Posted by Orin Kerr:
Why Caballes Won't Impact Internet Surveillance:
Mark Rasch, a former DOJ lawyer back in the early 1990s, has an
[1]essay up at SecurityFocus (reprinted in [2]The Register) on why he
thinks the recent dog sniff case at the Supreme Court will "have a
profound impact on privacy rights online" and give a green light to
the invasive use of Internet wiretapping devices. I think Rasch is
wrong, and thought readers might be interested in why this recent
decision won't change the law of Internet surveillance in the way
Rasch suggests.
In the dogsniff case, [3]Illinois v. Caballes, the Court reaffirmed
a 1983 case, [4]United States v. Place, which had held that using a
trained dog to sniff the outside of a car for the smell of narcotics
doe not constitute a search. In the new case, the Court distinguished
a 2001 case, [5]Kyllo v. United States(aka the thermal imaging case),
on the ground that the information disclosed by the use of the dog was
only the existence of narcotics -- something that is illegal to
possess. In [6]my prior post, I explained that this is a troubling
rationale for the Court to use, albeit one largely driven by Kyllo
itself: by focusing on what the surveillance reveals rather than how
it is conducted, Caballes may permit invasive searches of personal
property so long as they only reveal the presence of drugs or other
contraband.
In his essay, Rasch argues that Caballes will change Internet
surveillance practices and the use of packet sniffers:
The same reasoning could easily apply to an expanded use of
packet sniffers for law enforcement.
Currently, responsible law enforcement agencies limit their
warrantless Internet surveillance to the "wrapper" of a message,
i.e., e-mail addresses or TCP/IP packet headers, unless they have a
court order permitting a more intrusive search. Looking at the
"outside" of the communication has been treated as similar to
looking at the outside of a vehicle -- and maybe peering into the
window a bit. To peek inside the communication -- read the content
-- required that you first get someone in a black robe involved.
The experiences of Mr. Caballes (the soccer mom, or me or you )
changed all that. The government is practically invited to peek
inside Internet traffic and sniff out evidence of wrongdoing. As
long as the technology -- like a well-trained dog -- only alerts
when a crime is detected, it's now legal.
As context-based search technology improves, the government may
soon have the ability to take Carnivore one better and deploy
"intelligent" packet search filters that will seek out only those
communications that relate to criminal activity. They may already
have it.
Although these packet sniffing dogs sniff the packets of sinner
and saint alike, they only bark at the sinner's e-mails. Thus,
according to the new Supreme Court precedent, the sinner has no
privacy rights, and the saint's privacy has not been invaded. In
fact, the saint would not even know the search had taken place --
Internet surveillance is less noticeable than a dog sniff.
Rasch's analysis is incorrect, I think. The primary reason is that
the relevant law governing Internet surveillance is statutory, not
constitutional. The key laws here are the Wiretap Act, 18 U.S.C.
2510-22, and the Pen Register statute, 18 U.S.C. 3121-27. These
statutes were applied to the Internet in 1986 to protect Internet
communications in light of substantial uncertainty as to whether the
Fourth Amendment protects Internet communications at all. Caballes
doesn't change any of these statutes: it merely offers one additional
argument (among several) as to why the Fourth Amendment itself may not
offer robust privacy protections online. We know that already, though;
that's why Congress created the statutory regime in the first place.
Second, Rasch is incorrect that existing law treats the packet
headers of Internet communications as "outside wrappers," and
analogizes accessing contents to "peering in the window" of
communications. To be honest, I am not quite sure where he is getting
this; I have never heard this before. In any event, the benefit of
statutory protections is that it need not rely on analogies to the
physical world; the law can simply protect what needs protecting. So,
existing statutory law distinguishes between the "contents" of
communications (like the message in an email) and "dialing, routing,
addressing, and signalling information" (like an e-mail address) on
the theory that addressing information is less private than
substantive contents of communications. Again, this line is unchanged
by Caballes.
Finally, Rasch refers to the possibility of "intelligent packet
search filters that will seek out only those communications that
relate to criminal activity," and speculates that the government "may
already have it." The reasoning of Caballes doesn't seem relevant to
that kind of tool, however: its rationale seems tied to the fact that
drugs are contraband (items illegal to own that can be seized by the
government), not mere evidence of crime. Because a hypothetical tool
that detects criminal activity would do more than simply alert to the
presence of contraband, I don't think its legality would be changed by
Caballes.
References
1. http://www.securityfocus.com/columnists/297
2. http://www.theregister.co.uk/2005/02/10/sniffer_dog_ruling/
3.
http://caselaw.lp.findlaw.com/scripts/getcase.pl?court=US&vol=000&invol=03-923
4.
http://caselaw.lp.findlaw.com/scripts/getcase.pl?court=us&vol=462&invol=696
5.
http://caselaw.lp.findlaw.com/scripts/getcase.pl?court=US&vol=000&invol=99-8508
6. http://www.volokh.com/archives/archive_2005_01_21.shtml#1106585518
_______________________________________________
Volokh mailing list
[email protected]
http://highsorcery.com/cgi-bin/mailman/listinfo/volokh
