On Monday, April 27, the Supreme Court will hear Chatrie v. United States, a case about police access to geofence data, a digital record of a person’s location. This case could serve as a landmark intervention in Fourth Amendment doctrine in the digital age – or a more limited adjustment of those rules. The court could also greenlight or restrain “reverse” searches, a key investigative tactic of the digital age. Either way, this is the most important case on digital privacy the court has heard in years.
Background
The Supreme Court last weighed in on the digital Fourth Amendment in 2017. In Carpenter v. United States, the court addressed whether the police had to get a warrant before accessing a certain kind of digital location data, cell-site location information. Cell phones generate CSLI anytime they are on by scanning for the nearest cell tower with strong service. When a cell phone connects to a tower, that tower then records that connection in CSLI logs. A phone’s location can be tracked across time and space by reviewing those logs.
Writing for a 5-4 majority, Chief Justice John Roberts’ Carpenter opinion held that the police must get a warrant before reviewing seven or more days of CSLI for a person’s phone. According to the court, reviewing that amount of location data without a warrant violates a person’s “reasonable expectation of privacy,” which is the legal threshold the court uses to determine whether constitutional protections kick in. The court also enumerated several factors that can be used to measure one’s reasonable expectations of privacy, such as how much the data reveals about a person, the amount of data gathered, and whether the user voluntarily generated the data.
Although Carpenter expanded Fourth Amendment protections for digital location, lower courts have spent the last decade contending with its boundaries.
Enter: geofence data
Among these unsettled questions is whether police need a warrant to access geofence data, another kind of digital location data. Geofence data generally refers to location information collected by cellphone apps. If you have encountered a prompt on your phone that asks you whether you’d like to allow an app to use your location, you’re likely generating the kind of data at issue in Chatrie. Chatrie specifically involved data generated by a Google service called Location History. In Google’s case, this location information was created by combining information from cell towers but also on GPS, Wi-Fi, and Bluetooth signals.
In Carpenter, police sought location information about a particular suspect. But the geofence data in Chatrie is useful in a different situation – when the police have no suspect identified. Police can request information from a private company holding app location data for a list of users at a certain location during a certain timeframe to generate leads.
Specifically, in Chatrie, the police asked Google for a list of all users who had been recorded near a bank for an hour during which the bank was robbed. The police’s interaction with Google involved three key steps. First, they served Google with a warrant for an anonymized list of all phones in a 17.5-acre area around the bank. The remaining two steps took place without any further legal process. The police next asked for location information of a subset of those phones within a two-hour period before and after the original timeframe. Finally, the police asked Google to deanonymize three devices whose movements after the robbery matched other details of the investigation. This deanonymization revealed Chatrie was associated with one of those phones.
This investigative tactic can be extremely useful for the police. It can help them narrow down or identify suspects when they otherwise have none. But it also raises constitutional questions. The central question is whether accessing this kind of digital location record violates the Fourth Amendment. The petitioner raises a number of arguments as to why. Below I explore two of the most central: that accessing this data invades one’s reasonable expectation of privacy and that the police procedure is an unconstitutional general warrant.
An opportunity to clarify Carpenter
Initially, this case might seem quite similar to Carpenter – both involve digital location information. But Chatrie involves a few critical differences.
First, the Carpenter factors don’t neatly come out the same way. Most prominent is the issue of voluntariness, which matters to Fourth Amendment inquiries because of what is known as the third-party doctrine. As the court has held, when a person voluntarily shares information with a third party, she loses a reasonable expectation of privacy in that information. In Carpenter, the court found that because cell phones automatically connect to towers without any voluntary action on the part of the user, the resulting CLSI falls outside the bounds of the third-party doctrine. But in Chatrie, the situation looks different. The user arguably “opts-in” to app-based location services by clicking yes when prompted and agreeing to the terms of service. Mr. Chatrie disagrees. He counters that this interaction with Google is essentially “consent by adhesion” – that his consent should not practically count given the unequal bargaining power and knowledge between him and Google. As such, he argues that he did not meaningfully voluntarily surrender his location information.
But behind this voluntariness debate is a bigger question: is there something fundamentally private about location data? Let us take the example of tower dumps. Tower dumps work much the same as geofence data, except that the location data is CSLI (which the court has held one does not expressly opt into), not the hybrid location data stored by apps (which one arguably does). Carpenter established that CSLI data is not voluntarily generated. If the court finds in Chatrie that the geofence data was voluntarily generated, geofence data would not require a warrant. But tower dumps would likely require a warrant because of Carpenter, even though tower dumps produce essentially the same information as geofence data. The court’s treatment of voluntariness, then, could determine the constitutional fate of two investigative tactics that, from a privacy standpoint, are difficult to distinguish.
The general warrant question
At issue in Chatrie is another novel constitutional question. Carpenter involved a request for information about one suspect. Chatrie involved, at least initially, no suspect, and a request for information about a location. Chatrie contends that this kind of dragnet request runs afoul of the constitutional prohibition on general warrants, which requires a warrant to “specifically describ[e] the place” to be searched. According to him, without a suspect, the warrant issued to Google was effectively a general warrant, requiring the company to rifle through all of its records and thus failing to describe specifically where the search should be directed. In the alternative, Chatrie argues that even if the warrant is not technically a general warrant, it still had what is called a “particularity” problem, because it did not describe any specific account to be searched.
At first glance, it might seem that Chatrie’s argument is in tension with existing allowable police practices. After all, police can search an area for clues without yet having a suspect. Here, the police request for a list of all phones in an area may seem similar. Chatrie contends, however, that the difference lies in the way Google assembles this data. Google does not look up a location and see which phones were present. Instead, Google searches each user to see which, if any, were present at the location. That is, Google’s “search” is not of a location as much as it is of many individual people.
At stake in this argument is the continued viability of this kind of law enforcement tactic. Law enforcement has increasingly turned to this kind of “reverse” search: specifying a place, a search term, or Chat GPT prompt and requesting a list of implicated users that they can then use as leads. Because these requests do not involve a specific person and typically require companies to search through all records in order to respond, these requests share the same structure as geofence requests. If geofence requests are or are not general warrants, so too might these other requests. Thus, if the court weighs in on this general warrant question, it could implicate a lot more than just location information.
The digital road ahead
Google announced in 2023 that it would no longer store Location History data anywhere but on the user’s phone, meaning the company no longer has access to the data required to respond to police geofence data requests. But where the court lands on voluntariness and general warrants will shape the landscape of the digital Fourth Amendment. The examples discussed above only scratch the surface of unsettled issues – automated license plate readers, pole cameras, government purchases of digital records, and more – which stand to be shaped by this decision. More fundamentally, so too does our notion of constitutional privacy.