2018), in which the Court held that law enforcement must get a warrant before obtaining customer geolocation data from a cell-service provider. The agencies have justified their actions saying they’re merely buying information that’s available for sale to anyone willing to pay for it and that it doesn’t violate Carpenter because they are obtaining the data from a third-party data broker, not from the cell-service provider directly. This appears to be a hypertechnical difference without a substantive distinction.
This interpretation is unlikely to survive scrutiny by the Supreme Court, but it may take years before a case on this issue is heard by the Court. In the meantime, we can’t rely on outdated laws to protect our data.
The Electronic Communications Privacy Act has not been meaningfully updated since 1986. This law applies to phone companies and internet service providers, and it prohibits them from voluntarily disclosing Americans’ personal information to government agencies. But because Congress could not foresee mobile apps and data brokers like Venntel, the law does not stop those entities from disclosing (or selling) the very same data.
Until this situation is remedied, government agencies will continue to spend millions of taxpayer dollars obtaining personal data in violation of the spirit of the law, if not the substance. According to The Washington Post, “Last November , Vice News discovered that the Defense Department had been purchasing ‘granular location data’ harvested from a popular Muslim prayer app used by 98 million people around the world, including Americans, as well as similar data generated by a Muslim dating app.”
It’s clear that, without judicial oversight, government agencies will act in ways that confirm our worst fears about governments spying on their citizens.
While the proposed bill, dubbed “The Fourth Amendment Is Not For Sale Act,” is not perfect—it prevents any company from selling a user’s personal data but doesn’t prevent uncompensated, voluntary disclosure—it is a step towards updating our aging tech-related laws and would prevent some of the most egregious data collection practices by law enforcement.
Source: The Washington Post
As a digital subscriber to Criminal Legal News, you can access full text and downloads for this and other premium content.
Already a subscriber? Login