On May 20, 2019, a Virginia bank teller was presented with a note: “I got your family as hostage and I know where you live, [i]f you or your coworker alert the cops or anyone your family and you are going to be hurt . . . .”1United States v. Chatrie, No. 19-cr-00130, 2022 WL 628905, at *1 (E.D. Va. Mar. 3, 2022); Government’s Response in Opposition to Defendant’s Motion for Discovery of Sensorvault Data at 1–2, United States v. Chatrie, No. 19-cr-00130, 2022 WL 628905 (E.D. Va. Mar. 3, 2022) [hereinafter Chatrie Brief]. Brandishing a pistol, the robber ordered customers to the floor, forced open the bank’s safe, and fled with nearly $200,000 in cash.2Chatrie, 2022 WL 628905, at *2.
Queries contrast with the historical location searches addressed in Carpenter v. United States,7138 S. Ct. 2206 (2018). which provide law enforcement with an overview of an already identified suspect’s historical movements.8SeeCarpenter, 138 S. Ct. at 2211–17 (describing historical location searches, referred to as cell site location information (“CSLI”) searches, and concluding that accessing seven days of historical data constituted a Fourth Amendment search under the reasonable expectation of privacy test). I use the term “historical location searches,” rather than CSLI searches, because CSLI refers to the method by which the data is gathered—cell sites—rather than the means through which it is accessed. Both geofence queries and historical location searches can be carried out on data gathered through cell site triangulation, GPS, or another method. See McGriff Declaration, supra note 4, at 4. While the method of data-gathering influences the accuracy and precision of the location data, this Article focuses on the means of querying, rather than gathering, the data. Id. Geofence queries, unlike historical searches and many other investigative techniques, are a critical investigative tool precisely because they generate leads, rather than information merely supporting the guilt or innocence of already identified suspects.9Motion to Quash and Suppress Evidence under Penal Code §§ 1538.5 and 1546 at 2, People v. Dawes, No. 19002022 (Cal. Super. Ct. July 7, 2020) [hereinafter Dawes Motion] (identifying burglar); Chatrie Brief, supra note 1 (identifying bank robber); Katie Benner, Alan Feuer & Adam Goldman, F.B.I. Finds Contact Between Proud Boys Member and Trump Associate Before Riot, N.Y. Times (Mar. 5, 2021), https://perma.cc/HQ6J-MPK5 (identifying Capitol rioters); see also Note, Geofence Warrants and the Fourth Amendment, 134 Harv. L. Rev. 2508, 2528 (2021) [hereinafter Warrant Note] (explaining that because most geofence warrants remain sealed, public reports of crimes solved through geofencing vastly understate the technique’s effectiveness). First attempted in 2016, the use of geofence queries is expanding at an explosive pace, with Google reporting a 1,500% increase from 2017 to 2018 and a 500% increase from 2018 to 2019.10Jennifer Lynch, EFF Files Amicus Brief Arguing Geofence Warrants Violate the Fourth Amendment, EFF (July 2, 2020), https://perma.cc/TG5B-WUVV. By April 2019, Google was receiving nearly 200 geofence requests per week from federal and state authorities across the nation.11See id. (describing query volume); Jennifer Valentino-DeVries, Tracking Phones, Google Is a Dragnet for the Police, N.Y. Times (Apr. 13, 2019), https://perma.cc/5CK5-LKKH (describing use by authorities in Arizona); Arson Warrant, supra note 6 (Illinois); Chatrie Brief, supra note 1 (Virginia); Dawes Motion, supra note 9 (California); Benner et al., supra note 9 (D.C.); Zack Whittaker, Minneapolis Police Tapped Google to Identify George Floyd Protesters, Techcrunch (Feb. 6, 2021), https://perma.cc/2ZM3-M6UD (Minnesota & Florida).
Because this Article focuses on the question of whether geofence queries constitute Fourth Amendment searches, and thus whether they even require warrants, I have opted to use the term “geofence query” to describe any attempt by law enforcement to compel the production of geofence data. In contrast, I use the term “geofence warrant” when investigators specifically seek a warrant to compel production. Finally, I use the term “geofence” to refer to the geographic and temporal coordinates delineating the request.12The use of location tracking and geofence technology by purely private actors raises privacy questions not addressed in this Article. See Kearston L. Wesner, Is the Grass Greener on the Other Side of the Geofence? The First Amendment and Privacy Implications of Unauthorized Smartphone Messages, 10 Case W. Res. J.L. Tech. & Internet 1, 1–3 (2019) (describing settlement over digital advertisements targeting women in the vicinity of abortion clinics and encouraging them not to terminate their pregnancies).
A district judge in the Eastern District of Virginia recently issued an opinion finding that the geofence warrant in Chatrie’s case violated the Fourth Amendment because it did not provide probable cause for each device ultimately identified as within the geofence.13United States v. Chatrie, No. 19-cr-00130, 2022 WL 628905, at *20 (E.D. Va. Mar. 3, 2022). United States v. Chatrie14No. 19-cr-00130, 2022 WL 628905 (E.D. Va. Mar. 3, 2022). demonstrates both the law enforcement utility and the unsettled legal status of geofence queries.15See id. at *20. While queries have received extensive coverage in the popular press, they have been subject to only minimal legal scholarship.16See Haley Amster & Brett Diehl, Note, Against Geofences, 74 Stan. L. Rev. 385 (2022); Warrant Note, supra note 9 (identifying only a miniscule fraction of the popular press coverage generated by geofence queries); Donna Lee Elm, Geofence Warrants: Challenging Digital Dragnets, Crim. Just., Summer 2020, at 8. Current scholarship raises privacy concerns and starts from the mistaken premise that geofence queries are Fourth Amendment searches requiring a warrant.17See Warrant Note, supra note 9, at 2511 (“Much has been said about how courts will extend Carpenter—if at all. This Note focuses on the subsequent inquiry: If the Fourth Amendment is triggered, how should judges consider probable cause and particularity when reviewing warrant applications?” (footnote omitted)); Elm, supra note 16, at 13 (recounting purported privacy violations, discussing probable cause as applied to geofence queries, and advocating for increased legislative regulation); see also Chatrie, 2022 WL 628905, at *20 & n.34 (assuming that a geofence query constitutes a search); Amster & Diehl, supra note 16, at 421 (“[T]he government has shown that it is willing to narrow requests or forgo selective expansion and unmasking when pressured by Google or magistrate judges.”). The literature thus argues for a more stringent application of the warrant requirement and for legislative intervention restricting geofence queries.18See generally Elm, supra note 16; Warrant Note, supra note 9; Amster & Diehl, supra note 16. In contrast, this Article addresses the antecedent question of whether geofence queries are Fourth Amendment searches at all. They are not. Under either an originalist approach or the reasonable expectation of privacy approach articulated in Katz v. United States,19389 U.S. 347 (1967). geofence queries are compelled production, not Fourth Amendment searches, and may thus be constitutionally carried out with subpoenas.20See id. at 353 (holding that wiretaps constituted Fourth Amendment searches requiring a warrant even absent any physical invasion because they represented a violation of the target’s reasonable expectation of privacy); see also Orin S. Kerr, Katz as Originalism, 71 Duke L.J. 1047, 1084 (2022) (arguing that the reasonable expectation of privacy test is both more grounded in originalism than previously believed and more constrained than some of its more enthusiastic judicial and academic proponents have assumed). The existing scholarship is constitutionally irrelevant because it simply assumes queries are Fourth Amendment searches requiring warrants and proceeds to analyze how warrant concepts like “particularity” and “probable cause” apply.21SeeWarrant Note, supra note 9, at 2520–28.
Part I of this Article provides an overview of geofence queries and a description of the Google query leading to Chatrie’s identification and arrest. Part II concludes that under the originalist, property-based approach to the Fourth Amendment explicated by Justice Neil Gorsuch in Carpenter, even if users have a property interest in their location data, queries represent compelled production analogous to subpoenas duces tecum and therefore should not constitute Fourth Amendment searches or require a warrant. Part III applies the reasonable expectation of privacy test and argues that because queries have greater law enforcement utility and impose less of a privacy intrusion than the historical location searches addressed in Carpenter, they do not constitute Fourth Amendment searches and thus do not require a warrant. Part IV explains that under the Stored Communications Act, geofence queries do not require a warrant and can be statutorily carried out with a § 2703(d) order, available on a showing that the geofence data is relevant and material to an ongoing criminal investigation.22See 18 U.S.C. § 2703(d) (noting that an order shall issue where the government offers specific and articulable facts showing reasonable grounds to believe the “records or other information sought, are relevant and material to an ongoing criminal investigation”). The Article concludes by arguing that, rather than courts taking it upon themselves to regulate geofence queries with the blunt instrument of a warrant requirement, Congress should update the Stored Communications Act to explicitly recognize and regulate geofence queries.
Software applications and information technology service providers frequently track the movements of their users.23See sources cited supra note 4 and accompanying text (describing location tracking by Google, cell phone providers, and ride sharing companies). Traditionally, law enforcement utilized this data through a historical search that sought to reconstruct the movements of an identified suspect, either confirming their proximity to a crime or clearing them of suspicion.24SeeCarpenter v. United States, 138 S. Ct. 2206, 2215–16, 2220 (2018) (describing the use of historical location searches and holding that obtaining a week’s worth of historical location information required a warrant). In contrast, geofence queries seek to identify previously unknown individuals whose location history demonstrates they were at a specific location, often a crime scene, at a specific time.25See Google Brief, supra note 5, at 2–3.
While companies such as Apple, Lyft, Snapchat, and Uber have received geofence warrants,26Albert Fox Cahn, This Unsettling Practice Turns Your Phone into a Tracking Device for the Government, Fast Co. (Jan. 17, 2020), https://perma.cc/S43C-583C. Google is the most frequent recipient because of its enormous repository of location data, and because it is the only provider known to have responded.27Alfred Ng, Geofence Warrants: How Police Can Use Protesters’ Phones Against Them, CNET (June 16, 2020, 9:52 AM), https://perma.cc/XY5C-CRGP; Valentino-DeVries, supra note 11. Unlike Google’s Android operating system, Apple’s iOS does not store user location data. Id. However, iPhone users are still likely to have their information included in location databases like Google’s through use of applications such as Google Search, Google Maps, or YouTube, which do record location data. Ng, supra. Google gathers its location data through its Android operating system, which enjoys a 70% global smartphone market share and runs on nearly 150 million U.S. smartphones.28Mobile Operating System Market Share United States of America, Statcounter (Apr. 2021), https://perma.cc/5EF9-CHXQ (60% iPhone domestic market share; 40% Android); Mobile Operating System Market Share Worldwide, Statcounter (Apr. 2021), https://perma.cc/8GBD-JB8S (20% iPhone global market share; 70% Android); Number of Android Smartphone Users in the United States from 2014 to 2021, STATISTA (Mar. 1, 2021), https://perma.cc/RS6C-PN89(133 million domestic Android users); see also United States v. Chatrie, No. 19-cr-00130, 2022 WL 628905, at *4–5 (E.D. Va. Mar. 3, 2022). Google also gathers location data through applications like YouTube, Google Search, or Google Maps running on non-Android operating systems—such as the iPhone’s Apple iOS operating system.29Jennifer Lynch, Google’s Sensorvault Can Tell Police Where You’ve Been, EFF (Apr. 18, 2019), https://perma.cc/AC94-3M6W; see also Chatrie, 2022 WL 628905, at *3. Given the ubiquity of the Android operating system and Google applications, Google possesses location information on “numerous tens of millions of Google users” in the United States.30In re Search of Info. Stored at Premises Controlled by Google, No. 20 M 297, 2020 WL 5491763, at *3 & n.3 (N.D. Ill. July 8, 2020) [hereinafter Premises Warrant] (finding that the government’s assertion that 97% of phones use Google applications or operating system was sufficient to demonstrate “likelihood” any given phone is interfacing with Google); McGriff Declaration, supra note 4, at 4. Google uses this data to target and evaluate advertisements, most often by verifying, through location tracking, a campaign’s effectiveness at driving customers to a specific store.31Chatrie, 2022 WL 628905, at *3; McGriff Declaration, supra note 4, at 4. Google’s data, gathered through “GPS signals, . . . nearby Wi-Fi networks, Bluetooth beacons, or cell towers,” tends to be more accurate than databases containing only cell site location information (“CSLI”)—which is gathered exclusively through cell phone towers.32McGriff Declaration, supra note 4, at 4. Of course, since it is gathered from cell towers, some of Google’s location data is CSLI. Id. Nonetheless, Google’s data is generally accurate to within only twenty meters.33Id. But see Chatrie, 2022 WL 628905, at *4 (explaining that in rare circumstances, “Google can estimate a device’s location down to three meters”).
