Are All Americans Deserving of Equal Privacy Rights in the Age of the Internet of Things?

By: Colin Nardone

I. Introduction

In this modern technology age, do we really have a right to privacy? Practically everything we do, whether it is checking the weather, changing our thermostat, or using an internet connected home security system, is tracked by some company online. These companies compile these vast amounts of data, and often sell them to the highest bidder. Sometimes, even the police gain access to this data in order to solve crimes. Does the Constitution have any meaning in this kind of hyper-connected world?

The Fourth amendment provides “[t]he right of the people to be secure in their person, houses, papers, and effects, against unreasonable searches and seizures,” but is there anything left to these words to provide that security for individuals, especially those most impoverished in our country?[1] Within the last few decades, the Supreme Court has generally recognized a right to privacy under the Fourth Amendment in specific contexts where technology is involved.[2] But does this same right extend equally to all Americans including those who live in public housing across the United States?

II. Background

Public housing shelters rent to low-and very low-income tenants at significantly reduced rents, often in government owned buildings.[3] In 2014, the federal government provided about 50 billion dollars in housing assistance specifically designated for low income households.[4] Funds appropriated to the United States Department of Housing and Urban Development (“HUD”) are formulaically allocated to local public housing authorities (“PHAs”) to establish, maintain, and operate public housing developments.[5] The government often acts as the landlord in these public housing arrangements.[6] The number of Americans living in public housing is not insignificant; as of 2008, over two million Americans live in public housing.[7] Many of these public housing developments are being renovated and remolded, increasing the likelihood that they contain some newer smart home technology. These types of devices have become commonplace as they become cheaper and more accessible to Americans across all income levels[8].

As residents in public housing, tenants are subject to restrictions that Americans living in private housing would otherwise not be subject to.[9] These restrictions arguably diminish a public housing tenant’s rights and privacy in a number of different areas.[10] These include restrictions that PHAs implement such as requirements that individuals share extensive financial background information with a PHA on a regular basis to verify their income and remain eligible for public housing.[11]

Recently, a proliferation of smart internet connected devices have flooded the consumer technology market.[12] These devices, which have been placed under the broad umbrella of the “Internet of Things,” (“IOTs”) are a set of devices that connect to and send or receive data via the internet.[13] The devices generally fall in a uncommon category.[14] Some examples include smart meters that measure home energy use, refrigerators that can report back on maintenance needs or specific grocery needs, and monitors that record blood sugar results and communicate via Bluetooth to a connected insulin pump.[15]

The devices generate large sets of sensor-based data, which can be aggregated and analyzed “to generate observations concerning the world around us and to improve products and services in healthcare, energy, and transportation and consumer industries.”[16]

III. Analysis

Given the fact that residents in public housing already have diminished interests and privacy rights, should the government have a right of access to the information and data gathered by smart home devices that are integrated into public housing units? One argument that could be made by the government involves using the Fourth Amendment’s so called “Third-Party Doctrine”, a vehicle to access this information without a warrant.

The Fourth Amendment is broad in scope but has certain well-established exceptions.[17] Generally, when the Fourth Amendment does apply, a warrant supported by probable cause is required to complete a search or a seizure.[18] However, there are many instances where there is not a “search” or “seizure” as defined by Fourth Amendment jurisprudence, and therefore the protections of the Fourth Amendment no longer apply.[19]

Traditionally, the Supreme Court has narrowly interpreted what constitutes a “search” or a “seizure” under the Fourth Amendment.[20] The Court in Olmstead v. United States held that the Fourth Amendment’s scope should be interpreted narrowly, holding that there must be an official search and seizure of a person, papers, material effects, or home.[21] The Court quickly realized after Olmstead was decided that such narrow view was insufficient to protect the privacy rights of American citizens from government overreach.[22]

One of the most important doctrines to come out of the Supreme Court’s decision in Katz was one articulated by Justice Harlan in his concurring opinion known as the reasonable expectation of privacy doctrine.[23] In his concurrence, Justice Harlan wrote that a person has a reasonable expectation of privacy in a place where one is alone (like a telephone booth), but not in an area exposed to the public (like an open field).[24] However, just because an area is exposed to the public does not mean that a person cannot have a reasonable expectation of privacy in that space.[25] The “space” at issue in this case was a telephone booth.[26] Justice Harlan reasoned that such a space, although exposed to the public in the sense that the telephone booth itself is in a public area, is still a space where one can have a reasonable expectation of privacy.[27] Going forward, the Court adopted Justice Harlan’s test for determining whether a search is reasonable, analyzing the totality of the circumstances in each given situation.[28]

