In a recent 5-4 decision, the Supreme Court ruled that law enforcement agencies must obtain a warrant before they can get access to data collected and stored on mobile devices. Of special significance, the court rejected the “third party rule,” which dates back to the 1970’s and asserts that any data collected by third-parties is automatically devoid of Constitutional protection.
The ruling is undeniably good news, and privacy advocates who have been watching the issue closely hail the decision as a victory for individual privacy. However, it should be noted that in the overwhelming majority of cases, “probable cause” is sufficient for most judges to grant a search warrant to law enforcement officials.
The reality is that probable cause is one of those “squishy” words that can mean wildly different things to different people. While it serves as a speed bump to accessing data on mobile devices, it’s a relatively modest one that’s unlikely to prevent many instances of law enforcement getting the information they need during the course of their investigations.
All that to say, it’s a good first step, but this ruling alone isn’t enough. So far, no national government anywhere in the world has been able to craft a set of sensible policies that adequately protect the privacy of individuals on the web. Corporations collect oceans of data on the consuming public, and increasingly, that data is packaged, resold and used for a variety of purposes.
While most of those purposes are fairly harmless and aimed more at marketing than anything else, other purposes border on or are abuses of the public’s trust. There are no easy fixes here, but kudos to the Supreme Court for taking an important first step.