Geofence queries proceed over a multi-stage process, as exemplified by Chatrie.34Id. at *9–10. Google currently requires three separate warrants over the course of the multi-stage geofence process. See id.; John C. Ellis, Jr., Google Data and Geofence Warrant Process, nlsblog.org (Jan. 8, 2021), https://perma.cc/V4UK-2FAE. In the first stage, officers perform an initial investigation to ascertain whether a geofence query is likely to be useful in identifying a suspect, and if so, make a request to a service provider like Google.35Chatrie, 2022 WL 628905, at *9; Chatrie Brief, supra note 1, at 2–3; Ellis, supra note 34. The enormous volume of queries received leads Google to frequently take longer than six months to respond, providing a strong incentive to avoid queries if perpetrators can be identified using traditional investigative techniques.36Valentino-DeVries, supra note 11. Google also charges law enforcement agencies $245 per geofence query, providing further incentive not to engage in unnecessary queries. Gabriel J.X. Dance & Jennifer Valentino-DeVries, Have a Search Warrant for Data? Google Wants You to Pay, N.Y. Times (Jan. 24. 2020), https://perma.cc/8RNW-WDAD. In the Chatrie case, officers pulled security footage which showed that the robber was holding a cell phone as he entered the bank.37Chatrie, 2022 WL 628905, at *10. The use of a cell phone during the robbery substantially increased the likelihood the robber would be included in Google’s location databases.38See id.; Chatrie Brief, supra note 1, at 2–3. Investigators therefore sought and secured a geofence warrant from a Virginia state magistrate requiring Google to disclose the Google IDs of users in the vicinity of the bank during the robbery.39Chatrie, 2022 WL 628905, at *11. The warrant sought the location data for every device present within a 150-meter radius of the bank from 4:20 p.m. to 5:20 p.m. on the day of the robbery.40Id. at *11.
In the second stage, the service provider responds to the initial request with anonymized data.41Id. at *10; Declaration of Sarah Rodriguez at 3, United States v. Chatrie, No. 19-cr-00130, 2022 WL 628905, (E.D. Va. Mar. 3, 2022) [hereinafter Rodriguez Declaration]. This data generally includes (1) anonymized user identifiers; (2) the date and time the device was in the geofence; (3) the approximate latitude and longitude of the device; (4) a measure of the provider’s certainty of the device’s location; and (5) the source of the location data (for example, GPS, CSLI, or Wi‑Fi).42Rodriguez Declaration, supra note 41, at 3. In the Chatrie case, Google initially provided anonymized data for nineteen accounts whose location data identified them as being near the bank during the robbery.43Id. at 5; Chatrie, 2022 WL 628905, at *13.
The third stage functions to identify devices relevant to the investigation and to discard from further consideration innocent bystanders.44Chatrie, 2022 WL 628905 at *10; Rodriguez Declaration, supra note 41, at 4. To this end, law enforcement can request additional anonymized location data on the identified devices describing each device’s movements immediately before and after it entered the geofence.45Chatrie, 2022 WL 628905, at *10; Rodriguez Declaration, supra note 41, at 4, 6 (“This additional contextual [location history] information can assist law enforcement in eliminating devices in the production that were not in the target location for enough time to be of interest, were moving through the target location in a manner inconsistent with other evidence, or otherwise are not relevant to the investigation.”). This additional span of location data falls far short of the seven-day cutoff triggering a warrant requirement under Carpenter. See Carpenter v. United States, 138 S. Ct. 2206, 2217 & n.3 (2018). For example, if a robber were known to have sped away from the crime scene, officers can determine which, if any, of the initially identified devices followed the robber’s movement patterns. The investigators in Chatrie eventually requested that Google anonymously analyze the movements of nine of the original nineteen devices.46Chatrie, 2022 WL 628905, at *14; Rodriguez Declaration, supra note 41, at 6.
In the final stage, investigators request the deanonymization of devices whose movements are consistent with those of the target, or who otherwise appear to be relevant to the investigation.47Chatrie, 2022 WL 628905, at *10; Rodriguez Declaration, supra note 41, at 4. The service provider then produces identifying information, such as the name and email associated with the account.48Chatrie, 2022 WL 628905, at *10; Rodriguez Declaration, supra note 41, at 4. After further investigation, officers requested the deanonymization of three accounts in Chatrie.49Chatrie, 2022 WL 628905, at *14. Of the three deanonymized accounts, investigators focused on Chatrie’s because his movement patterns matched those of the robber, records showed that he had recently purchased a nine-millimeter G2C Taurus semiautomatic handgun (matching the description of the gun used in the robbery), and because he owned a car of the same color, make, and model in which, according to witnesses, the robber fled the scene.50Chatrie Brief, supra note 1, at 3–4. A search of Chatrie’s residences uncovered robbery-style demand notes, the G2C Taurus handgun, and almost $100,000 in cash.51Id. Chatrie was charged with the armed robbery and filed a motion to suppress the geofence data.52Id. at 6.
Current Fourth Amendment doctrine requires the Court to balance competing and fundamental interests in “secur[ing] the Blessings of Liberty” against “establish[ing] Justice [and] insur[ing] domestic Tranquility.”53See U.S. Const. pmbl.;Carpenter v. United States, 138 S. Ct. 2206, 2214 (2018) (“[While] allowing warrantless searches incident to arrest ‘strikes the appropriate balance in the context of physical objects, neither of its rationales has much force with respect to’ the vast store of sensitive information on a cell phone.” (quoting Riley v. California, 573 U.S. 373, 386 (2014))). Justice Gorsuch, in hisCarpenter dissent, championed an originalist, property-based approach to the Fourth Amendment that sought to avoid such policy balancing.54See Carpenter, 138 S. Ct. at 2261 (Gorsuch, J., dissenting). This Part fleshes out Justice Gorsuch’s approach by breaking down the Fourth Amendment into its textual components.55There are also questions of the Amendment’s extraterritorial application and its applicability to non-citizens territorially present in the United States. See United States v. Verdugo-Urquidez, 494 U.S. 259 (1990). Notably, the Second Amendment uses the same phrase, “the people,” but has not been found to bar prosecution of aliens for the unlawful possession of a firearm under 18 U.S.C. § 922(g)(5), suggesting that the Fourth Amendment rights of aliens could be similarly curtailed. U.S. Const. amend. II; see United States v. Torres, 911 F.3d 1253 (9th Cir. 2019) (upholding § 922(g)(5) against a Second Amendment challenge). The originalist analysis begins with the Amendment’s text:
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.56U.S. Const. amend. IV.
The text thus establishes five separate components. First, for the Fourth Amendment to apply, the federal government57The Fourth Amendment may bind state and local governments through the Fourteenth Amendment. See Mapp v. Ohio, 367 U.S. 643 (1961) (incorporating the exclusionary rule through the Fourteenth Amendment’s Due Process Clause). But see Ilan Wurman, The Second Founding: An Introduction to the Fourteenth Amendment 140 (2020) (arguing that the Fourteenth Amendment does not directly incorporate the Fourth Amendment). must engage in a search or seizure.58U.S. Const. amend. IV (protecting “against unreasonable searches and seizures”). Second, that search or seizure must be of a person, house, paper, or effect.59Id. (securing “persons, houses, papers, and effects”). Third, the person or property of the complainant must be searched or seized.60Id. (shielding “their persons, houses, papers, and effects”) (emphasis added). Fourth, the search or seizure must either be reasonable in the absence of a warrant or be executed pursuant to a valid warrant.61Id. (applying only “against unreasonable searches and seizures”) (emphasis added). Finally, to be valid, a warrant must be particularized, supported by oath or affirmation, and based upon probable cause.62Id. (“[N]o Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”).
Applying these textual requirements to geofence queries, they are properly considered compelled production, not a search or seizure, and therefore fall outside the Fourth Amendment’s protection.63While this analysis demonstrates that under an originalist approach Carpenter was wrongly decided, Part III demonstrates that even under Carpenter’s reasonable expectation of privacy approach, geofence queries do not constitute Fourth Amendment searches and thus do not require warrants. See infraPart III. Because they do not constitute Fourth Amendment searches, geofence queries can be carried out with ordinary subpoenas and do not require warrants. Any question of the application of warrant concepts such as “probable cause” or “particularity” to geofence queries is therefore constitutionally irrelevant.
The words “search” and “seizure” have the same linguistic meaning today as in 1789.64See Carpenter v. United States, 138 S. Ct. 2206, 2238 (2018) (Thomas, J., dissenting) (identifying Framing-era definitions for “search”: “[t]o look over or through for the purpose of finding something; to explore; to examine by inspection” and “a seeking after, a looking for, & c.”) (citations omitted); 2 John Ash, The New and Complete Dictionary of the English Language (1775) (defining seizure as “the act of taking possession by force of law”); Noah Webster, An American Dictionary of the English Language 66 (1828) (defining seizure as “[t]he act of taking possession by force; as the seizure of lands or goods” and “[t]he act of taking by warrant; as the seizure of contraband goods”); Search, Merriam-Webster, https://perma.cc/W7MJ-YAGP (defining search as “to look into or over carefully or thoroughly in an effort to discover something”); Seizure, Merriam-Webster,https://perma.cc/SEB8-QAKS (defining seizure as “the taking possession of person or property by legal process”). It should be noted, however, that for a government action to be a Fourth Amendment search requiring a warrant, rather than merely a colloquial “search,” the action must meet every requirement of the Fourth Amendment.65For example, a “search” of something other than “persons, houses, papers, or effects” is not a Fourth Amendment search requiring a warrant. See U.S. Const. amend. IV. Given the breadth of definitions for “search,” including “look[ing] over or through for the purpose of finding something,”66Carpenter, 138 S. Ct. at 2238 (Thomas, J., dissenting) (quoting Kyllo v. United States, 533 U.S. 27, 32 n.1 (2001)). almost every direct evidence-gathering step a government official could take would likely qualify as a colloquial search or seizure. Bugging Olmstead’s line,67Olmstead v. United States, 277 U.S. 438, 456–57 (1928). listening in on Katz’s calls,68Katz v. United States, 389 U.S. 347, 348 (1967). attaching a GPS-tracker to Jones’s car,69United States v. Jones, 565 U.S. 400, 402–03 (2012). scanning Kyllo’s home,70Kyllo, 533 U.S. at 29–30. tracking Knotts with a beeper,71United States v. Knotts, 460 U.S. 276, 278–79 (1983). flying over Riley’s greenhouse,72Florida v. Riley, 488 U.S. 445, 448 (1989). and even gazing at Hester’s bootlegging operation from an open field73Hester v. United States, 265 U.S. 57, 58 (1924). would all meet the textual definition of a “search.” This is so even if some do not require a warrant because they do not meet the other requirements for the application of the Fourth Amendment’s warrant requirement.
In contrast with these investigative techniques, subpoenas or equivalent orders that require the recipient to turn over evidence to which he already had access did not constitute searches or seizures at the time of the Founding.74Carpenter v. United States, 138 S. Ct. 2206, 2247–52 (2018) (Alito, J., dissenting) (explaining that because of the lack of physical intrusion involved in the issuance of a subpoena, they were not considered searches and were not subject to a probable cause requirement at common law, nor were they restricted by the Fourth Amendment); see also Christopher Slobogin, Subpoenas and Privacy, 54 DePaul L. Rev. 805, 812–15 (2005) (advancing common law history of subpoenas demonstrating that any restrictions on their use stemmed from self-incrimination concerns, not the belief subpoenas constituted searches or seizures). Thus, ordering Sprint to turn over location data,75Carpenter, 138 S. Ct. at 2212. ordering a bank to turn over records,76United States v. Miller, 425 U.S. 435, 437–38 (1976). or ordering an internet service provider (“ISP”) to turn over emails,77United States v. Warshak, 631 F.3d 266, 282 (6th Cir. 2010). should not constitute Fourth Amendment searches under an originalist approach.
