Representing Clients Since 1983
Call Our Firm Today 419.625.1234

How do I keep my GPS Data from my cell phone private?

November 24, 2018

By Kenneth R. Bailey, OACDL Immediate Past President and Technology Chair

Republished from the Ohio Association of Criminal Defense Lawyers' publication, The Vindicator.

I previously wrote in January of 2018, anticipating the Court’s holding in Carpenter v. United States. Good news – the Court ruled on the case, and the Court clarified the expectation of privacy covers cell phone GPS location.

1.00. The Court’s Holding and Rationale on GPS Location Data.

In June of 2018, the U.S. Supreme Court voted to protect the Accused’s privacy rights with respect to their cell phone GPS location.Carpenter v. United States, 138 S. Ct. 2206 (2018). The Court’s decision overturned the Sixth Circuit’s decision.

Carpenter’s cell phone’s GPS location was stored by the cell phone provider about every fifteen minutes. The cell phone’s GPS location data is referenced in case law as Cell-Site Location Information (“CSLI”).

The Court’s decision helped to identify the difference between a person’s expectation of privacy in data turned over to a third party (i.e. a bank), which has been extended to cover the records of dialed phone numbers on a cell phone. United States v. Miller, 425 U.S. 435 (no expectation of privacy in financial records held by a bank), and Smith v. Maryland, 442 U.S. 735 (no expectation of privacy in records of phone numbers dialed).

The Court’s analysis seems to turn upon the fact the CSLI / GPS data exists (1) by operation of just possessing a cell phone, and (2) it requires no affirmative act by the cell phone’s owner.
Although the cell phone’s GPS data is voluntarily turned over to a third-party, the U.S. Supreme Court recognized an exception to the third-party holder doctrine. Of course, the Court reserved that it may find a further exception due to exigent circumstances.

The ripe areas for future arguments and extension of the Carpenter case will be those which closely align with the two foregoing principles – what else does your phone do without effort? And, what else might occur just by possession of the phone?

2.00. Extending the Court’s ruling and battleground.

The most simplistic extension of the Court’s holding will be to similar locational data (i.e. CSLI) stored by applications like FindFriends and including some social media applications, such as SnapChat, which allows the sharing of locational data with friends.

The battleground for Defense Lawyers is now data possessed by applications such as SnapChat, which by their advertised design makes photographs and communications very temporary and then expunged (however, without the user’s knowledge or intent are actually preserved by the SnapChat company). The SnapChat application also notifies the content’s creator if the recipient screenshots the message. (Note: there are applications to circumvent such notification). This application is clearly designed to increase the expectation of privacy in a user.

Instagram has a function similar to SnapChat wherein private messages can be sent between two users. Those messages have a time limitation after which they expire and are no longer available to the recipient, again expressing a greater expectation of privacy in the user.

Another battleground for defense lawyers will be applications such as one called Signal, which is used for sending encrypted text-messages between individuals. The question with encrypted message programs becomes does that entitle the user to a greater expectation of privacy than a traditional text message? I believe it does.

I encourage motions to suppress, motions in limine, and objections when such data is sought to be acquired and/or sought to be introduced as evidence in your current cases, as only time will tell how the foregoing will be resolved, as even in Carpenter, the Court declined to express a rigid rubric but encouraged a thoughtful analysis.

3.00. Client advice.

As for client advice (and advice to attorneys), please continue to advise your clients to turn off location sharing data and reject application’s and website’s requests for location data.
It seems it’s currently best to advise your clients to own and use iPhones, too. Apple continues to be on the forefront of encryption and data protection. The iPad’s and iPhone’s new iOS 12 has an option for the user to deactivate the data port, if the phone has not been unlocked in the last hour. The data port was how law enforcement would gain access to the phone using a USB device such as a GrayKey box or Cellebrite.

On the new iPhone, the steps for deactivating the USB access are as follows:
1. Go to “Settings”;
2. Go to “Touch ID & Passcode”; then
3. Turn the selector switch off for “USB Accessories”.

*Note: If there is a warrant out for your arrest, or you are aware the government is already looking for you, then you should immediately contact legal counsel. Use of the above to avoid apprehension may result in additional charges being filed against you.

What Sets Our Team Apart?

Serving Ohioans for Over 35 Years Full-Service Law Firm Free Criminal & Personal Injury Case Consultations Proven Strategies that Lead to Successful Results

The information on this website is for general information purposes only. Nothing on this site should be taken as legal advice for any individual case or situation. This information is not intended to create, and receipt or viewing does not constitute, an attorney-client relationship.

© 2020 All Rights Reserved.