[JURIST] The US Court of Appeals for the Sixth Circuit [official website] on Wednesday ruled [ruling, PDF] that obtaining phone location records without a warrant was not a violation of the Fourth Amendment [text]. The FBI obtained cellphone locations of two suspects in several robberies, later convicted on several charges, through cell-site data via the two suspects’ wireless carriers. The location data showed the suspects to be within a half-mile to two miles of the location of robberies around the time that the robberies took place. While it acknowledged the importance of protected privacy interests related to personal communications, the court determined that “although the content of personal communications is private, the information necessary to get those communications from point A to B is not.” The court refused to extend Fourth Amendment protection to metadata, like the location of individual’s communicating or IP addresses, as collection of these business records do not reveal the content of those communications and so the suspects had no expectation of privacy in the information obtained. Against the argument of the defense, the court distinguished this activity from obtaining information from smartphones, which “typically store vast amounts of information about their users,” as here the FBI only obtained an individual’s location within a “two-mile wedge.”
Technology continues to raise important privacy questions. Last November the US Supreme Court rejected a case [JURIST report] to determine whether it is necessary to obtain a search warrant when law enforcement requests access to cell phone location data. In October California Governor Jerry Brown [official website] signed [press release] into law the California Electronic Communications Act (CECA) [text], a law that many are touting as a substantial step forward for digital privacy and protecting users’ rights. The law, which was approved alongside more than 10 other bills, bars any state’s law enforcement agency or other investigative entity from requesting sensitive metadata from persons or businesses without a warrant [JURIST report]. Also in October the European Court of Justice ruled [JURIST report] that EU user data transferred to the US by various technology companies is not sufficiently protected.