While subpoenas directed to third parties requiring them to turn over evidence they already possess should not be considered Fourth Amendment searches, the government is not permitted to dragoon private actors into investigating crime or gathering new evidence. The Court in United States v. Jacobsen78466 U.S. 109 (1984). made clear that the Fourth Amendment applies to the actions of private individuals when they are engaged in searches or seizures as agents of the government, or with the knowledge and participation of government officials.79Id. at 113–16 (refusing to apply the Fourth Amendment to the search of a package by FedEx personnel revealing “a suspicious looking plastic bag of white powder” because the search was not conducted at the direction of the government). The critical distinction is thus between turning over existing evidence and gathering new evidence at the behest of the government.
One commentator mistakenly attempts to apply this line of reasoning to geofence queries by arguing that, unlike historical CSLI searches, which “merely ask for information that phone companies already collect, compile, and store,” geofence queries require the provision of “new and refined datasets.”80Warrant Note, supra note 9, at 2516–18. This argument is particularly ironic given that some Google location data is CSLI. See McGriff Declaration, supra note 4, at 4–5. Through rhetorical legerdemain, they attempt to transmogrify what has always been required of a subpoena recipient—searching through the papers and effects under their control and presenting only those responsive to the subpoena—into not just a Fourth Amendment search, but a categorically impermissible “general warrant.”81See Warrant Note, supra note 9, at 2516–18; see also Miller, 425 U.S. at 437. In United States v. Miller,82425 U.S. 435 (1976). the defendant’s bank was presented with a subpoena commanding the production of “all records of accounts, [i].e., savings, checking, loan or otherwise” associated with Miller.83Id. at 437. Those records, like Google’s location data, already existed. Forcing the bank to search its records and produce those responsive to the government’s request did not constitute a search then, and certainly cannot be transformed into a “general warrant” today.84Id. at 443, 446. While the selection and arrangement of papers in response to a subpoena may raise Fifth Amendment compelled testimony concerns,85Under the “Act of Production Doctrine,” recipients of subpoenas can refuse to provide documents under the Fifth Amendment privilege against self-incrimination if production would implicitly communicate statements of fact. See United States v. Hubbell, 530 U.S. 27, 36 (2000) (“By ‘producing documents in compliance with a subpoena, the witness would admit that the papers existed, were in his possession or control, and were authentic.’” (quoting United States v. Does, 465 U.S. 605, 613 n.11 (1984))); see also Slobogin, supra note 74, at 812–14 (identifying historical basis for self-incrimination concerns). This doctrine is inapplicable to queries because turning over geofence data does nothing to incriminate the service provider. it does not constitute a search.86See Green v. Berge, 354 F.3d 675, 680 (7th Cir. 2004) (Easterbrook, J., concurring); see also Erin Murphy, Back to the Future: The Curious Case of United States v. Jones, 10 Ohio St. J. Crim. L. 325, 330–31 (2012) (“Current Fourth Amendment law emphasizes acquisition . . . . It cares little for what happens next—to what use that information is put.”); Jack M. Balkin, The Constitution in the National Surveillance State, 93 Minn. L. Rev. 1, 20 (2008) (“[B]ecause the Fourth Amendment focuses on searches and seizures, it places few limits on collation and analysis.”).
Even if a court determined that the status of subpoenas was unclear at common law,87See Carpenter v. United States, 138 S. Ct. 2206, 2271 (2018) (Gorsuch, J., dissenting) (“But the common law of searches and seizures does not appear to have confronted a case where private documents equivalent to a mailed letter were entrusted to a bailee and then subpoenaed.”). it should not hold that the Fourth Amendment applies to geofence queries. To bear the burden of invalidating a government practice on originalist grounds requires demonstrating it was constitutionally prohibited at the Founding.88See Salazar v. Buono, 559 U.S. 700, 721 (2010) (plurality opinion) (“Respect for a coordinate branch of Government forbids striking down an Act of Congress except upon a clear showing of unconstitutionality.”); United States v. Morrison, 529 U.S. 598, 607 (2000) (“Due respect for the decisions of a coordinate branch of Government demands that we invalidate a congressional enactment only upon a plain showing that Congress has exceeded its constitutional bounds.”); United States v. Harris, 106 U.S. 629, 635 (1883) (“Proper respect for a co-ordinate branch of the government requires the courts” to strike down an Act of Congress only if “the lack of constitutional authority to pass [the] act in question is clearly demonstrated.”);The Federalist No. 78, at 394 (Alexander Hamilton) (Ian Shapiro ed., 2009) (explaining that judicial invalidation of statute’s would only occur where there was an “irreconcilable variance” between the statute and the Constitution). Without proof that the Fourth Amendment was affirmatively understood to apply to subpoenas, there is insufficient originalist evidence to justify judicial intervention.
The definitions of “persons,”89See Ash, supra note 64 (defining person as “[a]n individual, a man, a woman”); Webster, supra note 64 (defining person as “[a]n individual human being consisting of body and soul”). “houses,”90See Ash, supra note 64 (defining home as “[a] person’s own house, a man’s dwelling, a man’s own country, the place of constant residence” and house as “the building in which a person lives, a place of abode; an edifice, a building”); Webster, supra note 64 (defining home as “[a] dwelling house; the house or place in which one resides. He was not at home. . . .” and house as “a building or edifice for the habitation of man; a dwelling place, mansion or abode for any of the human species”). “papers,”91See Ash, supra note 64 (defining paper as “a sheet printed or written”); Webster, supra note 64 (defining paper as “[a]ny written instrument”). The definition of papers encompasses digital documents. At the Framing, papers were written instruments, and “writing” was not limited to inscribing on a physical piece of paper. Writing encompassed “the act or art of forming letters and characters, on paper, wood, stone or other material[s].” Id. Thus, any medium containing recorded figures and symbols—from a Google Doc to graven tablet—qualifies as a protectable paper. and “effects”92See Samuel Johnson, A Dictionary of the English Language (London, J.F. & C. Rivington et al., 10th ed. 1792) (defining effects as “goods; moveables”); William Perry, The Royal Standard English Dictionary (1st Am. ed. 1788) (defining effects as “goods, moveables, possessions”); Webster, supra note 64 (defining effects as “goods; movables; personal estate”). have likewise remained constant since the Framing. In modern parlance, the Fourth Amendment protects our bodies, residences, documents, and personal property. These definitions support the validity of Justice Gorsuch’s property-based vision of the Fourth Amendment. While almost every form of an individual’s physical and digital property is protected,93One prominent exception may be commercial property, which is protected by current doctrine, but which may not be covered by original meaning. Compare Marshall v. Barlow’s, Inc., 436 U.S. 307, 311 (1978) (relying on “colonial experience” to hold that the Fourth Amendment “protects commercial buildings as well as private homes”), with supra note 90 (suggesting the definition of “houses” at the Framing did not include structures other than personal residences). While it may seem strange to exclude ships and commercial buildings from the Fourth Amendment’s protection, the “colonial experience” demonstrated that the Framers were particularly incensed by the use of general warrants to invade private homes, which enjoyed a unique status. See Thomas Y. Davies, Recovering the Original Fourth Amendment, 98 Mich. L. Rev. 547, 601–08, 642–50 (1999) (explaining the importance of the home at common law and describing how James Otis, the leading critic of general warrants, attacked them as violating the “Privilege of the House,” even though his merchant clients had every reason to complain of searches of their vessels and warehouses). Careful textual parsing of such provisions is likewise demonstrated by Jones v. Gibson, 1 N.H. 266 (1818), where a New Hampshire court held that a statute prohibiting warrantless searches of a “ship, vessel, dwelling house, store, building, or other place” did not cover a warrantless search of a stagecoach because, in contrast with the covered places, stagecoaches were not locations where the target “ha[s] the exclusive right of possession and privacy.” Id. at 272. the Fourth Amendment’s protection should not be understood as extending to many of the intangible interests protected under the reasonable expectation of privacy test because they are not grounded in property.94See Kerr, supra note 20, at 1062–69 (making clear that the focus of the Fourth Amendment is physical intrusion, not violation of intangible privacy interests). Despite this limitation, because it can be ultimately reduced to written information, location data, whether gathered through a beeper, GPS tracker, or cell phone, is properly conceived of as a paper protected by the Fourth Amendment.95Google location data, like CSLI, is just a collection of recorded coordinates and times, meaning it fits squarely within the category of “papers,” regardless of how it is gathered. See supra note 91.
While property is a fuzzy concept, particularly in the digital context, scholars have recognized the fundamental importance of the right to exclude in delineating digital property rights.96See generally 2 William Blackstone, Commentaries *2 (defining property as “that sole and despotic dominion which one man claims and exercises over the external things of the world, in total exclusion of the right of any other individual in the universe”); Natalie M. Banta, Property Interests in Digital Assets: The Rise of Digital Feudalism, 38 Cardozo L. Rev. 1099 (2018) (discussing the difficulty of applying property concepts in the digital realm); Thomas W. Merrill, Property and the Right to Exclude II, 3 Brigham-Kanner Prop. Rts. Conf. J. 1, 2 (2014) (discussing the right to exclude as “the critical attribute differentiating property from other social institutions”); Michael J. O’Connor, Digital Bailments, 22 J. Con. L. 1271 (2020) (focusing on the right to exclude as fundamental to the Framers’ conception of property rights and arguing that it is the right to exclude others that renders something property for Fourth Amendment purposes). The preeminent importance of the right to exclude has also been repeatedly recognized by the Supreme Court.97Cedar Point Nursery v. Hassid, 141 S. Ct. 2063, 2072 (2021) (“In less exuberant terms, we have stated that the right to exclude is ‘universally held to be a fundamental element of the property right,’ and is ‘one of the most essential sticks in the bundle of rights that are commonly characterized as property.’” (quoting Kaiser Aetna v. United States, 444 U.S. 164, 176, 179–80 (1979))). If a mere access to data and minimal rights preventing disclosure rendered data property,98See Carpenter v. United States, 138 S. Ct. 2206, 2272 (2018) (Gorsuch, J., dissenting) (musing that “some right to include, exclude, and control [data] use” might “rise to the level of a property right”). almost any data would meet that test.99See generally, Orin S. Kerr, A User’s Guide to the Stored Communications Act, and a Legislator’s Guide to Amending It, 72 Geo. Wash. L. Rev. 1208, 1209–22 (2004) (describing data regulation by the Stored Communications Act); O’Connor, supra note 96, at 1291–309 (describing pervasive regulation of data providing constraints on disclosure); Courtney C. Seitz, The Third-Party Doctrine: Perpetuation by Privacy Policies, 34 Notre Dame J.L. Ethics & Pub. Pol’y 421, 437, 442–45 (2020) (explaining that privacy policies expansively granting service providers the right to collect and utilize user data diminish both the user’s reasonable expectation of privacy in the data and the claim that the data is truly “theirs” and being held for them as a bailee by the service provider). In the digital realm, factors demonstrating a genuine property interest could include: (1) a right to exclude, (2) a right to possess,100Defined as “control over” and “intent to own” something. See Banta, supra note 96, at 1116 (citing Act of Possession, Black’s Law Dictionary (10th ed. 2014)). (3) a right to use, (4) a right to transfer, (5) a right to devise, and (6) a right to delete or destroy data.101See generally Banta, supra note 96, at 1108–30 (advocating focus on rights to exclude, possess, use, transfer, and devise); Daniel Martin, Note, Dispersing the Cloud: Reaffirming the Right to Destroy in a New Era of Digital Property, 74 Wash. & Lee L. Rev. 467, 496–501 (2017) (emphasizing the importance of the right to delete and destroy digital data); O’Connor, supra note 96, at 1286–317 (focusing on the right to exclude). These factors must be analyzed, and firms should not be permitted to create illusory property interests to avoid compliance with government requests.102Nor should they be permitted to disclaim bailments that are otherwise present. See Danielle D’Onfro, The New Bailments, 97 Wash. L. Rev. (forthcoming 2022) (revealing that some privacy agreements explicitly disclaim the creation of a bailment). For example, merely stating that individuals possess a property interest in electronic information should not be sufficient to create a bailment triggering Fourth Amendment protection.103A bailment requires real property rights, such as those demonstrated in Google’s cloud storage terms of service. Carpenter, 138 S. Ct. at 2242 (Thomas, J., dissenting) (“You retain ownership of any intellectual property rights that you hold in that content. In short, what belongs to you stays yours.” (quoting Google Terms of Service, Google (October 25, 2017), https://perma.cc/5QFH-6HUS)). The analogy follows from physical property. No court would permit the creation of an illusory property interest in physical property granting no right to use, exclude, or transfer, but permitting a Fourth Amendment challenge.
