On Monday, May 16, 2016, the Supreme Court of the United States issued its highly anticipated opinion in Spokeo, Inc. v. Robins, a case that examined the question of whether a plaintiff who ...25 May 2016
Supreme Court Decision in Warrantless GPS Tracking Case Offers Little Guidance in Consumer Privacy Context
Sometimes Fourth Amendment cases (which by definition arise in a governmental context) have implications for consumer privacy law since the "reasonable expectation of privacy" analysis can be employed in both areas. Yesterday's U.S. Supreme Court 9-0 ruling in United States v. Jones that the warrantless attachment of a GPS device to a car for monitoring purposes violated the Fourth Amendment offers little guidance in the consumer privacy context as the majority of the Court did not rely on an "expectation of privacy" analysis. The Court's main opinion, written by Justice Scalia, focused on narrow issue of whether there was a trespass when the GPS device was attached to the suspect's car. Concluding that a trespass occurred, the majority of the Court found that a warrant was required under the Fourth Amendment. Justice Scalia delivered the opinion of the Court in which Chief Justice Roberts, and Justices Kennedy, Thomas and Sotomayor joined. Justice Sotomayor wrote her own concurring opinion and Justice Alito filed an opinion concurring in the judgment in which Justices Ginsburg, Breyer and Kagan joined.
The main opinion of the Court chose not to address the issue of whether the suspect had a reasonable expectation of privacy not to be monitored, which was another available avenue of analysis. Justice Alito said: "I would analyze the question presented in this case by asking whether respondent's reasonable expectations of privacy were violated by the long-term monitoring of the movements of the vehicle he drove." And Justice Sotomayor in her concurrence illustrated how far the Court could have gone to address the "reasonable expectation of privacy" issue:
[I]t may be necessary to reconsider the premise that an individual has no reasonable expectation of privacy in information voluntarily disclosed to third parties. (citation omitted). This approach is ill suited to the digital age, in which people reveal a great deal of information about themselves to third parties in the course of carrying out mundane tasks. People disclose the phone numbers that they dial or text to their cellular providers; the URLs that they visit and the e-mail addresses with which they correspond to their Internet service providers; and the books, groceries, and medications they purchase to online retailers. Perhaps, as Justice Alito notes, some people may find the “tradeoff” of privacy for convenience “worthwhile,” or come to accept this “diminution of privacy” as “inevitable,” and perhaps not. I for one doubt that people would accept without complaint the warrantless disclosure to the Government of a list of every Web site they had visited in the last week, or month, or year. But whatever the societal expectations, they can attain constitutionally protected status only if our Fourth Amendment jurisprudence ceases to treat secrecy as a prerequisite for privacy. I would not assume that all information voluntarily disclosed to some member of the public for a limited purpose is, for that reason alone, disentitled to Fourth Amendment protection. Smith, 442 U. S., at 749 (Marshall, J., dissenting) (“Privacy is not a discrete commodity, possessed absolutely or not at all. Those who disclose certain facts to a bank or phone company for a limited business purpose need not assume that this information will be released to other persons for other purposes”); see also Katz, 389 U. S., at 351–352 (“[W]hat [a person] seeks to preserve as private, even in an area accessible to the public, may be constituttionally protected”).
Had the Court engaged in a "reasonable expectation of privacy" analysis, that could have had an impact on the use of tort and consumer protection law to pursue privacy claims. One could imagine the FTC declaring "unfair" under Section 5 the kind of data use deemed to have violated a reasonable expectation of privacy under the Fourth Amendment.
The French Data Protection Authority (CNIL) has announced its inspections program topics for 2016, with health data, flight passengers’ data, and data used for marketing and Internet...20 May 2016