Digital privacy | Student Journal of Information Privacy Law

Put the Katz Back in the Bag: Restoring Privacy Rights in the Digital Age

Tommy Scherrer

The word “privacy” appears nowhere in the Constitution, yet the Supreme Court has recognized that a constitutional right to privacy emerges from certain “penumbras, formed by emanations” of guarantees in the Bill of Rights.[1] Of these guarantees, that of the Fourth Amendment provides the clearest architecture for a right to privacy by recognizing the individual citizen’s dominion over their “persons, houses, papers, and effects,” and requiring the government to justify any intrusion.[2] This article argues for a restoration of the American privacy regime to this original foundation: enforceable boundaries that empower individuals to control access to their lives.

I. Introduction

The Court complicated the foundations of American privacy rights in Katz v. United States when it reimagined privacy rights as a matter of “reasonable expectations.”[3] That formulation was intended to liberalize the Fourth Amendment and extend its protections beyond physical trespass. However, by grounding privacy rights in what a small group of lawyers believe society recognizes as “reasonable,” the Court detached protection from the concrete boundaries of the Constitution and created an ambiguous standard. As we journey further into the 21^st century, and state and private surveillance become normalized as necessary to a secure society, our general expectation of privacy is shrinking rapidly, and our rights are shrinking with it.

The text of the Constitution protects citizens through their persons, homes, papers, and effects—real places and things that anchor enforceable boundaries. Katz inverted that logic by replacing hardline rules with shifting baselines and mistaking trust for consent to surveillance. In the decades that followed, this logic hardened into the third-party doctrine, which holds that any information shared with others loses constitutional protection.[4] The consequences of this doctrine are especially harsh in today’s world, when nearly all personal information flows through third parties. If privacy rights are to remain a foundation of democratic life, they need to be grounded in some sort of enforceable boundary. Because today’s data and the inferences drawn from it can reach further into private life than any physical trespass, the protections of the Fourth Amendment must be interpreted with that reality in mind.

Continue reading →

Privacy in Death: Conserving your Power in Legacy

Gabriel Siwady-Kattan

Introduction

Throughout our lives, we store everything online. This means that not only can a person keep physical assets in a bank; they can also have digital assets available online for access and distribution. Who should be able to access those assets when we die? The IRS defines a digital asset as “a digital representation of value recorded on a cryptographically secure distributed ledger or similar technology” and names as examples convertible virtual currency and cryptocurrency, stablecoins, and Non-Fungible Tokens (NFTs).^[1] The IRS further elaborates that “[i]f a particular asset has characteristics of a digital asset, [then] it’s treated as one for federal income tax purposes.”^[2] Beyond digital assets that have a financial component to them, however, are also images, videos, digital documents, and electronically-stored music. These could be held by any person, and in our modern age, most people have an account where their digital information is stored, whether in an Apple, Google, Facebook, or Instagram account. The existence of digital assets has brought many issues, including how to deal with the distribution of digital assets at the time of death.

To deal with this issue, the Uniform Law Commission (ULC) drafted the Uniform Fiduciary Access to Digital Access Act (hereinafter referred to as the Digital Assets Act).^[3] This Act essentially treated digital assets as it would any other kind of traditional property a person held at the time of their death.[4] This meant that an executor had near unsupervised power to access, manage, and distribute a decedent’s digital assets.^[5] Under the Digital Assets Act, an executor had the same access to digital assets as an owner had at the time of their death.^[6]

Naturally, this “open-access approach” could raise personal privacy concerns. What if, in the process of getting a decedent’s affairs in order, an executor came across communications with a third party? What if that communication shed light on an unknown aspect of the deceased’s life? What if that communication was meant to remain confidential? And what about that third party’s identity?

On top of these personal privacy concerns, the Digital Assets Act’s provisions were contrary to some tech companies’ terms of use agreements. For example, tech companies have their own ways of managing the content on their platform, and often control or limit the agency a user or consumer might have over their own communications. To this end, tech companies almost always require users to agree to a terms of use agreement, which typically includes provisions on how and to whom data may be shared.

Continue reading →