In order to apply these principles in the digital context, Google Drive cloud storage can be contrasted with Google location data. Unlike geofence data, there is a clear property right in digital cloud storage.104D’Onfro, supra note 102 (describing cloud data storage and concluding that providers meet the common law requirements to be considered bailees); O’Connor, supra note 96, at 1312 (same). Cloud storage providers such as Google generally lack the ability to use the stored content for their own ends, while users retain intellectual property rights in the data, as well as the rights to exclude, possess, use, transfer, devise, and delete, rendering providers like Google bailees in the cloud storage context.105See Banta, supra note 96, at 1105 (“Google, for example, specifically states that ‘[s]ome of our Services allow you to upload, submit, store, send or receive content. You retain ownership of any intellectual property rights that you hold in that content.’” (quoting Google Terms of Service, supra note 103)); D’Onfro, supra note 102, at 22 (“The [stored] file is a distinct thing over which a person or entity has control. This control has the typical attributes of ownership: the right to exclude, use, alienate, and even destroy.”); Raspal Chima, Cloud Security—Who Owns The Data?, Blueberry Consultants (Sept. 19, 2016), https://perma.cc/7VR6-P4EN(detailing the policies of major cloud storage providers); see also Carpenter, 138 S. Ct. at 2242 (Thomas, J., dissenting).
In contrast, and despite Google’s efforts to argue to the contrary,106See Google Brief, supra note 5, at 6. there is no true property interest in Google location data. From the moment of its creation, the data belongs to Google, not the user.107See United States v. Chatrie, No. 19-cr-00130, 2022 WL 628905, at *4 (E.D. Va. Mar. 3, 2022) (“Once a user opts into Location History, Google is ‘always collecting’ data and storing all of that data in its vast Sensorvault, even ‘if the person is not doing anything at all with [his or her] phone.’” (quoting Transcript of Motion to Suppress at 114–15, United States v. Chatrie, No. 19-cr-00130, 2022 WL 628905 (E.D. Va. Mar. 3, 2022))). Google audaciously attempts to paint its location tracking as a “journal”-like service in and of itself.108See McGriff Declaration, supra note 4, at 2. But location data is gathered for Google’s pecuniary benefit,109See Chatrie, 2022 WL 628905, at *3; McGriff Declaration, supra note 4, at 4–5. not to beneficently help users remember their digital advertisement-prompted visits to the Gap. Google advances no evidence that users are genuinely interested in the journal “service.”110See generally Google Brief, supra note 5. Google itself admits that users must consent to autonomous harvesting of location data so they can fully use other Google services, like Google Maps.111See McGriff Declaration, supra note 4, at *1. Google’s practice of repeatedly prompting users who have not yet acceded to location harvesting “to opt into Location History multiple times across multiple apps” has been stridently criticized. See also Chatrie, 2022 WL 628905, at *4 & n.11 (citing Forbrukerrådet, Every Step You Take 28 (2018), https://perma.cc/2ZPN-Y4NM). While Google claims to have reformed its practices, it previously tracked location data even when users believed they had turned off tracking.112See Chatrie, 2022 WL 628905, at *7; In re Google Location Hist. Litig., 428 F. Supp. 3d 185, 191 (N.D. Cal. 2019) (finding that Google captured location data even when “Location History” was turned off by users); Complaint for Injunctive and Other Relief at 42–44, Arizona v. Google LLC, CV2020-006219, 2020 WL 2789903, (Ariz. Super. Ct. May 27, 2020) [hereinafter Arizona Complaint]. Google’s own employees believed the system was “confusing” to users and “designed to make [opting out] possible, yet difficult enough that people won’t figure it out.”113State’s Motion for Partial Summary Judgment at 1, Arizona v. Google LLC, CV2020-006219, 2020 WL 2789903, (Ariz. Super. Ct. Aug. 25, 2020). Were users genuinely interested in this wonderful journal service, one wonders why Google would go to such lengths to deceive them. Further underscoring the lack of a property right, attempting to delete location data is possible, but takes technical savvy and laborious effort.114Chatrie, 2022 WL 628905, at *7–8; Ryan Nakashima, Google Tracks Your Movements, Like It or Not, AP (Aug. 13, 2018), https://perma.cc/8KVK-RDUU. Moreover, “deleting” location data from a user’s Google account did not actually delete the data, instead it merely “start[ed] the process of removing it from the product and [Google’s] systems.”115Arizona Complaint, supra note 112, at 33–34. This runs fundamentally counter to the common law right to destroy, demonstrating that users have no true property interest in the data.116See generally Martin, supra note 101 (describing the ancient origins and common law pedigree of the right to “destroy,” its status as a fundamental property right, and the lack of a right to destroy with regards to most digital data).
In his Carpenter dissent, Justice Gorsuch raised the possibility that the pervasiveness of location-tracking technology justified the judicial recognition of “involuntary bailment[s].”117Carpenter v. United States, 138 S. Ct. 2206, 2270 (2018) (Gorsuch, J., dissenting). This concept is, however, inapposite to geofence data. An involuntary bailment refers to an accidental or involuntary acquisition of another’s property.11819 Richard A. Lord, Williston on Contracts § 53:9 (4th ed. 1990 & Supp. 2016); see William King Laidlaw, Principles of Bailment, 16 Cornell L. Rev. 286, 300 (1931) (approving of a court’s statement that “[w]here one becomes possessed of another’s goods by chance or accident, no bailment obligation will arise unless the possessor is aware and has knowledge of the fact that goods have come into his possession which belong to another’” (quoting Krumsky v. Loeser, 75 N.Y.S. 1012, 1013 (App. Term 1902))). Rather than being acquired accidently, location data is deliberately and aggressively sought by firms for their pecuniary benefit.119See supra note 4. More critically, bailments involve coming “into lawful possession of the personal property of another,”120Christensen v. Hoover, 643 P.2d 525, 529 (Colo. 1982) (en banc); see Laidlaw, supra note 118, at 293 (“Lawful possession of the property of another is generally admitted to be one of the requisites of a bailment.”). but location data was never the property of the user, and from the moment of its inception constituted the property of the service provider. In the absence of concrete evidence demonstrating data gathering by a third party would have constituted a bailment at the Founding, the burden of demonstrating that the Fourth Amendment applies has not been met.121See generally D’Onfro, supra note 102 (questioning whether bailments applied to intangible goods at common law). For example, it seems unlikely that the common law would have granted George Washington an “involuntary bailment” in the reports of a British spy surreptitiously recording his movements.
The originalist evidence is least clear on the Fourth Amendment’s prohibition of “unreasonable” searches and seizures.123U.S. Const. amend. IV. The Founders, scarred by the experience of general warrants and writs of assistance that contravened the historic protections of the common law, would likely have been motivated to ensure the inviolability of these protections to shield future generations.124See Laura K. Donohue, The Original Fourth Amendment, 83 U. Chi. L. Rev. 1181, 1196–212, 1269–71 (2016) (explaining the illegality of general warrants under the common law and describing Lord Coke as ruling such violations to be “against reason”); see also Davies, supra note 93, at 619–68. Scholars thus argue that the phrase “unreasonable” in the Fourth Amendment meant “against the reason of the common law,” thus doing no more, and no less, than incorporating the common law’s search and seizure rules.125E.g., Donohue, supra note 124, at 1269–76; see also Davies, supra note 93, at 686–724. Others conclude the term was intended to permit judicial updating based on an evolving conception of what is “reasonable.” E.g., Telford Taylor, Two Studies in Constitutional Interpretation 42–47 (1969); Akhil Reed Amar, Fourth Amendment First Principles, 107 Harv. L. Rev. 757, 801 (1994).
The common law rules applicable at the Founding are far too extensive to describe here, but it bears emphasizing that the common law, rather than abstract policy balancing, is the source of doctrines like search incident to arrest126Riley v. California, 573 U.S. 373, 404–06 (2014) (Alito, J., concurring in part and concurring in the judgment); George C. Thomas III, The Common Law Endures in the Fourth Amendment, 27 Wm. & Mary Bill Rts. J. 85, 101–04 (2018) (explaining the search incident to arrest doctrine’s common law pedigree). and the knock-and-announce rule.127Wilson v. Arkansas, 514 U.S. 927, 931–36 (1995) (describing the common law origins of the requirement to announce). Thus, under an originalist approach, the law enforcement benefits and minimal privacy intrusions represented by geofence queries are irrelevant to whether they constitute Fourth Amendment searches. If geofence queries constituted Fourth Amendment searches, which they do not, reasonableness would, however, be relevant in the case of an application of a common law warrant exception, for example, a geofence query carried out under exigency.128See Brigham City v. Stuart, 547 U.S. 398, 400, 403, 406 (2006); 5 Matthew Bacon, A New Abridgement of the Law 177–79 (6th ed. 1793); William Nelson, The Office and Authority of a Justice of Peace 148 (1704) (constables “may break open the Doors to see the Peace kept” without a warrant); Thomas, supra note 126, at 101 n.152.
This Article’s primary focus is demonstrating that geofence queries do not require warrants. However, if investigators opt to seek warrants to avoid litigating whether geofence queries constitute Fourth Amendment searches, probable cause and particularity should be relatively easy to establish with the “same choice statistics and cases about cell phone usage.”129But see Warrant Note, supra note 9, at 2521–28 (footnote omitted) (arguing for an overly stringent interpretation of particularity and probable cause based on reasonableness balancing and policy concerns with geofence queries). Prosecutors have likely already developed form-warrants clearly specifying the precise data sought on identified targets and incorporating statistics on the ubiquity of cell phones and the omnipresence of service providers like Google.130See generally Google Brief, supra note 5, at 13–14 (“Here, for example, the government requested a second round of anonymized [location history] information showing where certain users moved during an extended period of time 30 minutes before and 30 minutes after the original timeframe.”). No more should be required.
Establishing probable cause for a search requires only a demonstration of a “fair probability that contraband or evidence of a crime will be found.”131Illinois v. Gates, 462 U.S. 213, 238 (1983). In the geofence context, this requires a demonstration of a fair probability that the target’s information will be returned by the geofence query. There are three primary reasons why a target would not be included in a geofence query despite their actual presence at the scene. First, they may not have been carrying a cell phone, or a similar device such as an iPad, while present at the scene. Second, they may not have been using an application, operating system, or service with the capacity to track their location. Finally, they may have successfully prevented the service provider from tracking their location or caused the provider to delete the data after the fact.
Given the pervasiveness of smartphones, recognized by the Court in Riley132Riley v. California, 573 U.S. 373, 385–86, (2014) (“[C]ell phones . . . are now such a pervasive and insistent part of daily life that the proverbial visitor from Mars might conclude they were an important feature of human anatomy. A smart phone of the sort taken from Riley was unheard of ten years ago; a significant majority of American adults now own such phones.”); id. at 395 (“[N]early three-quarters of smart phone users report being within five feet of their phones most of the time, with 12% admitting that they even use their phones in the shower.”). and Carpenter,133Carpenter v. United States, 138 S. Ct. 2206, 2211, 2218–20 (2018) (“There are 396 million cell phone service accounts in the United States—for a Nation of 326 million people.”). there will almost invariably be a “fair probability” that a query target was carrying a phone or similar device when in the geofence.134Warrant Note, supra note 9, at 2524 (recognizing that “[b]ecause ‘it is rare to search an individual in the modern age . . . and not find a cell phone on the person,’ it is reasonable to believe that the perpetrator’s phone data can be found in [geofence] records” (quoting In re Search Warrant Application for Geofence Location Data Stored at Google Concerning an Arson Investigation, 497 F. Supp. 3d 345, 356 (N.D. Ill. 2020))). The question of whether the target’s location data is included in the databases of the service provider to whom the geofence request is made then depends on the ubiquity of that provider’s services and the ease with which users can prevent tracking or delete their data.
