With Apple’s new mobile operating system scheduled for release on Monday, it will be harder for the authorities to snoop around in confidential information on Apple devices. I’m thrilled. That’s partly because I’m an Apple user and I have all sorts of information that I am ethically required to keep secret. But mostly it’s because the government has become much too willing to snoop, and I want that to stop.
The right against unreasonable searches and seizures is protected by the Fourth Amendment to the United States Constitution and Article I, section 9 of the Oregon Constitution. That means that the police can’t enter your house and snoop around without a warrant or one of the few and well-defined exceptions to the warrant requirement.
But the courts have mostly decided that if you entrust your private data to someone else, it’s not private any more. So, the police can get information from your bank, your doctor, or your internet service provider without a warrant and without your knowledge.
In my view, that’s wrong. Obtaining my private medical records without a warrant strikes me as an “unreasonable” search, which is the core protection in the Fourth Amendment. Lots of private stuff comes from or goes to third parties; I expect my doctor and my bank to keep things private, and, for the most part, they are legally required to do so.
Most of the law about unreasonable searches and seizures comes from criminal procedure. If the police search the defendant’s stuff illegally, that evidence usually cannot be used against the defendant. That rule shows up a lot on police shows, and it occasionally leads to a media frenzy about a criminal being released on a technicality. But it doesn’t happen all that often, and, more importantly, focusing on criminal procedure misses the point. I don’t want the police to look through my car during a traffic stop. I don’t have anything interesting there, but I don’t want to go through the hassle and embarrassment. And it’s even more important to me to keep them out of the stuff on my computer: my finances, client documents, e-mails to my wife. If the police can get a warrant, that’s one thing. But the police can only get a warrant by convincing a judge that there is a good reason (“probable cause”) to believe that they will find evidence.
That helps, some, if the police are investigating a crime. But if they aren’t planning to use evidence against me, there isn’t much I can do if they have snooped. If I know (and there’s no guarantee that I would know), there’s still nothing to do. Excluding evidence in a criminal case is the system’s standard response, and it’s no good if there isn’t a criminal case. In theory one could sue, maybe, but I can’t imagine a jury actually awarding money for police snooping.
Because the police, and the NSA, and the courts, have done a poor job protecting private information, it means that those of us who care about our privacy have to do more to protect it ourselves. Keeping our private computer data encrypted is part of that task. I’d be happier if the government respected my privacy, but it wouldn’t make all that much difference, because protecting my privacy from the government and protecting it from thieves require me to do the same things. It’s not enough for Apple (Blue Cross, USBank, whoever) to promise to keep my information secret; it’s a lot better if they just don’t have control over it.
