In May 2013, when an investigator called local firefighter paramedic Ryan Pyle down to police headquarters in Cottonwood Heights, Utah, Pyle guessed it had something to do with the morphine.

Fire crews had recently discovered that drug vials had been tampered with at several different stations, the morphine removed and replaced with some other liquid. The find prompted a police investigation of all 28 Unified Fire Authority fire stations and the replacement of every narcotic stored in them, according to Jeremy Robertson, president of fire union local #1696.

But Pyle hadn’t worked at the specific stations under investigation. What could he add?

“Do you know why you’re here?” a police officer asked Pyle when he arrived.

“I wish I did, but I don’t,” Pyle said.

The officer explained that, during the investigation of the morphine theft, Pyle’s personal prescription drug records had been pulled from Utah’s Controlled Substances Database. Pyle was being accused not of stealing morphine but of prescription drug fraud. The allegation doesn't necessarily involve selling pills; instead, authorities believed that Pyle had visited multiple doctors in order to obtain narcotics.

But the detective investigating the case had pulled far more than Pyle’s records; he had actually pulled the prescription records of all 480 employees of the local fire authority, sifting through the sensitive health information of firefighters, paramedics, and clerical staff, according to the American Civil Liberties Union (ACLU). Such prescription information could reveal whether the workers had anxiety disorders, chronic pain, insomnia, or AIDS. It could reveal if an individual identified as transgender or suffered from Attention Deficit Hyperactivity Disorder.

As in 48 other states and the District of Columbia—Missouri being the only exception—Utah collects prescription drug information in a statewide electronic database so that healthcare providers can track what medications their patients use and ensure that they aren’t doctor shopping. However, unlike in many of the other states, Utah doesn’t require warrants before investigators can access this information. According to court documents, the search merely needs to be linked somehow to an open investigation within the officer's jurisdiction.

In Pyle’s case, there was no evidence to suggest he had anything to do with the morphine theft that sparked the investigation. While looking through his prescription history, however, the detective felt that something wasn’t right. Pyle had been prescribed short-acting and long-acting opiate-based painkillers for years after being diagnosed with an inoperable mid-back disc herniation from a dirt-bike accident.

“When I found out what was happening I left immediately,” Pyle said in a recent interview. He called his wife, a physician assistant with access to the same database. He urged her to look up his history.

“I can’t,” Tiffany Pyle told him. “You’re not a patient of mine. It would be illegal.”

Throughout the summer of 2013, the Pyles didn’t hear much about the investigation. They tried to go on as usual but found normal life difficult.

“I was petrified; I had no idea what was going on,” Pyle said.

Just as the investigation began, a boy named Tristan had been placed in the Pyle home for a six-month trial period. The family was working to finalize his adoption with a private agency; the Pyles were also in the process of adopting Tristan’s younger brother.

“If they caught any wind of this they would have come and taken him,” Tiffany Pyle said.

Pyle can talk matter-of-factly now about his own case. But when he talks about how it could have affected the adoption of his two young sons, his voice cracks. “If I was convicted of anything, we would have lost these two little kids, and that’s just horrible—that was the worst part,” he said. “My job was important and I care about what I do; I’ve dedicated my whole life to helping people, but losing these kids, that was the big stuff, the real important stuff.”

Eventually, Pyle heard from the Salt Lake County Attorney’s Office. His case had been screened and declined for prosecution.

“We thought we were done,” Tiffany Pyle said, and she and Ryan turned their attention to problems with Tristan’s private adoption agency. On Monday, October 28, 2013—six months after Pyle's visit to police headquarters—the family finalized the adoption of their oldest son.

Four days later, the Utah Attorney General charged Ryan Pyle with prescription drug fraud.

Magnetic tape to keystrokes

How can the police have such broad powers to comb through a prescription drug database? Their right to do so goes back to a legal doctrine developed in the 1970s by two seminal Supreme Court cases. The first, United States v. Miller, considered the issue of whether or not a legitimate expectation of privacy existed between a person and his bank with respect to checks and deposit slips. The court said that it did not—thus making it far easier for government investigators to get the information.

“The depositor takes the risk, in revealing his affairs to another, that the information will be conveyed by that person to the Government,” wrote Justice Powell. “The Fourth Amendment does not prohibit the obtaining of information revealed to a third party and conveyed by him to Government authorities.”

Three years later, the Supreme Court once again dealt with an individual’s privacy rights when he or she hands over information to a third party. In Smith v. Maryland, Michael Lee Smith had been convicted of robbery. To gather evidence against him, police obtained his call record information from the telephone company without a warrant. Smith argued he had a legitimate expectation of privacy in the numbers he dialed on his phone and that a warrant was required.

“This claim must be rejected,” wrote Justice Blackmun. “First, we doubt that people in general entertain any actual expectation of privacy in the numbers they dial.” He added that, since telephone users reveal phone numbers to the telephone company in the process of dialing, they are aware that a permanent record could be kept. Secondly, relying on Miller, Blackmun reiterated that “this Court consistently has held that a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties.”

Together, Miller and Smith form the basis for what is now known as the “third-party doctrine.” In its simplest form, the doctrine says that whenever someone hands over a private piece of information to a third party for a specific purpose, the Fourth Amendment doesn’t protect her from a warrantless search of this information by authorities since she has already given up her privacy interest in the information by sharing it.

The doctrine “has been problematic throughout the years, and with every passing year the problems get more and more stark,” said Nathan Wessler, a staff attorney at the American Civil Liberties Union who is litigating a prescription drug database case in Oregon. Nearly everything we do online reveals information to a third party, from e-mail stored in the cloud to photo sharing to instant messaging to browsing the Web to geolocation.

“It’s totally clear that this doctrine has no place today in the digital age,” Wessler added. “It’s really impossible to participate in modern life, in social life, in work and business, to get medical care and legal advice without using digital technology and leaving behind a trail and digital bread crumbs.”

Greg Nojeim agrees. He’s a senior counsel at the Center for Democracy and Technology and the director of its Freedom, Security, and Technology Project. In a recent interview, he explained how metadata, or “non-content information,” has changed throughout the years. Historically, the information it divulged was limited to the parties and dates on a check or the numbers dialed from a rotary phone, but now it can reveal far more sensitive details.

Metadata “is now a much richer source of information—sometimes even more rich than the content of the communications itself, so there’s the ability to draw intelligence and meaning from metadata and other, non-content information,” he explained. As this ability increases, “so should the privacy protection that attend that data.”

The first prescription drug database dates back to 1972 in New York. The legislature passed a law requiring doctors and pharmacies to file a form with the state whenever they prescribed and dispensed what were classified as “potentially harmful drugs.” The law was fought by a group of doctors and patients in an oft-cited Supreme Court judgment, Whalen v. Roe. They lost.

But technology changes faster than law. In 1972, the New York prescription drug “database” was a room at the Department of Health in Albany. Each month, 100,000 carbon copies of prescription forms were delivered there, where they were sorted, coded, and logged. The information was recorded on magnetic tapes and run through a computer program, looking for anomalies. The forms and the tapes were kept in a vault and destroyed after five years; the whole setup was protected by a wire fence and an alarm system.

When the case was decided by the Supreme Court in 1977, only 17 Department of Health employees had access to the files. Another 24 investigators could look into cases of over-dispensing if they were identified by the computer. The database wasn’t heavily used for investigations. In the 20 months after the law was enacted, only two investigations alleging overuse by specific patients were undertaken.

Wessler says the Whalen case illustrates how far the technology has come. Now, “with a couple of keystrokes somebody can access all the records of everyone in the state.”