The so called third-party doctrine seems to come in direct conflict with the Supreme Court’s notions about the importance of the home.[29] It establishes “that information lawfully held by many third parties is treated differently from information held by the suspect himself.”[30] This information can be obtained “by subpoenaing the third party, by securing the third party’s consent or by any other means of legal discovery.”[31] The third party actor includes “any non-governmental institution or entity established by law.”[32]

The two leading Supreme Court cases that discuss the third-party doctrine are United States v. Miller and Smith v. Maryland.[33] The defendant in Miller was charged with defrauding the United States of tax revenue and other related charges.[34] Before the trial began, the defendant attempted to suppress checks and other bank records obtained via subpoenas served upon two banks where the defendant maintained accounts.[35] The Court upheld the District Court’s ruling denying the defendant’s motion to suppress because there was no intrusion into any area in which the defendant had a protected Fourth Amendment interest.[36] In its decision, the Court noted that the defendant had no ownership or possession of the bank records, but that they were instead business records that were the property of the bank.[37] Because the defendant voluntarily gave the bank the information contained in the records, the Court ruled he had no “expectation of privacy” in those documents.[38] In explaining its decision, the Court reasoned that an individual assumes the risk that information shared with others could be conveyed to the government, “even if that information was revealed on the assumption that it will be used only for a limited purpose and the confidence placed in the third party will not be betrayed.”[39]

This doctrine was expanded further by the Court in Smith v. Maryland, where a victim of a robbery was receiving telephone calls from a man claiming to be the robber.[40] In an effort to discover who was placing the calls, the telephone company, at the request of the police, installed a pen register at its central offices which recorded the numbers dialed from the telephone at the defendant’s house.[41] The police did not obtain a search warrant or court order to install the device; instead, they used the information collected from the device to obtain a search warrant for the defendant’s home, where they found evidence implicating the defendant in the robbery.[42] Once again, the Supreme Court ruled that the defendant had no “legitimate expectation of privacy” in the numbers he dialed on his telephone.[43]

More recently, the Court placed limitations on the scope of the third-party doctrine. In Carpenter v. United States, the Court held that the doctrine does not apply in the context of cellphones.[44] Carpenter involved a challenge to the federal government’s ability to obtain a defendant’s cellphone location information over a 127-day period from the defendant’s wireless carrier without a warrant.[45] Before Carpenter was decided, courts have traditionally not considered obtaining this kind of information a “search” under the Fourth Amendment, on third-party doctrine grounds.[46] Therefore, no warrant was usually required by the government to obtain this information.[47]

Carpenter dramatically changed this dynamic. The Court limited the third-party doctrine and held that a warrant is required “where a suspect has a legitimate privacy interest in records held by a third party.”[48] While the Court did not go as far as to clarify exactly what constitutes a “legitimate privacy interest” in these types of situations, the Court did find that accessing the location data captured and sent to wireless carriers from a person’s cellphone does constitute a “search” under the Fourth Amendment.[49] The Court rested this determination on the unique nature of the data at issue; amassing the location data of a person’s cellphone gives the government the ability to paint a picture of a person’s life, revealing “familial, political, religious, and sexual associations.”[50] The Court, however, took a much less drastic approach than completely disposing of the third-party doctrine; instead, the Court explicitly carved out this exception to the doctrine in the context of cellphones.[51]

As discussed previously, an immense amount of personal information has been collected, stored, and analyzed by both governments and companies in the private sector.[52] The federal government’s agencies “maintain almost 2000 databases, including records pertaining to immigration, bankruptcy, Social Security, military records, as well as countless other matters . . . . States maintain public records of arrest, births, criminal proceedings, marriages, divorces, property ownership, voter registration, workers compensation, and scores of other types of records . . .”[53] This vast amount of information stored by federal, state, and local governments does not even begin to encompass the vast amount of data that private companies collect and store about American citizens, increasingly from devices connected to the IOTs.

