The privacy of emails, photos stored in the cloud, even heart rate history from a smartwatch could be at stake, according to civil libertarians, as the Supreme Court takes up a potential blockbuster case after Thanksgiving.

When they return to the bench after the holiday, the justices will weigh whether the history of cellphone locations stored by a phone service provider is searchable without a warrant.

The case, Carpenter v. U.S., centers on Timothy Carpenter, who argues the government violated his Fourth Amendment protection against unreasonable search and seizure when it obtained his cellphone location records from MetroPCS and Sprint without a warrant. Authorities then used that data as trial evidence to convict him of a string of robberies at Radio Shack and T-Mobile stores in Michigan and Ohio from December 2010 to March 2011.

ADVERTISEMENT

The government argues that it was well within its rights under the Stored Communications Act of 1986 to get a court order for the records. The law allows this type of data to be searched if the government can show reasonable grounds to believe it will be relevant to a criminal investigation.

To obtain a warrant, law enforcement officers, however, must show there is probable cause.

But beyond the law, the government is arguing that Carpenter lacks a legitimate expectation of privacy because he voluntarily turned his location information over to a third party when he signed up for cell service. It’s a legal theory known as the third-party doctrine.

“Petitioner lacks any subjective expectation of privacy in phone-company records of historical cell-site data because they are business records that MetroPCS and Sprint create for their own purposes,” acting Solicitor General Noel Francisco, acting Assistant Attorney General Kenneth Blanco and Department of Justice Attorney Jenny Ellickson argued in a court brief.

American Civil Liberties Union (ACLU) staff attorney Nathan Freed Wessler, who's representing Carpenter, called the implications of that argument “stunning.”

“If the government’s position wins, it would imperil the search queries people enter into Google or WebMD, our complete browsing histories showing everything we read online, the heart rate data from a smartwatch saved by Apple, a person’s whole life in photos uploaded to the cloud and so much more,” he said.

“In the 21st century we really can’t go about our daily lives without creating these pervasive, highly sensitive digital records held by companies we interact with,” he said.

The ACLU also argues the government is relying on an outdated law.

Though it was updated in part in 1994, Wessler said the Stored Communications Act really hasn’t been touched since 1986. At that time there were only 1,000 cell sites in the U.S. and less than half of one percent of Americans had a cellphone. Today, he said more than 300,000 cell sites exist and 95 percent of Americans have cellphones.

But the government argues that cellphone location information isn’t personal.

“As explained, the historical cell-site records obtained in this case revealed only that petitioner (or someone using his phone) was in ‘a 3.5-million-square-foot to 100-million-square-foot area’ when placing or receiving a call,” the Department of Justice attorneys argued in their brief.

“The records did not (and could not) reveal any information stored on petitioner’s phone or permit law-enforcement officers to learn the sort of detailed personal facts,” they wrote.

In a friend of the court brief filed in support of the government, the National District Attorneys Association warned the court against eviscerating the third-party doctrine.

“To do so would preclude [Securities and Exchange Commission] and IRS summonses for financial information necessary for their functioning and would bring a halt to countless state prosecutions dependent upon review of third-party records, including public corruption, identity theft, insurance fraud and stalking,” the group wrote.

In Carpenter’s case, the government was given 127 days worth of his location data from MetroPCS and seven days worth from Sprint in early March when Carpenter’s phone was connecting to a Sprint cellular tower in Ohio as part of a roaming agreement between the two companies.

Police obtained 12,898 location points — one for the start and end of each call he made. But since the start of this case, Wessler said data usage has ballooned, forcing service carriers to erect more cell towers that are closer together, which makes data locations more precise.

And since 2010 and 2011 when Carpenter's data was collected, he said providers have started saving location information for text messages and data connections in addition to calls, even when a phone is sitting in a bag or pocket and checking for emails or weather updates.

Wessler said the ACLU acknowledges that police should be able to obtain some of this information within limits.

“Our position is that people have a reasonable expectation that police won’t be able to create a map of longer term locations,” he said. “That’s a power police have never had — to be able to assemble days, weeks, months worth of where people have gone.”

Where the line should be drawn between short-term data that’s accessible without a warrant and long-term that requires one, Wessler said is for the courts to decide.

Wessler said if justices need a cutoff point between short-term and long-term data, he suggests a 24-hour period.

Oral arguments in the case will be held on Wednesday.