By Grace Zheng
We have all been told to be careful with what we post on social media — it can cost us anything from an embarrassing moment in front of friends to even a job. However, our digital footprint has far greater implications than we may realize. The racial and legal consequences arising from the purchase of data from third-party companies, as well as the use of this data in policing practices, have become a key concern for surveillance scholars. In particular, they argue that the process around data collection has evolved so drastically in the digital era that the Fourth Amendment can no longer provide adequate protection for civilian rights.
The Fourth Amendment guarantees “the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures” and protects civilians based on “reasonable expectations of privacy.” However, as we move toward an expository society, its validity has come under scrutiny. Today, information on individuals no longer needs to be “extracted” as it did in the past — instead, it is willingly offered by civilians in the form of social media posts, Google searches, and even online transactions. Though a quick search on an online search engine looks drastically different from that of a traditional house search by police, it can be argued that both the quality and quantity of information that can be found online would constitute a breach of the Fourth Amendment had it been obtained through other means in the past.
Furthermore, whilst Facebook’s high-profile 2018 lawsuit involved the exchange of data between private entities, it is important to note that another common party in this transaction is the government. According to the US third-party doctrine, individuals who voluntarily provide their information to third-party companies like banks, phone companies, and internet service providers, have no “reasonable expectations of privacy” under the Fourth Amendment. Simply put, the government can acquire information from a third-party company with just a subpoena, as long as the individual originally consented to share their information with that third company. The Supreme Court rulings in United States v. Miller (1976) and Smith v. Maryland (1979) affirmed this policy.
Under the third-party doctrine, not only do users have no idea or control over where their data is going, but evidence shows that the government may be abusing this to target racial and religious minorities. A prime example is the government’s acquisition of data on Muslim civilians. In 2020, it was found that the US Military purchased the location data of over 100 million users from the app, Muslim Pro, a Muslim prayer app that reminds users when to pray and gives their direction toward Mecca. The US Military further purchased information from other apps predominantly used by Muslims, such as the dating apps Muslim Mingle and Iran Social, obtaining information on individuals that may have otherwise required a warrant to access. There is no doubt this news created widespread fear amongst the Muslim-American community, who were already subject to heightened surveillance by the government post-9/11. In addition to fostering discriminatory practices, this selective surveillance reflects the law enforcement’s attitude toward Muslim Americans: they are guilty until proven innocent.
In fact, this process of data collection and commodification is so standardized it has a name: surveillance capitalism. Today, one of the most common manifestations of surveillance capitalism is no doubt in police operations. For example, big data is used by police departments to produce predictive policing forecasts that identify ‘high-risk areas’ to which patrols are then assigned. The main proponents of these programs argue this is an objective method that is substantiated by neutral algorithms and data. However, not only are the areas identified disproportionately racial, but increasing police patrols in those locations simultaneously increases the likelihood that crime will be detected in the first place, creating a self-perpetuating cycle. Furthermore, the existence of these programs also allow the police to provide justification for what qualifies as a high-risk area in court, whilst lowering the bar for what constitutes reasonable suspicion under the Fourth Amendment. Although they have been temporarily suspended in cities like Los Angeles due to public outcry, their use in other cities still poses significant challenges to our right to privacy.
As the US continues to struggle with this issue, perhaps we can look to the EU’s General Data Protection Regulation (GDPR) for inspiration. In addition to requiring all companies to obtain their users’ consent before collecting their data, the GDPR states that the request must also be “clearly distinguishable from the other matters” and presented in “clear and plain language.” Whilst US citizens are entitled to rights, such as the right to be left alone and bear arms, the GDPR also introduced the “right to be forgotten” or “right to erasure”, which gives EU citizens the ability to ask companies to clear their personal information. Though there are still certain limitations — for example, your information cannot be erased if it is currently being used in a legal ruling — it undoubtedly restores power to the hands of citizens.
Meanwhile, for the first time in the landmark case Carpenter v. United States (2018), the Supreme Court held that when the government demanded location information from the defendant’s cell phone provider without a warrant, it surpassed reasonable expectations of privacy and violated the Fourth Amendment. Perhaps this case, in tandem with the policy developments in the EU, can serve as a precedent for lawmaking in the US when it comes to data privacy issues.