IV. Recommendation

Many have asserted, then, that data collected and aggregated by companies, and later mined and manipulated by the government, involves no Fourth Amendment activity on the part of the government. Indeed, many have argued that “it is far from apparent that the aggregation or mining of data involves any Fourth Amendment activity­ – more particularly, that such collection or manipulation of data available to the government can be said to constitute a “search” within the meaning of the [Fourth] Amendment.”[54] This logic seems to naturally flow from the Court’s decisions in Smith, Miller, and Carpenter. The Supreme Court’s jurisprudence in this area seems to support the idea that when “information maintained by third parties is exposed to others is not private, and therefore not protected by the Fourth Amendment.”[55]

Some may point to the Court’s decision in Carpenter and argue that the Court’s holding should be expanded beyond the context of location data collected from cellphones by wireless providers. The Court, however, explicitly carved out a narrow exception to the third-party doctrine in its holding.[56] Until the Supreme Court revisits its holding in Carpenter, the data collected by devices under the umbrella of IOTs are likely not protected by the Fourth Amendment because the access of this information is not considered a “search” or “seizure” under the terms of the Fourth Amendment, and therefore it does not deserve the Amendment’s protections.

In the context of public housing, the argument that these citizens somehow deserve lesser Fourth Amendment protections than citizens living in private housing must be rejected. Despite the fact that public housing residents have diminished rights and a lessened expectation of privacy in some areas because they live in government owned or subsidized apartment units, this should not mean that these residents give up all of their privacy rights.[57] This is especially true in regards to data that may be collected by the growing number of internet connected devices that comprise of IOTs.[58] Although some may argue that the third-party doctrine of the Fourth Amendment should be expanded to allow the government to have access to this information without a warrant, this should not be the case.[59] The Supreme Court has already signaled that there is a legitimate expectation of privacy in the data collected by third party internet service providers and other digital companies that is stored in the cloud.[60] The Court should expand this line of jurisprudence to guarantee the privacy rights of those living in subsidized housing, protecting the interests of these vulnerable groups of residents. Allowing the government to access this information at will would constitute a substantial overreach into the day to day lives of these individuals and families, who already find themselves in vulnerable situations economically, socially, and politically.


[1] U.S. Const. amend. IV.

[2] See United States v. Jones, 565 U.S. 400 (2012) (showing that the installation of a GPS tracking device on a vehicle was a search under the Fourth Amendment); Kyllo v. United States, 533 U.S. 27 (2001) (emphasizing that the warrantless use of thermal imaging device to measure heat emanating from home is unlawful search); Riley v. California, 573 U.S. 373 (2014) (emphasizing that a cell phone “collects in one place many distinct types of information…that reveal much more in combination than any isolated record.”).

[3] 42 U.S.C. § 1437a (2018).

[4] Natalie Tawil, Cong. Budget Office, 50782, Federal Housing Assistance for Low-Income Households 1 (2015), www.cbo.gov/publications/50782.

[5] Id.

[6] Jamie L. Wershbale, The Second Amendment Under a Government Landlord: Is There a Right to Keep and Bear Legal Firearms in Public Housing?, 84 St. John’s L. Rev. 995, 996 (2010).

[7] Ctr. on Budget and Policy Priorities, Policy Basics: Introduction to Public Housing 1 (2008) [hereinafter Public Housing Policy], available at http://www.cbpp.org/files/policybasics-housing.pdf.

[8] See generally, Hillary Brill & Scott Jones, Little Things and Big Challenges: Information Privacy and the Internet of Things, 66 Am. U. L. Rev. 1183, 6 (2017) (showing the growing prevalence of internet connected devices in homes across the United States).

[9] See, e.g., Caitlin O’Kane, Smoking Banned in Public Housing Nationwide, Effective Today, CBS News (July 31, 2018, 11:48 AM), https://www.cbsnews.com/news/smoking-banned-in-public-housing-nationwide-effective-today-2018-07-31/ (showing HUD’s recent decision to ban smoking in or near all public housing facilities).

[10] See Ctr. on Budget and Policy Priorities, Policy Basics: Introduction to Public Housing 1 (2008), available at http://www.cbpp.org/files/policybasics-housing.pdf (showing that it is the public housing authority’s responsibility to collect program participant’s income and financial information to determine their eligibility).

