08 Jun 2016

4th Circuit Court of Appeals Ruling Could Hasten the End of Personal Privacy

A 4th Circuit Court of Appeals ruling seems to cement the notion that one’s electronic footprints and communications are fair game for unfettered search and seizure (i.e.: are not protected by 4th Amendment rights).

By a 12-3 vote, appellate court judges in Richmond, Virginia, ruled that tracking your movements does not require a warrant. The 4th Circuit Court of Appeals upheld what is known as the Third-Party Doctrine: a legal theory suggesting that consumers who knowingly and willingly surrender information to third parties therefore have “no reasonable expectation of privacy” in that information — regardless of how much information there is, or how revealing it is.

Use of data you willingly transmit to the telephone company as you move about with your mobile phone in your pocket (turned on or even perhaps turned off) tracks and stores a record of your path that can be combined with a map to understand your every movement.

The most visual example of this is that of German politician Malte Spitz, who went to court in order to obtain all information that his cellphone carrier Deutsche Telekom had about his activity. Over the course of five months, Deutsche Telekom had tracked his geographical location and what he was doing with his phone 35,000 times. Working with the German newspaper Die Zeit, Spitz used the data to map activity across timeline, which you can speed up and zoom in on, down to his entrances into buildings. (View here).

Cell-site location data collected over time can reveal a tremendous amount of personal information: where you live, where you work, when you travel, who you meet with, and where you go or stop, day or night. It’s impossible to make a call (or have your mobile phone turned on) without disclosing your location to the cellphone carrier.

The appellate court ruling may suggest that this data, and any electronic data (banking, credit-card, email, phone, car location with toll road transponders, smartwatches and fitness trackers, etc.) you willingly pass through third parties, is fair game for collection and analysis by others without your knowledge.

As it pertains to email, one might interpret the ruling as affirmation that one’s email message content, willfully sent through or stored on third party email providers, is also fair game for collection and analysis by others without your knowledge.

For those that use email, one small step that can be taken to protect personal/private information sent by email is to encrypt those important messages when they are in transit as well as when they reside inside the recipient’s email inbox. With RMail, for example, this type of “end-to-end” encryption capability is known as RMail Executive Mode encryption.