New technologies and methods of data analysis are being used by the government to monitor the public in ways that were unimaginable a decade ago. Law enforcement agencies ranging from municipal police forces to the Department of Homeland Security are using tools such as genetic databanks, biometric scanners, roadside cameras, and cell phone metadata analysis to gather detailed information about the lives of individuals who are not suspected of any wrongdoing. The meaningful question in this area is no longer what information the government can obtain about us, but rather what information is beyond its reach.
The reason for this is that the Supreme Court has concluded that the Fourth Amendment’s protections do not apply to any information that has been exposed to the public or third parties. This includes information about our public movements, Internet usage, cell phone calls, and so on. Such information is per se fair game for police collection by any means.
This Article argues that the Court’s conclusion derives from a mistaken conflation of privacy and anonymity, and that understanding the difference between these concepts reveals strong substantive and formal reasons for interpreting the Fourth Amendment to protect not only reasonable expectations of privacy, but also “reasonable expectations of anonymity.” Further, it demonstrates that the incorporation of this new analytic concept into Fourth Amendment jurisprudence yields significant value: first, by identifying otherwise-unrecognizable ways in which new techniques of big data implicate the Constitution, and second, by delivering on the unfulfilled promise of the Supreme Court’s teaching that “the Fourth Amendment protects people, not places.” A more detailed roadmap of this argument follows.
The argument begins, in Part I, with an analysis of the Fourth Amendment right to be free from unreasonable “searches”—a term that the Supreme Court has, ever since Katz v. United States, interpreted to mean violations of reasonable expectations of privacy. The key contribution of this Part is clarifying what the Court means by “privacy” in the Fourth Amendment context, which has been the subject of much confusion in the literature. A close analysis of the case law reveals that the Court has adopted what can be termed an “epistemic,” rather than a normative, conception of privacy. The clarification of this point provides the foundation for a discussion of two doctrines that significantly limit the scope of the Fourth Amendment’s protections: the public exposure and third party doctrines, under which the Supreme Court has concluded that the Fourth Amendment’s protections do not apply to any information that has been exposed to the public or third parties.
The question that motivates this Article is whether the Supreme Court has erred in reaching this conclusion. The dominant view in the privacy scholarship is that the Court has failed to account for the ways in which privacy can exist in degrees. While this critique is correct as far as it goes, this Article demonstrates that it only identifies part of the problem.
The even deeper problem, identified in Part II, is that courts—along with most scholars—have incorrectly assumed that there is only one way of protecting a piece of personal information from public access: the one we call “privacy.” In doing so, they have overlooked a distinct and equally important way of doing so: through anonymity. This oversight derives from the fact that anonymity and privacy have been mistakenly conflated.
An example helps introduce the key distinction that has gone unrecognized. Imagine, for instance, that a person’s medical file contains a piece of paper with the results from his blood test, but his doctor removes the paper and places it in a blank file. If we subsequently obtained access to this person’s medical file, without the test results, we would describe the situation using the concept of privacy: We would say “the privacy of the person is protected,” or “the associated information is private.” If, on the other hand, we obtained access to the test results, without the medical file, we would describe the situation using the concept of anonymity: We would say “the anonymity of the test results is protected,” or “the associated person is anonymous.”
What this example illustrates is two basic points about anonymity and privacy that have been misunderstood. The first is a point about their substantive difference. Although both anonymity and privacy prevent others from gaining access to a piece of personal information, they do so in opposite ways: Privacy involves hiding the information, whereas anonymity involves hiding what makes it personal. The second point is about their formal relationship. Anonymity and privacy have the same causal origin and thus are flip sides of each other: They describe opposite sides of a single underlying event.
This account of the nature of anonymity, when combined with the insight that Katz and its progeny adopt a purely epistemic conception of privacy, has significant legal implications. As identified in the final Section of Part II, it reveals strong substantive and formal reasons for reading the Fourth Amendment to protect not only reasonable expectations of privacy, but also “reasonable expectations of anonymity.”
