Privacy: Searching and Seizing Computers
Reasonable Expectation of Privacy
Accessing information stored in a computer ordinarily will implicate the owner's reasonable expectation of privacy in the information. See United States v. Barth, 26 F. Supp. 2d 929, 936-37 (W.D. Tex. 1998) (finding reasonable expectation of privacy in files stored on hard drive of personal computer); United States v. Reyes, 922 F. Supp. 818, 832-33 (S.D.N.Y. 1996) (finding reasonable expectation of privacy in data stored in a pager); United States v. Lynch, 908 F. Supp. 284, 287 (D.V.I. 1995) (same); United States v. Chan, 830 F. Supp. 531, 535 (N.D. Cal. 1993) (same); United States v. Blas, 1990 WL 265179, at *21 (E.D. Wis. Dec. 4, 1990) ("[A]n individual has the same expectation of privacy in a pager, computer, or other electronic data storage and retrieval device as in a closed container."). See also United States v. Long, 64 M.J. 57 (CAAF 2006) (finding REOP in emails defendant sent from her office computer and in emails stored on government server); United States v. Heckenkamp, 482 F.3d 1142, 1146 (9th Cir. 2007) (holding that the defendant "had a legitimate, objectively reasonable expectation of privacy in his personal computer"); United States v. Lifshitz, 369 F.3d 173, 190 (2d Cir. 2004) ("Individuals generally possess a reasonable expectation of privacy in their home computers."); Guest v. Leis, 255 F.3d 325, 333 (6th Cir. 2001) ("Home owners would of course have a reasonable expectation of privacy in their homes and in their belongings — including computers — inside the home.").
In City of Ontario v. Quon, 130 S. Ct. 2619, 2630 (2010), the Supreme Court assumed, without deciding, that a city employee had a reasonable expectation of privacy in text messages sent and received on a pager provided by his employer. See also Quon v. Arch Wireless, 445 F. Supp. 2d 1116 (C.D. Cal. 2006) (gov't employee had REOP in text messages sent through his city-owned pagers), aff'd, 529 F.3d 892 (9th 2008).
Personal computers that are password-protected are subject to even greater privacy protection. See United States v. Aaron, 33 F. App'x 180 (6th Cir. 2002) (in assessing the scope of a privacy interest, the court should examine "whether the relevant files were password-protected or whether the defendant otherwise manifested an intention to restrict third-party access."); United States v. Lucas, 640 F.3d 168 (6th Cir. 2011) (holding that the district court did not err in holding that the search of a laptop computer that was not password-protected was akin to the search of a closed, unlocked container); United States v. Buckner, 473 F.3d 551, 554 n.2 (4th Cir. 2007) (district court's finding that defendant had a reasonable expectation of privacy in password-protected files was not clearly erroneous)
The Tenth Circuit has cautioned that "[b]ecause computers can hold so much information touching on many different areas of a person's life, there is greater potential for the 'intermingling' of documents and a consequent invasion of privacy when police execute a search for evidence on a computer." United States v. Walser, 275 F.3d 981, 986 (10th Cir. 2001). But see United States v. Gorshkov, 2001 WL 1024026, at *2 (W.D. Wash. May 23, 2001) (holding that defendant did not have a reasonable expectation of privacy in use of a private computer network when undercover federal agents looked over his shoulder, when he did not own the computer he used, and when he knew that the system administrator could monitor his activities).
In State v. Smith, the Ohio Supreme Court held that officers must obtain a warrant to search a cell phone incident to arrest. Slip Opinion No. 2009-Ohio-6426, State v. Smith, 124 Ohio St.3d 163, 169, 920 N.E.2d 949 (2009). The Court found that cell phones' "ability to store large amounts of private data" created a higher level of privacy expectation than in a closed container or address book. Id. at ¶ 23 Since the traditional justifications for search incident to arrest, officer safety and evidence preservation, did not apply, the exception did not apply to cell phones. Id. at ¶ 24. See also United States v. Zavala, 541 F.3d 562, 577 (5th Cir.2008) ("[C]ell phones contain a wealth of private information, including emails, text messages, call histories, address books, and subscriber numbers"; thus, defendant had a "reasonable expectation of privacy regarding [the cell phone's contents]."); United States v. Finley, All, 477 F.3d 250, 259 (5th Cir.2007) (A defendant had reasonable expectation of privacy in the text messages stored on his cell phone because he had possessory interest in the phone and took "normal precautions to maintain his privacy in the phone."); United States v. Davis, 787 F.Supp.2d 1165, 1170 (D.Or.2011) ("A person has a reasonable expectation of privacy in his or her personal cell phone, including call records and text messages."); United States v. Quintana, 594 F.Supp.2d 1291, 1299 (M.D.Fla.2009) ("A search warrant is required to search the contents of a cell phone unless an exception to the warrant requirement exists.");
In the offline world, the U.S. Supreme Court has recognized legitimate privacy interest in confidential letters. United States v. Jacobsen, 466 U.S. 109, 114, 104 S.Ct. 1652, 1657 (1984) (“Letters and other sealed packages are in the general class of effects in which the public at large has a legitimate expectation of privacy.”). See also Ortega v. O’Connor, 146 F.3d 1149, 1163 (9th Cir. 1998) (under circumstances, employee had legitimate expectation of privacy from employer). In People v. Gutierrez, the Colorado Supreme Court ruled that a REOP existed even in tax records held by a third party tax preparer because of state and federal law governing tax record privacy. No. 09SA69 (Co. Dec. 14, 2009) An analogy could be made that statutes that govern the privacy of digital records, such as the SCA, create a REOP in those records as well.
Warrantless Searches: Border Search Exception
In United States v. Arnold, the Ninth Circuit held that the Fourth Amendment does not require government agents to have reasonable suspicion before searching laptops or other digital devices at the border. 533 F.3d 1003 (9th Cir. 2008), cert. denied, 129 S. Ct. 1312 (2009). The lower court ruling relied on prior border search cases that distinguished between “routine” suspicionless searches and invasive “non-routine” searches of persons that require reasonable suspicion. Id. at 1008. Due to the private nature of computer laptops and the information they contain, the trial court required border agents need reasonable suspicion to search the defendant’s machine. Id. at 1006. Since there was no cause for the search in Arnold, the court suppressed the evidence. Id.
The Ninth Circuit panel reversed, rejecting the view that vast digital storage capacity means the privacy invasion resulting from searching computers is qualitatively different from, and requires higher suspicion than, searching luggage or other physical items. Id. at 1008. Rather, the opinion could be read to say that property searches at the border, so long as they are not excessively destructive, require no cause at all. See id. at 1009.
The opinion leaves open that invasive, “non-routine” searches of the person may still require reasonable suspicion. Id. at 1007.
Privacy Protection Act
The Privacy Protection Act, 42 U.S.C. 2000aa, dictates: "Notwithstanding any other law, it shall be unlawful for a government officer or employee, in connection with the investigation . . . of a criminal offense to search for or seize any work product materials possessed by a person reasonably believed to have a purpose to disseminate to the public a newspaper, broadcast, or other similar form of public communication . . . ." See 42 U.S.C. Sec. 2000aa(a). According to the Senate Report, the PPA protected "the press and certain other persons not suspected of committing a crime with protections not provided currently by the Fourth Amendment." S. Rep. No. 96-874, at 4 (1980), reprinted in 1980 U.S.C.C.A.N. 3950.