Unless there is evidence indicating that the target was affirmatively not carrying a cell phone or otherwise avoiding location tracking—at least for significant providers like Google or one of the three major mobile telecoms—there will normally be a fair probability a geofence query will reveal evidence of crime.135See United States v. James, No. 18-cr-216, 2019 WL 325231, at *3 (D. Minn. Jan. 25, 2019) (relying on the widespread use of cell phones to find probable cause solely from proof that a crime was committed within the coordinates). The Supreme Court has embraced exactly this sort of probabilistic reasoning in assessing whether reasonable suspicion exists. See Kansas v. Glover, 140 S. Ct. 1183, 1188–91 (2020) (holding that the mere fact that the registered owner of a vehicle had a suspended license was sufficient grounds to perform an investigative stop based on the probability that the owner of the vehicle was driving it with a suspended license). While the Court has sometimes demonstrated skepticism of purely probabilistic reasoning,136See Gates, 462 U.S. at 232 (“[P]robable cause is a fluid concept—turning on the assessment of probabilities in particular factual contexts—not readily, or even usefully, reduced to a neat set of legal rules.”); see also Florida v. Harris, 568 U.S. 237, 243–45 (2013) (holding that probable cause determinations require the court to look at the totality of the circumstances); Maryland v. Pringle, 540 U.S. 366, 371 (2003) (“The probable-cause standard is incapable of precise definition or quantification into percentages because it deals with probabilities and depends on the totality of the circumstances.”). But see Glover, 140 S. Ct. at 1188–90 (approving of probabilistic reasoning in the reasonable suspicion context). statistics demonstrate a fair probability that Google will have location data on the target of a geofence query. Eighty-five percent of Americans own a smartphone, and Google enjoys a 40% domestic market share (compared with 60% for Apple).137See Mobile Fact Sheet, Pew Rsch. Ctr. (Apr. 7, 2021), https://perma.cc/3AF4-WA8S (noting smartphone ownership as of February 2021); Mobile Operating System Market Share United States of America, Statcounter, https://perma.cc/HM9P-WN5T (noting smartphone operating system data as of February 2021). This means that 34% of Americans own an Android smartphone while 51% own an iPhone. If Google has location data on almost all Android users (30%) and half of iPhone users (25%),138See Lynch, supra note 29 (explaining that geofencing “relies on detailed location data collected by Google from most Android devices as well as iPhones and iPads that have Google Maps and other apps installed”); McGriff Declaration, supra note 4, at 2–3 (“On iOS devices, the user must further configure her mobile device to share location information by granting the required device-level application location permission.”). then Google has location information on 55% of Americans, meeting the preponderance standard, and thus by definition satisfying the lower probable cause test.139See also In re Search of Info. Stored at Premises Controlled by Google, No. 20 M 297, 2020 WL 5491763, at *3–4, *3 n.3 (N.D. Ill. July 8, 2020) (agreeing that a suspect’s phone data would be included in a warrant served on Google because of the “likelihood ‘that at any given time, a mobile telephone . . . is interfacing in some manner with a Google application, service, and/or platform”); McGriff Declaration, supra note 4, at 4 (revealing that Google has location data on at least a third of Google users). This lower-bound estimate of 33% should also qualify as a “fair probability” meeting the probable cause test. Similar statistics for the cell phone industry demonstrate that AT&T, Verizon, and T-Mobile have location data on 44%, 29%, and 24% of Americans, respectively.140AT&T has a 45% domestic cell phone market share, while Verizon has a 30% market share, and T-Mobile a 25% market share. Simon O’Dea, Wireless Subscriptions Market Share by Carrier in the U.S., Statista (Oct. 22, 2021), https://perma.cc/2NWL-XAZ9. 97% percent of American adults own a cell phone, Mobile Fact Sheet, supra note 137, and all cell phone users generate CSLI, United States v. Carpenter, 138 S. Ct. 2206, 2220 (2018), so AT&T has location data on 44% of Americans, while Verizon has such data on 29%, and T-Mobile on 24%. These significant probabilities should also be sufficient to meet the “fair probability” probable cause standard. In contrast, for providers with only a minimal market share, or where there is evidence demonstrating large majorities of their customers avoid location tracking, the probable cause standard will not generally be met. Investigators will also need to include sufficient evidence establishing probable cause that a crime took place in the geographic and temporal coordinates defining the geofence, which should be easily accomplished.141See Warrant Note, supra note 9, at 2524 (“Evidence of a crime is likely available in a private company’s location history database only insofar as law enforcement requests data associated with a particular time and place. The government must thus establish probable cause for the time and geographic area delineated by the geofence warrant. The time and place of the crime are necessarily known by law enforcement, giving rise to probable cause to search the relevant area.” (footnote omitted)).
The district court in Chatrie erred in requiring individualized probable cause “to [s]earch [e]very Google [u]ser [w]ithin the [g]eofence.”142United States v. Chatrie, No. 19-cr-00130, 2022 WL 628905, at *20 (E.D. Va. Mar. 3, 2022). Even if courts were to mistakenly conclude that a geofence query is a search, a geofence query would constitute only a single search of a single “paper”—the location database. The search warrant standard requires only that there be a fair probability that evidence will be found somewhere in the place to be searched.143Illinois v. Gates, 462 U.S. 213, 238 (1983). For this reason, officers may search a house based on probable cause it contains evidence of a crime, without probable cause to believe an occupant, let alone every occupant, is engaged in criminality.144Orin S. Kerr, The Fourth Amendment and Geofence Warrants: A Critical Look at United States v. Chatrie, Volokh Conspiracy (Mar. 11, 2022, 4:38 PM), https://perma.cc/6LJA-XCFM. Likewise, officers don’t need individualized probable cause for every page, sentence, or word of a record, nor for every row, column, or cell of a spreadsheet.145Id. They require probable cause only that the paper as a whole contains the evidence they seek. Because the district court conceded that “a fair probability may have existed that the Geofence Warrant would generate the suspect’s location information,” there was probable cause for the search.146Chatrie, 2022 WL 628905, at *21 (emphasis omitted). But rather than accepting the existence of probable cause, the district court improperly viewed a single geofence query as numerous individualized searches.147See id. at *20–24.
A historical analogy is helpful in explaining the illogic of treating a query as multiple searches. Imagine that a punctilious Philadelphia merchant was widely known for keeping a journal detailing the crew, cargo, and movements of every ship that traversed the port’s harbor. And suppose that early American officials intercepted a message indicating that the captain of a ship which had departed from the port on a specific date and at a specific time was a spy for the British. Officers would clearly have probable cause to seize the diary because it would permit them to identify the spy. But doing so would require reading through the description of many innocent ships and captains to locate the one captain who fit the spy’s description. Because the officers engaged only in a single seizure of a single “paper,” they would not be required to retroactively demonstrate probable cause for every innocent ship and captain described within the diary. And the same holds true of a geofence query.
If a warrant is used to seek geofence data, the “place to be searched”148U.S. Const. amend. IV. is only the service provider and its databases, not the physical coordinates referenced in the geofence query.149But see Warrant Note, supra note 9, at 2525–27 (describing the particularity requirements for geofence warrants). A similar historical analogy demonstrates the illogic of an abstract or metaphorical interpretation of “place to be searched.” Imagine this time that early American authorities wished to seize the diary of a notorious smuggler, detailing his globe-trotting criminal adventures. Even if the diary detailed rum-running in Barbados or the purchase of illicit cheese in France, the place to be searched would remain the location of the diary itself, not the far-flung locales described within. The same principle applies to geofence data. While the database may contain valuable evidence of a bank robbery in Virginia or an arson in Illinois, the place to be searched remains the location database. Likewise, describing the “things to be seized”150U.S. Const. amend. IV. should only require listing the desired information, usually the name and email addresses of individuals found to be within the geofence.
While several Justices have expressed interest in an originalist re-examination of the Fourth Amendment, a fully originalist approach has not yet been adopted by the Court.151Professor Orin Kerr has recently argued that, properly understood, the reasonable expectation test comports with an originalist approach to constitutional interpretation. Under Kerr’s view, the test should focus on ensuring that evolving technology does not undermine the Fourth Amendment’s core protection against physical intrusion by the government. Regardless of how persuasive one finds Professor Kerr’s argument for the reasonable expectation test as originalism, he compellingly makes the case that the core of both the original Fourth Amendment and the reasonable expectation test is protection from government intrusion. Kerr, supra note 20, at 1163–84. In stark contrast, compelled production is not protected by the Fourth Amendment, strengthening the argument that under both an originalist and reasonable expectation perspective, geofence queries should not be considered Fourth Amendment searches because they result in nothing even approximating a physical intrusion. Nonetheless, even under the current reasonable expectation of privacy test, applied by the Court since Katz, geofence queries are not Fourth Amendment searches and thus do not require a warrant.152In other words, while Carpenter was likely wrong as a matter of original public meaning, even under the reasonable expectation test and the reasoning articulated in Carpenter, geofence queries are not Fourth Amendment searches. Thus, holding that geofence queries do not require a warrant would not even require overturning Carpenter or abandoning the reasonable expectation test. Under the reasonable expectation of privacy test, whether an evidence gathering technique requires a warrant depends on the reasonableness of the technique absent a warrant.153Riley v. California, 573 U.S. 373, 381–82 (2014). Reasonableness is determined by weighing the intrusion on privacy against society’s interest in combating crime and protecting public safety.154Id. at 385–86. United States v. Jones155565 U.S. 400 (2012). and Carpenter refused to identify an expectation of privacy in isolated public movements.156Id. at 406 (refusing to address reasonable expectation of privacy); id. at 419 (Alito, J., concurring in the judgment) (only finding reasonable expectation of privacy in “long-term monitoring” of public movements); see also Carpenter v. United States, 138 S. Ct. 2206, 2217 & n.3, 2220 (2018). Only in extraordinary cases, such as long-term surveillance, do people gain an expectation of privacy in the “whole of their physical movements.”157Carpenter, 138 S. Ct. at 2217. Carpenter therefore exempted techniques such as geofence queries, which involve less than a week of location data, from its holding.158Id. at 2217 n.3, 2220 (“It is sufficient for our purposes today to hold that accessing seven days of CSLI constitutes a Fourth Amendment search.”).
Geofence queries have far greater law enforcement and public safety utility than the historical searches addressed in Carpenter. To use historical searches, investigators must already have a suspect in mind. Historical searches thus have great value in clearing the innocent and confirming the guilt of the culpable, but cannot be used to identify suspects in the first place. Geofence queries, on the other hand, allow officers to generate leads and identify suspects when other methods of investigation have failed, permitting dangerous criminals to be identified, monitored, and apprehended.159See Warrant Note, supra note 9, at 2528. Geofence queries, particularly when initially anonymized—as required by Google160Rodriguez Declaration, supra note 41, at 2–4.—are eminently reasonable, representing enormous public safety benefits while imposing only minimal privacy costs. The reasonable expectation of privacy test thus dictates that they may be carried out without warrants.
Text and precedent demonstrate that aggregate privacy interests are not cognizable under the Fourth Amendment. Despite the wishes of some jurists, criminals, and law professors, the Fourth Amendment does not establish a general command to maximize society’s aggregate privacy.161Notably, while the Court of Appeals for the Ninth Circuit in United States v. Moalintook issue with the large number of people impacted by a bulk collection program, the opinion could cite not a single case identifying an aggregate privacy interest. United States v. Moalin, 973 F.3d 977, 992 (9th Cir. 2020). Precedent, instead, demonstrates the lack of such an interest. See Brown v. United States, 411 U.S. 223, 230 (1973) (“Fourth Amendment rights are personal rights which . . . may not be vicariously asserted.” (citations and internal quotations omitted) (quoting Alderman v. United States, 394 U.S. 165, 174 (1969)); In re Application of the FBI for an Ord. Requiring the Prod. of Tangible Things from [Redacted], No. BR 13-109, 2013 WL 5741573, at *2 (FISA Ct. Aug. 29, 2013) (“[W]here one individual does not have a Fourth Amendment interest, grouping together a large number of similarly-situated individuals cannot result in a Fourth Amendment interest springing into existence ex nihilo.”). Instead, the text protects only “their persons, houses, papers, and effects.”162U.S. Const. amend. IV (emphasis added). The limitation to “their” persons and property mandates an individual rather than aggregate focus. The exclusion of aggregate interests from Fourth Amendment analysis is also demonstrated by the Court’s warrantless police checkpoint cases.163See Illinois v. Lidster, 540 U.S. 419, 427–28 (2004) (adopting individualized approach to uphold checkpoints); id. (“[S]tops interfered only minimally with liberty of the sort the Fourth Amendment seeks to protect. Viewed objectively, each stop required only a brief wait in line—a very few minutes at most. Contact with the police lasted only a few seconds.”); Mich. Dep’t of State Police v. Sitz, 496 U.S. 444, 447, 451 (1990) (upholding DUI checkpoint and characterizing the privacy interest as only that of each individual stopped, not an aggregate interest of all drivers: “the weight bearing on the other scale—the measure of the intrusion on motorists stopped briefly at sobriety checkpoints—is slight”). In Michigan Department of State Police v. Sitz,164496 U.S. 444 (1990). the Court described the privacy interest at issue as only the “duration of the seizure and the intensity of the investigation” for each motorist stopped.165Sitz, 496 U.S. at 452. Instead of focusing on the aggregate intrusion, the Court expressed concern that checkpoints could be used as a pretext to seize individuals whom officers wanted to stop without articulable suspicion, and thus required only “a plan embodying explicit, neutral limitations” on stops.166Brown v. Texas, 443 U.S. 47, 51 (1979). In Illinois v. Lidster,167540 U.S. 419 (2004). the Court approvingly cited the fact that officers “stopped allvehicles systematically”—thus greatly increasing the program’s aggregate privacy impact—as supporting the constitutionality of the seizures.168Id. at 428 (emphasis added). Because the reasonable expectation of privacy test is individualized, only the minimal privacy intrusion on each individual within the geofence weighs in the reasonableness balancing.