It is perhaps worth highlighting here that this is not a normative argument about what our constitutional law should be, but rather a legal argument about the best way to interpret the Fourth Amendment precedents that we have. Thus, I do not question whether Katz and its progeny provide the best interpretation of the text of the Fourth Amendment, but rather make a claim about the best reading of this case law, accepting that it provides a controlling reading of the text. Further, and relatedly, I do not question the premise that the Fourth Amendment does not prohibit the government from collecting personal information that has been knowingly exposed to the public, but rather show that this premise does not support the conclusions reached by courts in many of the public exposure cases—that the logic of the public exposure doctrine imposes limits that have not been recognized. This is not to say, however, that my argument is at odds with those of scholars who argue for more radical revisions of Fourth Amendment jurisprudence on normative grounds. Rather, a normative approach might reach the same conclusions on many issues, as will become clear in Part III.
The practical payoff of incorporating the concept of “reasonable expectations of anonymity” into Fourth Amendment jurisprudence is the focus of Part III, which identifies two general dimensions in which it yields significant insights. The first dimension is analytic, where thinking in terms of anonymity identifies otherwise-unrecognizable ways in which many new techniques of big data implicate the Fourth Amendment. This is demonstrated by reference to the question of whether two new techniques of data aggregation and analysis can constitute Fourth Amendment searches. One is a form of genetic identification known as “familial searching,” in which a criminal DNA database is used to identify persons who do not meet the legal criteria for inclusion, but happen to be related to people who do. The other is the use of tools such as biometric-equipped video cameras, GPS, and the metadata from cell phone calls to conduct long-term locational tracking of people’s movements in public.
Both of these techniques have faced significant criticism in the privacy scholarship, and there is language in judicial opinions questioning their legitimacy, but neither the literature nor the judicial opinions have offered a strong legal argument for how they can constitute Fourth Amendment searches. The reason for this is that the constitutional problem cannot be sufficiently explained in terms of privacy.
What is needed is the concept of reasonable expectations of anonymity, which not only reveals the Fourth Amendment interests that are violated by these specific techniques, but also provides a meaningful standard that can be used more generally to determine when data aggregation implicates the Fourth Amendment and when it does not. In these ways, the concept helps solve difficult puzzles left open by the concurring opinions in United States v. Jones.
In addition to providing the analytic power necessary to understand the unconstitutionality of many new techniques of big data, the incorporation of anonymity into Fourth Amendment jurisprudence will help deliver on the unfulfilled promise of the Supreme Court’s teaching that the Fourth Amendment is meant to protect “people, not places.” There are two central ways in which it does so, as the final Section of Part III demonstrates.
The first is by revealing that the structural features of the world that are capable of protecting Fourth Amendment interests are far more complex and expansive than the Supreme Court has recognized. Although the Court has moved beyond a property-based conception of Fourth Amendment interests, the only structural features of the world that the Court has recognized as protecting these interests are those that protect the “privacy” side of secrecy: Homes, car trunks, envelopes, and other containers all hide facts about a person whose identity might be known. Yet the structures that are capable of maintaining the secrecy of “personal information” are not limited to those that hide the piece of information. Rather, as this Article makes clear, they can also include structures that hide what makes that information personal or, in other words, structures that make it anonymous. For example, the size of a city, the layout of its streets, and the presence of crowds can all contribute to making someone’s public actions anonymous. By uncovering the legal significance of these structures, attention to anonymity opens up new types of public spaces to the Fourth Amendment’s protections.
The second and related way in which attention to anonymity can help deliver on the promise of the Fourth Amendment is by expanding the sources of law and norms that can provide the basis for its protections. Although property law is often cited as the quintessential enabling source of law for reasonable expectations of privacy, reasonable expectations of anonymity may be created by sources of law ranging from whistle-blowing statutes and agency law to copyright and the First Amendment, all of which protect anonymity rights. In the First Amendment context, for example, the Supreme Court has held that “an author’s decision to remain anonymous . . . is an aspect of . . . freedom of speech.” Thus, an anonymity-based understanding of Fourth Amendment claims could ground them in new legal and normative foundations, including other constitutionally protected liberties.
Further, these two lessons—along with the other insights of this Article—are not only applicable to the Fourth Amendment. Rather, as suggested in the Conclusion, they are relevant to the many other sources of law that provide legal protection to reasonable expectations of privacy. Across all of these domains, attention to the distinct concept of anonymity can reveal important and viable interests in the secrecy of personal information that have gone unrecognized, clarify new ways in which these interests are being threatened, and provide insights into how they can be better protected by our courts and our law.