The Fourth Amendment in the Digital Age: Why the Government's Purchase of Data is Unconstitutional

In the twenty-first century, chances are you can learn more about someone by buying information from a data broker than you can by meeting them. The prevalence of data collection has intensified dramatically in the age of the internet. For example, Tesla collects about one terabyte of location and traffic data per vehicle each week [1]. Third-party data brokers collect data from a variety of sources, including social media, online shopping websites, gaming apps like Pokémon Go, websites like 23andMe or Ancestry.com, and health apps such as Fitbit [2]: essentially anywhere data is collected, which is everywhere. Companies make tremendous amounts of money buying and selling this data to third parties.

Many people believe that the only consequence of this data collection is targeted media, like hyper-specific advertising. But targeted advertising is not the only concern when it comes to selling information on consumers; there are legitimate concerns of safety, surveillance, and control. Government possession of our data poses a serious threat to our privacy and civil liberties, as it could be used to track our movements, monitor our activities, and suppress dissent. The Fourth Amendment of the United States Constitution aims to protect citizens from unreasonable searches and seizures [3], and in the digital age, this protection is more important than ever. Despite this protection, the United States government can still obtain information on civilians without a warrant simply by buying data. The ability for the U.S government and third parties to purchase consumer data is a violation of the Fourth Amendment, as it allows the government to seize our information and violate our right to privacy without a warrant.

In 1967, the Supreme Court clarified in the decision for Berger v. New York (1967) that the protections of the Fourth Amendment expanded to "conversation" and are not limited to just "persons, houses, papers, and effects."[4] Much of our data collected, including online and telephone communications, are therefore protected under the Fourth Amendment. Put simply, this means they should be inaccessible to the government without a proper warrant. Further, in Kyllo v. United States (2001), the Court clarified that when enforcing the Fourth Amendment, it is done to "that degree of privacy against government that existed when the Fourth Amendment was adopted."[5] The Court has asserted that citizens are entitled to the same level of privacy one could have expected at the time of ratification despite these threats; this should be upheld even in the face of more numerous and complex threats to our privacy such as data brokers. This would include protection from the non-consensual distribution of our information.

This issue is complicated by the Third Party Doctrine in the Fourth Amendment, which was adopted during the 1976 case of United States vs. Miller (1976). The doctrine states that citizens do not have reasonable expectations of privacy when it comes to information that is voluntarily shared with third parties. Prior to the adoption of the Third Party Doctrine in 1976, the court acknowledged in Olmstead v. United States (1928), that "force and violence were then the only means known to man by which a Government could directly affect self-incrimination.”[6] However, the court also acknowledged that "subtler and more far-reaching means of invading privacy have become available to the Government,"[7] meaning that Americans must now have protections against these subtle and far-reaching invasions enabled by technology.

An influential dissenting opinion written by Justice Louis Brandeis stated, "Every unjustifiable intrusion by the Government upon the privacy of the individual, whatever the means employed, must be deemed a violation of the Fourth Amendment."[8] This dissenting opinion is especially relevant to data privacy because in this case in the late 1920s, the Court was reckoning with new technologies that allowed the government to obtain information through wiretaps, similar to how big data allows the government to employ new technologies to violate our privacy.

Since then, The Court cited this opinion in the case Carpenter v. United States (2018) when they ruled that location data gathered by cell phone companies was particularly sensitive information and therefore even though it was ‘voluntarily’ disclosed to cell phone companies, it was still protected by the fourth amendment and could only be accessed with a warrant [9]. This suggests that the Court has realized that in the digital age, the Third Party Doctrine is incompatible with the ability to protect the rights of the Fourth Amendment in a way that aligns with its original purpose and to the “degree of privacy against government that existed” upon ratification [10].

The United States government is still in the process of collecting and monitoring our data by buying it from third parties [11]. In June of 2023, the Office of the Director of National Intelligence was compelled to release a report from January 2022, revealing that the Intelligence Community obtains and monitors a considerable amount of “commercially available information.”[12] This was done by multiple agencies; the Federal Bureau of Investigation (“FBI”), Defense Intelligence Agency (“DIA”) and the Navy are all cited in the report as having obtained information on an undisclosed number of people [13]. The acquisition of this information is unconstitutional. It is not information that would have been available to the government upon the ratification of the Fourth Amendment and thus, per the Court in Kyllo v. The United States, shouldn't be available to them now without a warrant or informed consumer consent. If this practice is not recognized as a violation of our constitutional rights, the extent of this surveillance and its impact on our ability to exercise our freedoms could become even more severe.

The Fourth Amendment protects us from unreasonable searches and seizures, and the government's purchase of data is an infringement on our personal privacy that is incompatible with that protection. The government should not be allowed to purchase our data without a warrant. Our privacy and our democracy need to be protected. The Court must recognize this as a violation of the Fourth Amendment in order to encourage and allow the government to pass legislation to ban this practice. Other countries have already taken steps to protect their citizens' data privacy. For example, the European Union's General Data Protection Regulation (GDPR) gives individuals control over their personal data and requires companies to obtain consent before collecting or using that data [14]. In the United States there is the foundation for this type of protection in The Fourth Amendment, and it is time for the Court to acknowledge it, and it is time for it to be enforced.