Vanishingly little personal information is revealed by geofence queries, which impose less of a privacy burden than checkpoints, with far greater investigative benefits.169See Sitz, 496 U.S. at 461 (Stevens, J., dissenting) (describing how checkpoints involving 41,000 drivers led to only 143 arrests). Even if queries are not anonymized, all they can reveal is that an individual was geographically and temporally proximate to a crime.170Chatrie’s expert witness used the geofence data in an attempt to demonstrate purported privacy intrusions but could not actually reveal anything embarrassing or incriminating about any of the other devices included within the geofence. See United States v. Chatrie, No. 19-cr-00130, 2022 WL 628905, at *15 (E.D. Va. Mar. 3, 2022). Concocting an expectation of privacy in one’s proximity to a crime would cast doubt on well-established investigative practices such as reviewing crime scene footage or conducting witness interviews.171See Carpenter v. United States, 138 S. Ct. 2206, 2220 (2018) (reaffirming the constitutionality of “conventional surveillance techniques and tools, such as security cameras”). An improbable confluence of events must occur for potentially embarrassing information to be revealed by queries.172Clapper v. Amnesty Int’l USA, 568 U.S. 398, 418 (2013) (clarifying that other interests like a vague sense of unease or chilled expression based on hypothetical surveillance are not constitutionally cognizable, implying they should not weigh in reasonableness balancing). First, someone must be carrying a device harvesting their location while in the vicinity of a crime. Second, their location data must be sufficiently precise to place them in an embarrassing location.173Google location data is precise to within only twenty meters, making this unlikely. See McGriff Declaration, supra note 4, at 4. Third, they must be in a location so embarrassing and unexplainable that their mere presence a single time can be held against them. Fourth, if the data is initially anonymized, they must be one of the few who are deanonymized.174Given the initial anonymization, see Rodriguez Declaration, supra note 41, at 2–4, queries cannot practically be abused, as officers would need to know the exact location of their target ahead of time—and thus already have the information a geofence query would provide—in order to selectively target someone with an abusive query. Fifth, investigators must recognize the location as embarrassing and record the individual’s presence there. Finally, investigators must somehow leak or use this information against the individual.
Financial and phone records, which Carpenter reaffirms are subject to the third-party doctrine,175Carpenter, 138 S. Ct. at 2220, 2222. far more readily reveal sensitive information. They could easily betray repeated interactions with a strip club, psychiatrist, plastic surgeon, abortion clinic, AIDS treatment center, criminal defense attorney, by-the-hour motel, union meeting, mosque, synagogue, church, or gay bar.176See United States v. Jones, 565 U.S. 400, 415 (2012) (Sotomayor, J., concurring). One-off location data, by contrast, does not provide the “all-encompassing record of the holder’s whereabouts” or “intimate window into a person’s life” that concerned the Carpenter Court.177Carpenter, 138 S. Ct. at 2217. And unlike in Carpenter, where individuals who wished to use cell phones had no ability to avoid CSLI tracking,178Id. at 2220. Google users do have some ability to opt-out of location tracking, further minimizing the privacy intrusion.179United States v. Chatrie, No. 19-cr-00130, 2022 WL 628905, at *4, *26–27 (E.D. Va. Mar. 3, 2022). The miniscule chance that a geofence query reveals a single visit to a strip club pales in comparison to the privacy intrusion represented by allowing investigators access to the records of one’s entire financial life and call history.
The Court has never recognized a reasonable expectation of privacy in one’s public presence at a single location.180See Jones, 565 U.S. at 430 (Alito, J., concurring in the judgment) (“[R]elatively short-term monitoring of a person’s movements on public streets accords with expectations of privacy that our society has recognized as reasonable.” (citing United States v. Knotts, 460 U.S. 276, 281–82 (1983))). In Carpenter and the Jones concurrences, the Court focused on the privacy implications of public movements over an extended period.181Carpenter, 138 S. Ct. at 2217 & n.3 (holding that seeking seven days of historical location data constituted a search based on risk of generating an “intimate window into a person’s life, revealing not only his particular movements, but through them his ‘familial, political, professional, religious, and sexual associations’” (quoting Jones, 565 U.S. at 415 (Sotomayor, J., concurring))); Jones, 565 U.S. at 415 (Sotomayor, J., concurring) (fearing a “comprehensive record of a person’s public movements that reflects a wealth of [personal] detail”); id. at 424, 428–30 (Alito, J., concurring in the judgment) (focusing on dangers of “long-term tracking” and practical difficulties of such monitoring at the Founding). This so-called “aggregation problem,” whereby the government can learn intimate details of a target’s life through the combination of numerous individual data points, is also a mainstay of scholarly criticism.182Orin S. Kerr, The Mosaic Theory of the Fourth Amendment, 111 Mich. L. Rev. 311, 328–29 (2012) (focusing on the concern that “combining many pieces of information about suspects can lead the government to learn intimate details about their lives”); Daniel J. Solove, Access and Aggregation: Public Records, Privacy and the Constitution, 86 Minn. L. Rev. 1137, 1141 (2002) (arguing that “it is the totality of the information, aggregated together, that presents the problem”). But the aggregation problem does not apply to geofence queries. In contrast with historical location searches, geofence queries involve only a binary confirmation of whether an individual was present near a crime scene and, as addressed above, fanciful hypotheticals are required before they can reveal even a miniscule degree of intimate information.183See supra Section III.B.
The test of intrusion on privacy is not whether revealed information is likely to cause officers to investigate an individual.184Kerr, supra note 182, at 328 (explaining that piecing together sufficient information to identify a suspect and secure probable cause for a Fourth Amendment search through “nonsearch techniques” was traditionally considered good police work, rather than an unreasonable intrusion on privacy). Public observation by officers of conduct or contraband in plain view is both one of the most effective law enforcement techniques and understood to be eminently reasonable.185See Minnesota v. Dickerson, 508 U.S. 366, 372–77 (1993); Horton v. California, 496 U.S. 128, 133–37, 141–42 (1990); Coolidge v. New Hampshire, 403 U.S. 443, 464–68 (1971). An officer, for example, is very likely to engage in further investigation when they observe someone standing over a dead body, holding a bloody knife, and laughing maniacally. That subsequent investigation could be extremely unpleasant and intrusive. But the fact that the officer’s observation led to this intrusive investigation does not create an expectation of privacy in public conduct. In other words, the likely future intrusions engendered by being identified as a suspect do not weigh against a technique’s constitutional reasonableness because all techniques create the possibility of subjecting targets to future investigation. Holding otherwise would perversely reverse reasonableness balancing by viewing the most accurate and effective techniques as the most suspect. Geofence queries, witness interviews, and review of video footage can all identify, and thus subject to investigation, potentially innocent people, but this fact does not render these techniques prohibited by a reasonable expectation of privacy.186While geofence queries, like all investigative techniques, have the potential to subject potentially innocent parties to investigation, see Warrant Note, supra note 9, at 2508–09 (describing only a single instance where a geofence query erroneously led to an arrest), the Court’s open-ended reasonableness determination permits it to take into account the clear superiority of geofence queries to alternative investigative techniques on which officers would be forced to rely if queries were restricted—such as reviewing grainy video footage or relying on notoriously inaccurate eyewitnesses. See Jed S. Rakoff & Elizabeth F. Loftus, The Intractability of Inaccurate Eyewitness Identification 90 (U.C. Irvine Sch. of L. Legal Stud. Rsch. Paper, Paper No. 2018-61, 2018), https://perma.cc/3BP5-MA93. Tellingly, in the Chatrie case, officers pursued two false leads before seeking a geofence query.187United States v. Chatrie, No. 19-cr-00130, 2022 WL 628905, at *11 (E.D. Va. Mar. 3, 2022). Both leads involved witness tips and led to intrusive law enforcement investigation of innocent parties.188Id. In contrast, the geofence query accurately identified the guilty party, thereby resulting in far less of a privacy intrusion on innocent bystanders than the traditional techniques uniformly acknowledged not to impinge upon a reasonable expectation of privacy.189See id. at *13, *16.
In Carpenter and in the Jones concurrences, the Justices relied on the inability of officers to gather long-term location data through traditional means to establish a reasonable expectation of privacy in long-term location tracking.190The Court held that long-term historical location data was “effortlessly compiled,” while acquiring equivalent data traditionally would have been essentially impossible. See Carpenter v. United States, 138 S. Ct. 2206, 2216–18 (2018). Justice Sotomayor made a similar point about the tracking of Jones’s car. See United States v. Jones, 565 U.S. 400, 415–16 (2012) (Sotomayor, J., concurring) (“And because GPS monitoring is cheap in comparison to conventional surveillance techniques and, by design, proceeds surreptitiously, it evades the ordinary checks that constrain abusive law enforcement practices: ‘limited police resources and community hostility.’” (quoting Illinois v. Lidster, 540 U.S. 419, 426 (2004))). In contrast, investigators routinely and easily identify those near the scene of a crime—the only information a geofence query provides—using traditional investigative techniques such as witness interviews, plain view observation, and review of videos, pictures, and social media posts.191See, e.g., Chatrie Brief, supra note 1 (revealing police use of surveillance footage and witness interviews); Jill Leovy, Ghettoside: A True Story of Murder in America 74–80 (2015) (describing investigative techniques used by LAPD homicide detectives). See generally Rachel Levinson-Waldman, Government Access to and Manipulation of Social Media: Legal and Policy Challenges, 61 How. L.J. 523, 523–60 (2018) (critiquing police use of social media material during investigations). Identifying those near a crime scene, in comparison to long-term surveillance, requires far fewer investigative resources, rarely rouses community hostility, and occurs a great deal more frequently.192See Leovy, supra note 191, at 74–80 (revealing the surprising willingness of witnesses in high-crime communities to cooperate with law enforcement to solve crimes, even in the face of severe threats of retaliation from perpetrators). Everyone understands that if they were near the scene of a crime, officers may attempt to identify and speak with them.193Id. (detailing law enforcement attempts to identify and contact witnesses). Unlike in Carpenter and Jones, geofence queries makes this job easier—and more accurate—without fundamentally changing the underlying privacy dynamics.
Concerns have been raised that the possibility of being identified in a geofence query might chill participation in peaceful protests.194See Warrant Note, supra note 9, at 2519–20 (citing Whittaker, supra note 11) (describing use of geofence queries to identify masked rioters responsible for arson during protest over the death of George Floyd). However, only those wishing to engage in anonymous criminality are likely to be “chilled” from attending a protest based on the mere possibility that their presence could later be discovered by law enforcement.195Most individuals attending protests are perfectly happy to do so openly, and frequently broadcast their presence to the world. See Shannon Ho & Phil McCausland, How Instagram Became a Destination for the Protest Movement, NBC News (June 28, 2020, 6:00 AM),
https://perma.cc/L56K-WJW6 (describing public use of social media at protests). Most protestors would likely be heartened by the knowledge it will be more difficult for criminals to hijack their cause as an excuse for violence. See Jenny Jarvie & Richard Read, Amid Chaos, Some Black Activists Say the Message Has Been Hijacked, L.A. Times (May 30, 2020, 7:24 PM), https://perma.cc/37GE-R2WP. Protest attendees are also in plain view of any law enforcement officers present, further underscoring the lack of an expectation of privacy in protest attendance. Notably, while geofence queries are being used to track down and apprehend the January 6 Capitol rioters, critics cannot point to a single instance of anyone actually being chilled from participation in a peaceful protest, or of a protestor suffering any consequences from being identified through a geofence query.196The worst example critics can muster is describing two bystanders identified by a geofence query as being near a fight between Antifa and Proud Boys. These bystanders were cleared by further investigation and “never arrested.” Ng, supra note 27; see also Warrant Note, supra note 9, at 2519–20 (describing uses of geofence warrants to “identify protestors” but citing no evidence that geofence warrants have chilled participation in protests). Rather than constituting a privacy violation, any deterrent impact of queries on violence or illegality at protests merely underlines their law enforcement utility and reaffirms their reasonableness.
