13 comments

[ 2.5 ms ] story [ 43.2 ms ] thread
Surprised this haven't been removed by Wikipedia. Articles with more details and references are deleted daily.
I agree that the article is a bit thin, but I believe this one is useful for public knowledge, and has its place on Wikipedia. I guess it only needs to be edited to add more information if any are available publicly ?
This is really only a thing because of the third-party doctrine:

> The third-party doctrine is a United States legal doctrine that holds that people who voluntarily give information to third parties—such as banks, phone companies, internet service providers (ISPs), and e-mail servers—have "no reasonable expectation of privacy" in that information. A lack of privacy protection allows the United States government to obtain information from third parties without a legal warrant and without otherwise complying with the Fourth Amendment prohibition against search and seizure without probable cause and a judicial search warrant.

> The [United States Supreme Court] affirmed that "a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties."

What is the rationale behind the third party doctrine?
Likely it exists for reasons of law enforcement and/or corporate data hunger, framed as policies promoting aspects of "safety" and/or "efficiency of the market".
It makes less sense in the day of computers and the internet, but I think the reasoning seems to be that law enforcement asking someone that you voluntarily gave information to, for that information, is not a search of you or your property in the 4th amendment sense. So if the that someone gives that info to law enforcement, there's nothing you can really do to claim they got that info by unreasonably violating your privacy.

Or, to put it another way, the government needs a warrant to prove searching through your stuff is justified, but you cannot compel others to keep information private on your behalf, or have it count as your information instead of theirs, if they do disclose it.

This made more sense before computers because, by and large, the primary way for third parties to get information that would be considered private would be through voluntary, and considered, action on your part. e.g. your bank holds your banking records to facilitate your banking actions, or you tell the phone company a phone number so that they can connect you. Law enforcement can then ask the bank for your bank records, and the phone company for the numbers you've dialed. It's not searching you per se, but is rather what the third party has learned from interacting with you.

Today however, thanks to the internet, computers, and cellphones, we practically hemorrhage information into the wider world more or less non-stop with only the barest awareness we are doing so.

The legal precedent come from a time before digital records and generally available encryption so it was largely true that you didn't have a general expectation that papers in the hands of third parties would be private to you, inherently they possessors would have knowledge of what was on those documents. Beyond that it just hasn't really been revisited in depth since the advent of generally available encryption and the internet. Some states have actually passed laws extending the 4th amendment warrant protections to information held by 3rd parties though.
But also from Wikipedia: In Carpenter v. United States (2018), the Supreme Court ruled warrants are needed for gathering cell phone tracking information.
i’m a bit confused: why is it third party? would it not be second party that you’re in some kind of data-sharing relationship/agreement?

edit: i might just be using english wrong lol

It’s stored communications data held by a third party to the communication. In the case of email, you have sender, receiver, and Gmail. In the case of SMS, you have sender, receiver, and Verizon.
How do you request what personal data of yours Google is storing in Sensorvault? Separately, is there a process to request that data be deleted short of deleting your entire Google Account?
The location data in sensorvault is indexed by sensor ID, not google account ID, thus the name. Originally, the purpose of the database was to improve WiFi geolocation, as a replacement for skyhook 3rd party service to Google.