[11] Id.

[12] Brill & Jones, supra note 8, at 5.

[13] Peter M. Lefkowitz, Making Sense of the Internet of Things, 58 Boston Bar J. 23, 23 (2015).

[14] Id.

[15] Id.

[16] Id. at 24.

[17] US Const. amend. IV.

[18] See generally Guide for Users, 40 Geo L. Rev. Crim. Pro. 1 (2011) (summarizing the Fourth Amendment and its various applications).

[19] Id.

[20] See, e.g., Olmstead v. United States, 277 U.S. 438, 466 (1928) (giving one example of a case where the Supreme Court held that the Fourth Amendment is not implicated unless there is a search of something physical).

[21] Id.

[22] Id.

[23] Katz v. United States, 389 U.S. 347, 361 (1967).

[24] Id. at 361.

[25] Id.

[26] Wikipedia, Telephone Booth, https://en.wikipedia.org/wiki/Telephone_booth (last visited March 21, 2019) (explaining what a telephone booth is).

[27] Katz v. United States, 389 U.S. 347, 361 (1967).

[28] Id.

[29] See generally Guide for Users, supra 18 (explaining 4th amendment treatise article on third party).

[30] Orin Kerr & Greg Nojeim, The Data Question: Should the Third-Party Records Doctrine be Revisited?, A.B.A. J. (Aug. 01, 2012), http://www.abajournal.com/magazine/article/the_data_question_should_the_third-party_records_doctrine_be_revisited/.

[31] Id.

[32] Michael W. Price, Rethinking Privacy: Fourth Amendment “Papers” and The Third-Party Doctrine, 8 J. Nat’l Security L. & Pol’y 247, 264 (2016).

[33] Kerr & Nojeim, supra note 30.

[34] United States v. Miller, 425 U.S. 435, 436 (1976).

[35] Id.

[36] Id. at 440.

[37] Id.

[38] Id. at 442.

[39] Id. at 443.

[40] Smith v. Maryland, 442 U.S. 735, 737 (1979).

[41] Id.

[42] Id.

[43] Id. at 745.

[44] Carpenter v. United States, 138 S. Ct. 2206 (2018).

[45] Id. at 221.

[46] Id.

[47] Id.

[48] Id. at 2222.

[49] Id. at 2223.

[50] Id. 2217.

[51] Id. at 2222.

[52] Daniel J. Solove, Privacy and Power: Computer Databases and Metaphors for Information Privacy, 53 Stan. L. Rev. 1393, 1402 (2001); see also Recent Development, 2016 U.Ill. J. L. Tech & Pol’y 89.

[53] Solove, supra note 52, at 1403.

[54] Wayne R. LaFave, Search & Seizure § 2.7 (e), 5th ed. 2018.

[55] Daniel J. Solove, Digital Dossiers and the Dissipation of Fourth Amendment Privacy, 75 S. Cal. L. Rev. 1083, 1087 (2002); see also Joseph T.Thai, Is Data Mining Ever a Search Under Justice Stevens’ Fourth Amendment?, 74 Fordham L. Rev. 1731 (2006).

[56] See Carpenter, 138 S. Ct. at 2222 (explicitly limits its holding to the context of cellphone location data collected and stored by wireless providers). It is also worth noting that Carpenter itself was a criminal case. In a quasi-criminal or civil proceeding, it could be argued that the government need not even obtain a warrant to access this kind of location data, or any data collected and stored by a third-party.

[57] See infra Sec. II (giving examples of public housing resident’s diminished privacy rights).

[58] Brill & Jones, supra note 8, at 5.

[59] See infra Sec. III (explaining the so called “third-party” doctrine within Fourth Amendment jurisprudence).

[60] See, e.g., Carpenter, 138 S. Ct. at 2206 (holding that cell phone location data stored by a wireless provider for a 127-day period could not be accessed by the government in a criminal case without a search warrant under the Fourth Amendment). The Supreme Court, however, explicitly limited this holding to the context of cell phones, as discussed in this note. Whether the doctrine in Carpenter will be expanded to include devices connected to the Internet of Things remains to be seen.