While individuals have a First Amendment right to anonymously associate in the face of private retaliation,197NAACP v. Alabama ex rel. Patterson, 357 U.S. 449, 462 (1958) (establishing associational right to anonymity where identification would lead to substantial restraint on association); see also Ams. for Prosperity Found. v. Bonta, 141 S. Ct. 2373, 2388 (2021). there is no general right to go about anonymously in public or to hide one’s identity from the government.198Aryan v. Mackey, 462 F. Supp. 90, 92 (N.D. Tex. 1978) (expressing agreement with assertion that there is no federal constitutional right to be physically anonymous); State v. Miller, 398 S.E.2d 547, 552 (Ga. 1990) (“Anonymity is neither an absolute social good, nor an absolute constitutional right.”); Stephen J. Simoni, “Who Goes There?”—Proposing a Model Anti-Mask Act, 61 Fordham L. Rev. 241, 261 (1992) (“[P]hysical concealment of identity does not appear to be a constitutional right . . . .”). This lack of a general right to public anonymity is demonstrated by the wide proliferation of anti-mask laws, banning the public wearing of masks.199Anti-mask statutes frequently include exceptions for costumes, health, religious dress, and professional requirements, but do not generally include exceptions for protests or demonstrations. See Ala. Code § 13A-11-9(a)(4) (2021) (prohibiting congregating or remaining in a public place while masked); Ga. Code Ann. § 16-11-38(a) (2021) (prohibiting the wearing of a mask, hood, or disguise in public or on the private property of another without permission); La. Stat. Ann. § 14:313 (2021) (prohibiting hoods or masks designed to disguise from being worn in public or in public view); Minn. Stat. § 609.735 (2021) (prohibiting concealing one’s identity in a public place with a “robe, mask, or other disguise”); N.Y. Penal Law § 240.35(4) (McKinney 2019) (repealed 2020) (prohibiting congregating or remaining in a public place with others who are masked or disguised); N.C. Gen. Stat. § 14-12.8 (2021) (prohibiting the wearing of a mask, hood, or disguise on public property); S.C. Code Ann. § 16-7-110 (2021) (prohibiting any person over sixteen from wearing a mask or disguise in public); Va. Code Ann. § 18.2-422 (2021) (prohibiting those over sixteen, with the intent of concealing their identity, wearing a mask, hood, or disguise in public or on the private property of another without permission). Many of these laws stem from efforts to combat Ku Klux Klan violence in the nineteenth and twentieth centuries.200Mark Fockele, Comment, A Construction of Section 1985(c) in Light of Its Original Purpose, 46 U. Chi. L. Rev. 402, 402–03, 403 n.4 (1979) (detailing 1871 enactment of the Ku Klux Klan Act combatting “murders, whippings, and beatings committed by rogues in white sheets in the postbellum South” and prohibiting going “in disguise on the highway or on the premises of another” with the intention of depriving others of their civil rights (citing and quoting 42 U.S.C. § 1985(c) (1976)); see also 18 U.S.C. § 241 (criminal prohibition); 42 U.S.C. § 1985(3) (civil remedy). Courts have refused to identify a right to public anonymity, and anti-mask laws are generally upheld.201See Church of the Am. Knights of the Ku Klux Klan v. Kerik, 356 F.3d 197, 211 (2d Cir. 2004) (upholding mask ban); People v. Aboaf, 721 N.Y.S.2d 725, 728–34 (N.Y. Crim. Ct. 2001) (same); Simoni, supra note 198, at 261 (noting that courts do strike down anti-mask statutes where they raise other constitutional problems like selective enforcement, viewpoint discrimination, or unconstitutional vagueness, but that such holdings do not undermine the notion that “physical concealment of identity does not appear to be a constitutional right”). Drawing on NAACP v. Alabama ex rel. Patterson,202357 U.S. 449 (1958). which established a right grounded in the First Amendment to associate anonymously when public association would subject citizens to severe private retaliation,203Id. at 460–62, 466. courts typically strike down anti-mask laws only when plaintiffs demonstrate a substantial fear of private retaliation should they not be permitted to hide their identities.204See NAACP, 357 U.S. at 462; Am. Knights of the Ku Klux Klan v. City of Goshen, 50 F. Supp. 2d 835 (N.D. Ind. 1999) (ruling for Klan based on history of private retaliation); Ghafari v. Mun. Ct. for San Francisco Judicial Dist., 150 Cal. Rptr. 813, 813–19 (Ct. App. 1979) (overturning anti-mask statute used to prosecute Iranians who feared reprisals by the Shah should their identities be revealed). Unless the results were illegally leaked,205Unlike with the California Department of Justice’s charity donor database, there is no evidence of this occurring. See Ams. for Prosperity Found. v. Bonta, 141 S. Ct. 2373, 2381 (2021) (“California was unable to ensure the confidentiality of donors’ information. During the course of litigation, the Foundation identified nearly 2,000 confidential Schedule Bs that had been inadvertently posted to the Attorney General’s website, including dozens that were found the day before trial.”). geofence queries create no risk of private retaliation and thus do not infringe on a constitutionally protected right to anonymity.
Even under the most extreme hypotheticals, the very worst that can be said of geofence queries is that they might—confidentially—reveal to law enforcement that someone attended a protest or may have been present a single time at an embarrassing location. When compared with the enormous law enforcement benefits of geofence queries—both in identifying suspects and in quickly clearing the innocent—the remote possibility of these banal revelations cannot undermine the technique’s fundamental reasonableness.
The Electronic Communications Privacy Act was enacted by Congress in 1986 to govern the privacy of computer network communications.206Orin S. Kerr, The Next Generation Communications Privacy Act, 162 U. Pa. L. Rev. 373, 375 (2014). The statute’s primary innovation was the Stored Communications Act (“SCA”), which created statutory privacy rights for “subscribers or customers” of electronic communications services—the SCA’s term for email service providers—and remote computing services—third-party providers of storage and processing services.207Id. The statute has undergone only minor revisions over the last thirty-five years, leading to an ever-larger divergence between the statute’s text and the technology and surveillance techniques it may now cover.208Id. at 373–77. This growing divergence has reached the point that, according to Professor Orin Kerr, the fundamental assumptions upon which the Act was based are no longer valid.209Id. at 378.
Until Congress acts to explicitly address geofence queries, courts will be forced to apply the SCA’s anachronistic framework to determine whether there are any statutory prohibitions on their use. Analyzing geofence queries under the statute requires making two determinations. First, in the context of gathering location information, is the service provider acting as either a remote computing service or an electronic communications service? If the service provider is not acting in either capacity, it is not covered by the SCA, and any customer data can be, statutorily, accessed with only a subpoena.210U.S. Dep’t of Just., Comput. Crime & Intell. Prop. Section, Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations 128 (2009) [hereinafter DOJ, Searching and Seizing Computers]. Second, if the provider is acting as a remote computing or electronic communications service, is geofence data the “contents” of a communication, or merely a customer record? Because location data does not constitute contents, and is instead a prototypical customer record, geofence queries require only a subpoena or a § 2703(d) order, depending on whether the provider was acting in an SCA-covered capacity when the data was gathered.211Were location data held to constitute the contents of a communication rather than a customer record, access would likely require a warrant. See 18 U.S.C. § 2703(a), (b). Seems archaic, muddled, and confusing? It is.
The question of whether location data is covered by the SCA is largely irrelevant, and mainly goes to demonstrate the antiquated nature of the SCA and the difficulty of applying its rickety statutory framework to modern technology. The only practical difference between records that are not covered by the SCA and records that are covered by the SCA is that noncovered records can be accessed with a subpoena, while covered records require a § 2703(d) order.21218 U.S.C. § 2703(d). However, given the modest standard to secure an SCA order, requiring only that investigators demonstrate the information sought is relevant and material to an ongoing investigation,213Information on those in the vicinity of a crime is clearly relevant and material to an investigation, meeting the standard set forth in § 2703(d). orders are likely to be sought regardless of whether they are technically required to avoid the time and expense of litigating coverage under the SCA. The question of whether a service provider constitutes an electronic communications service, a remote computing service, or neither thus has no practical consequences since investigators can seek a § 2703(d) order regardless.21418 U.S.C. § 2703(d).
Even if the distinction had any practical significance, the SCA would still exempt a wide range of online platforms. The SCA defines a remote computing service as “the provision to the public of computer storage or processing services by means of an electronic communications system.”21518 U.S.C. § 2711(2). It defines an electronic communications service as “any service which provides to users thereof the ability to send or receive wire or electronic communications.”21618 U.S.C. § 2510 (15). Gmail,217Gmail, Google, https://perma.cc/AES2-TNHM. Google’s email service, constitutes a prototypical electronic communications service, while Google Drive,218Drive, Google, https://perma.cc/R5QS-LQDD. a Google service permitting users to store and access files, is a typical remote computing service.219Kerr, supra note 206, at 387, 395 (identifying email and Google Drive as prototypical electronic communication and remote computing services respectively). In contrast, many Google services appear to be neither electronic communication nor remote computing services. For example, the Android operating system, YouTube, and Google Search are unlikely to be considered by courts to be either communications systems or remote computing services.220See Hately v. Watts, 917 F.3d 770, 790 (4th Cir. 2019) (explaining that SCA classifications are context dependent and that just because a large firm like Google functions as an electronic communications service when providing email, does not mean it qualifies under the SCA when providing other services).
Google location data is thus not covered by the SCA at all because Google is neither a provider of electronic communication nor of remote computing services with respect to location data.221See id.; In re Application of the United States for a Search Warrant, 665 F. Supp. 2d 1210, 1213 (D. Or. 2009) (“Today, most ISPs provide both [electronic communication services] and [remote computing services]; thus, the distinction serves to define the service that is being provided at a particular time . . . rather than to define the service provider itself.”). Google automatically gathers this data, even if the user is not using any other Google service, as long as the user is logged into his Google account with location history turned on.222See Google Brief, supra note 5, at 8. For the user who is merely signed into their Google account or using an Android device, Google is neither an electronic communications nor remote computing service provider with respect to the harvested location data.
Under the best reading of the SCA, even data gathered by Google when a user is engaging with a qualifying Google product is not protected by the SCA because the data is harvested regardless. The SCA only regulates records “pertaining to a subscriber to or customer of such service.”22318 U.S.C. § 2703(c)(1) (emphasis added). Data that is gathered regardless of whether the user is engaging with a covered service does not “pertain” to customers of “such service.” To illustrate: Google provides remote computing services to users of Google Photos, but the SCA’s records provision should not be read to extend to an unrelated job application submitted to Google by a Photos user—or to that user’s COVID test results generated by an independent Google subsidiary. “Pertain” should thus be read as requiring that the records be related to the provision of the communications or remote computing services. This relatedness test is met for CSLI: the data is gathered through connections with the towers needed to transmit calls.224Carpenter v. United States, 138 S. Ct. 2206, 2211–12 (2018). However, since Google location data is gathered regardless of which covered services—if any—are being used,225See United States v. Chatrie, No. 19-cr-00130, 2022 WL 628905, at *4 (E.D. Va. Mar. 3, 2022) (“Google is ‘always collecting’ data . . . .”). that data can never pertain to a “customer of such service.”
The lack of coverage under the SCA for certain geofence databases is likely to become even more apparent as law enforcement begins to exploit less traditional sources of location data. It will be very difficult for a defendant to argue that his Tesla car226Joann Muller, What Tesla Knows About You, Axios (Mar. 13, 2019),
https://perma.cc/6JLQ-5ABX. or iPhone flashlight app227Robert McMillan, The Hidden Privacy Threat of . . . Flashlight Apps?, Wired (Oct. 20, 2014, 6:30 AM), https://perma.cc/5JSC-DZU5.—which may well be gathering location data while providing no ability to send messages nor to engage in remote computing services—are protected by the SCA. Regardless, this convoluted and uncertain question of statutory interpretation is irrelevant in practice because it merely determines whether geofence queries can be carried out with ordinary subpoenas or § 2703(d) orders.228See supra notes212–214 and accompanying text.
At most, the SCA requires a § 2703(d) order to access geofence data, which permits the government to access records related to customers of remote computer or electronic communications services.22918 U.S.C. § 2703(c)–(d) (requiring reasonable grounds to believe the data sought is relevant and material to an ongoing investigation). Google location data is a “record or other information,”230CSLI is a prototypical record. See In re Application of the United States for Hist. Cell Site Data, 724 F.3d 600, 608 (5th Cir. 2013) (“[H]istorical cell site information clearly falls within a category of data for which the SCA requires only a § 2703(d) order. . . .”); DOJ, Searching and Seizing Computers, supra note 210, at 122 (citing H.R. Rep. No. 103-827, at 10, 17, 31 (1994), as reprinted in 1994 U.S.C.C.A.N. 3489, 3490, 3497, 3511) (identifying “cell-site data for cellular telephone calls” as an SCA record). In upholding pre-Carpenter 2703(d) orders seeking CSLI under the good faith doctrine, courts have confirmed that CSLI is a record statutorily accessible with a § 2703(d) order. See United States v. Goldstein, 914 F.3d 200, 204 (3d Cir. 2019) (“At the time the search was executed, it was authorized under § 2703(d).”); United States v. Beverly, 943 F.3d 225, 229–31 (5th Cir. 2019); United States v. Carpenter, 926 F.3d 313, 317–18 (6th Cir. 2019); United States v. Korte, 918 F.3d 750, 757–59 (9th Cir. 2019); United States v. Chavez, 894 F.3d 593, 608 (4th Cir. 2018); United States v. Curtis, 901 F.3d 846, 848–49 (7th Cir. 2018); United States v. Joyner, 899 F.3d 1199, 1204–05 (11th Cir. 2018). not “contents,” defined as “any information concerning the substance, purport, or meaning of [a] communication.”23118 U.S.C. § 2510(8). Of course, the definition cannot really be so broad because the sender and recipient of an email—clearly customer records—could certainly shed light on the email’s meaning and could thus be said to “concern” the meaning of the communication. See Kerr, supra note 99, at 1228. While access to the contents of communications generally requires a warrant under the SCA,23218 U.S.C. § 2703(a)–(b). Google’s location data is not sufficiently distinct from CSLI, a prototypical record, for it to be considered contents.233Notably, even critics of geofence queries appear to concede this point by arguing for legislative change to render the data contents. See Elm, supra note 16, at 13. Some of Google’s location data is, in fact, CSLI, which Google admits constitutes a record.234McGriff Declaration, supra note 4, at 2–4; Google Brief, supra note 5, at 16–17.
Google location history is not being affirmatively communicated. It is being harvested.235United States v. Chatrie, No. 19-cr-00130, 2022 WL 628905, at *4 (E.D. Va. Mar. 3, 2022) (“Once a user opts into Location History, Google is ‘always collecting’ data and storing all of that data in its vast Sensorvault, even ‘if the person is not doing anything at all with [his or her] phone.’” (citations omitted)). And while CSLI is occasionally gathered incident to calls, Google concedes that CSLI is gathered continuously when cell phones automatically connect to nearby cell towers.236See Google Brief, supra note 5, at 8–9. For both CSLI and Google location data, the fact that it is not necessarily gathered incident to a typical communication does not render it “contents” requiring a warrant.237If the standard Google put forward were correct, that data not performing a “routing” or “addressing” function constituted contents, id. at 17, CSLI and other data long understood to constitute records would also qualify as contents. See cases cited supra note 230; see also Kerr, supra note 99, at 1228. Likewise, if “opting in” rendered the data “contents,” CSLI would also qualify.238Despite Google’s efforts to paint data harvesting as a “journal,” location data is gathered for Google’s pecuniary benefit, see McGriff Declaration, supra note 4, at 2–5, not to help people remember their travels. Google advances no evidence users are genuinely interested in the journal “service.” In the case of both CSLI and Google data, users consent to gain full access to services, Google Brief, supra note 5, at 6–7, not to remember where they have been. In this way, Google data and CSLI are identical: users opt in to the autonomous harvesting of their CSLI data so they can use their phones, and to Google location tracking so they can fully use other Google services. After initial consent, data is automatically transferred, autonomous of any direction by the consumer and not necessarily incident to any communication. See Chatrie, 2022 WL 628905, at *4; McGriff Declaration, supra note 4, at
2–3. The only real difference between Google data and traditional CSLI is Google’s ex post use of the data to create viewable maps and Google’s attempt to paint its collection of location data as a “service.”239See Google Brief, supra note 5, at 6. If Google were correct, allowing AT&T customers to view their CSLI—which Google admits is a record—through an online “journal” would likewise transform it into contents. Id. at 16–17. As addressed above, Google’s attempts to portray its location harvesting as a journal consisting of information voluntarily communicated to Google by its customers is a façade.240See supra Section II.C. Finally, in the SCA, Congress specifically distinguished between “contents” and “cell site location or global positioning system information,” strongly implying that harvested location data cannot be considered contents.24150 U.S.C. § 1861(k)(3)(B) (providing that call detail records exclude “contents” and “cell site location or global positioning system information”). Moreover, “electronic communication” excludes communications from tracking devices, reaffirming congressional intent not to include harvested location data in “contents,” which must relate to the meaning of a communication. See 18 U.S.C. § 2510(8), (12).
Some commentators have raised the possibility that cell phones constitute “tracking devices” under the Wiretap Act, which would prevent the government from seeking location information generated from a cell phone with a § 2703(d) order.242Steven M. Harkins, Note, CSLI Disclosure: Why Probable Cause Is Necessary to Protect What’s Left of the Fourth Amendment, 68 Wash. & Lee L. Rev. 1875, 1896–99 (2011); see also Richard M. Thompson, Cong. Rsch. Serv., R42109, Governmental Tracking of Cell Phones and Vehicles: The Confluence of Privacy, Technology, and Law 6–10 (2011) (explaining that the SCA defines an electronic communication to exclude communications from a tracking device, preventing the government from securing a § 2703(d) order for information deemed to originate from a tracking device). But as the Court of Appeals for the First Circuit explained in United States v. Ackies,243918 F.3d 190 (1st Cir. 2019). cell phones do not constitute tracking devices because tracking devices are (i) devices that (ii) must be installed, and cell phones are not installed.24418 U.S.C. § 3117(a) (permitting “installation of a mobile tracking device”). Courts have rejected the cell phones as tracking devices argument in the historical location search context,245See In re Application of the United States for an Ord. Directing a Provider of Elec. Commc’n Servs. to Disclose Recs. to the Gov’t, 620 F.3d 304, 310 (3d Cir. 2010) (“[E]ven if the record of a cell phone call does indicate generally where a cell phone was used . . . so that the resulting CSLI was information from a tracking device, that is irrelevant here because the CSLI derives from a ‘wire communication’ and not an ‘electronic communication.’” (quoting 18 U.S.C. § 2703(c))); In re Application of the United States of America for an Ord. for Authorization to Obtain Location Data Concerning an AT&T Cellular Tel., 102 F. Supp. 3d 884, 892 (N.D. Miss. 2015) (determining that “the ‘installation’ language in the Tracking Device Statute constitutes a real reason for not utilizing that statute for requests for prospective cell phone location data”); In re Smartphone Geolocation Data Application, 977 F. Supp. 2d 129, 150 (E.D.N.Y. 2013) (“[G]athering geolocation information about a cellular telephone does not convert the phone into a ‘tracking device’ for the purpose of [§ 3117].”). and it is even less persuasive as to geofence queries. Unlike historical location searches which track a target’s location over time, geofence queries focus on identifying those present at one specific location at one specific time, meaning they do not actually “track” anyone over time.
Because cell phones are not tracking devices, and because location data constitutes customer records, rather than the contents of communications, geofence queries can be undertaken with a § 2703(d) order and do not statutorily require either a warrant or a showing of probable cause.24618 U.S.C. § 2703(d).
Geofence queries solve crimes.247See supra note 9 and accompanying text. While fears of abuse or of a chilling effect related to geofence queries are overblown, government access to location data in any form raises privacy concerns.248See Kerr, supra note 182 at 316–18 (describing the mosaic theory adopted in response to privacy concerns raised by modern technology); Solove, supra note 182 at 1184 (raising concerns that data aggregation may allow government insight into the intimate details of our personal lives). The uncertain application of the Stored Communication Act’s rickety statutory framework to geofence queries, likely permitting queries with an order requiring only a demonstration that the records are “relevant and material to an ongoing investigation,” demonstrates the need to update and replace the SCA’s antiquated provisions.249See Kerr, supra note 206 at 414 (describing the anachronistic nature of the SCA and arguing for a complete reworking to address modern technology and privacy concerns). At the same time, the complicated policy and statistical questions raised by queries demonstrate the poor fit of federal judicial regulation.
Under an originalist approach, the Fourth Amendment imposes a relatively straightforward prohibition: in the absence of a valid warrant, the federal government cannot engage in a search or seizure of a target’s person, papers, houses, or effects, if doing so would have violated the common law at the time of the Framing.250See U.S. Const. amend. IV. Because geofence queries can be carried out with subpoenas requiring private third parties to turn over existing data, they do not constitute Fourth Amendment searches under an originalist approach, even if users could establish property rights in the underlying data.251See supra Part II.
Under the reasonable expectation of privacy test, the enormous public safety utility of geofence queries, weighed against miniscule privacy concerns, even more clearly demonstrates that a warrant is not required. The policy rationale for a warrant requirement is also undermined by the awkward application of warrants to geofence queries. With historical location searches, the grant of a warrant is a relatively straightforward matter of determining whether there is probable cause to believe that (1) the target was engaged in criminality and (2) the target’s location history would provide evidence to that effect.252See Search Warrant: Cell Site Location Information (CSLI), Super. Ct. Cal., https://perma.cc/CD9J-PHT4. With geofence queries, however, complex questions of particularity and probable cause would remain.253See Warrant Note, supra note 9, at 2520–28. For example, as investigators expand their use of geofence queries to less ubiquitous providers, judges will be faced with determining exactly how likely it must be that a database contains the information of the perpetrator to meet the “fair probability” standard. The Supreme Court and appellate courts could choose either to defer to the individual and likely inconsistent decisions of magistrates in granting warrants, see Peter J. Kocoras, Comment, The Proper Appellate Standard of Review for Probable Cause to Issue a Search Warrant, 42 DePaul L. Rev. 1413, 1419–26 (1993) (describing deferential review of probable cause determinations made in granting warrants), or the Court could engage in the relatively non-judicial and previously shunned task of specifying exactly what level of statistical certainty is needed to meet the probable cause requirement. Is a 20% probability a database contains the desired information sufficient? What about 10%? It would be far more consistent with Congress’s institutional role and capabilities to make these minute statistical specifications and policy decisions. Constitutionalizing geofence queries through a ruling that they constitute Fourth Amendment searches would also improperly cut off burgeoning legislative conversations and state experimentation as to their proper regulation.254See Heads of Facebook, Amazon, Apple & Google Testify on Antitrust Law, C-Span (July 29, 2020), https://perma.cc/94D5-F994(congressional discussion of geofence queries); S. 8183, 2019–2020 Leg. Sess. (N.Y. 2020) (proposed bill in New York banning queries). Federal judicial regulation would also prevent state courts from utilizing state constitutions to implement greater privacy protections. See State v. Earls, 70 A.3d 630, 632 (N.J. 2013) (holding that the New Jersey Fourth Amendment analog required a warrant for historical location searches prior to Carpenter); see also Jeffrey S. Sutton, 51 Imperfect Solutions: States and the Making of American Constitutional Law 60–76 (2018) (urging modesty on the part of federal courts, experimentation by state legislatures, and rigorous analysis of state constitutional provisions by state courts).
Under both originalism and the current reasonable expectation of privacy test, geofence queries should be regulated by Congress, not the courts. If Congress does so, it is possible that critics of geofencing will prevail. But it is also possible that Congress will recognize the law enforcement benefits of geofences and allow their continued use. The fact that democracy may not produce the results some judges deem “just” does not empower them to project their desired outcomes onto the Fourth Amendment.