As the country’s new Congress settles into its term, several technology issues are coming to the forefront. A number of Senators recently questioned the Department of Justice over how it is collecting cellphone-location data in the wake of the Supreme Court’s landmark Carpenter decision. Carpenter v. United States, 138 S. Ct. 2206 (2018). The House of Representatives is considering a renewed version of legislation that would strengthen the security of “Internet of Things” technologies used by the federal government. And politicians and pundits throughout Capitol Hill are asking whether this will be the year that comprehensive federal privacy legislation becomes law. As it turns out though, some of the nation’s top courts are already tackling these tough issues. In fact, the Seventh Circuit’s opinion last year in Naperville Smart Meter Awareness v. City of Naperville, 900 F.3d 521 (7th Cir. 2018), has received relatively little reporting, but its impact will be broad when it comes to how courts interpret the Fourth Amendment in the era of big data.

In Naperville, the Seventh Circuit heard an appeal concerning the city’s “smart meter” program. Without residents’ permission, Naperville had been replacing traditional energy meters on its grid with “smart meters” for homes. Each smart meter collected thousands of readings a month, as opposed to just the previous single monthly readings. According to the plaintiffs, the repeated readings of the smart meters collected data at such a granular level that they revealed what appliances were present in homes and when they were used. Considering the potential privacy impact, the Seventh Circuit found that Naperville’s collection of smart meter data from residents’ homes constituted a “search” under the Fourth Amendment.

Importantly, the Court applied last year’s Supreme Court decision Carpenter, which had found that a court order to a wireless carrier for historical cell site location data constituted a search and required a warrant supported by probable cause. As in Carpenter, the Seventh Circuit found the residents’ lack of consent to the collection of the comprehensive smart meter data was key to rendering that collection a search. Having found that the smart meter data’s collection was a search under the Fourth Amendment, the Court then asked whether the search was reasonable. In answering that question in the affirmative, the Court considered the search’s ultimate purpose. That is, the search was being performed by a public utility to strengthen the city’s energy grid and reduce costs—not by an enforcement division. Because the city conducted the search with no enforcement intent, the Court found it reasonable.

Although the Seventh Circuit’s decision ultimately let the city’s practices stand, its analysis reflects the heightened scrutiny with which consumers, courts, and the plaintiffs’ bar are approaching big data collection. Private companies and government entities are increasingly in possession of ever-growing quantities of data that reveal, in the words of Chief Justice Roberts, the “privacies of life.” The proximity and persistence of connected devices like Naperville’s smart meters enable them to generate these troves of data, and thus new and hopefully helpful insights.

At the same time, what makes this data so appealing is also what makes it qualitatively different, at least in the Seventh Circuit. Pre-Carpenter precedent often held that information collected from “analog” meters by utility companies is not protected by the Fourth Amendment. See, e.g., United States v. McIntyre, 646 F.3d 1107, 1110 (8th Cir. 2011) (finding defendant did not have a reasonable expectation of privacy protected by the Fourth Amendment in monthly cumulative electricity usage readings). What made this case different to the Court was the intimate insights one could gain from the smart meters about someone’s home activities, e.g., when and for how long someone uses their microwave.

While the facts in Naperville were unique, that opinion together with Carpenter make clear that courts are carefully evaluating privacy rights and constitutional protections when it comes to the collection of big data. Whether and how the federal legislature dives into the fray remains to be seen.

Tags: Carpenter, Privacy, Smart Devices
Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Kate Growley Kate Growley

Businesses around the globe rely on Kate M. Growley to navigate their most challenging digital issues, particularly those involving cybersecurity, artificial intelligence, digital infrastructure, and their intersection with national security. Clients seek her guidance on proactive compliance, incident response, internal and government-facing investigations…

Businesses around the globe rely on Kate M. Growley to navigate their most challenging digital issues, particularly those involving cybersecurity, artificial intelligence, digital infrastructure, and their intersection with national security. Clients seek her guidance on proactive compliance, incident response, internal and government-facing investigations, and policy engagement. With a unique combination of legal, policy, and consulting experience, Kate excels in translating complex technical topics into advice that is practical and informed by risk and business needs.

Kate has extensive experience working with members of the U.S. government contracting community, especially those within the Defense Industrial Base. She has partnered with contractors from every major sector, including technology, manufacturing, health care, and professional services. Kate is an IAPP AI Governance Professional (AIGP) and a Certified Information Privacy Professional for both the U.S. private and government sectors (CIPP/G and CIPP/US). She is also a Registered Practitioner with the U.S. Cybersecurity Maturity Model Certification (CMMC) Cyber Accreditation Body (AB).

Having lived in Greater China for several years, Kate also brings an uncommon understanding of digital and national security requirements from across the Asia Pacific region. She has notable experience with the regulatory environments of Australia, Singapore, Japan, and Greater China—including the growing regulation of data flows between the latter and the United States.

Kate is a partner in the firm’s Washington, D.C., office, as well as a senior director in the firm’s consultancy Crowell Global Advisors, to which she was seconded for several years. She is a founding member of the firm’s Privacy & Cybersecurity Group and part of the firm’s AI Steering Committee. She has been internationally recognized by Chambers and named a “Rising Star” by both Law360 and the American Bar Association (ABA). She has held numerous leadership positions in the ABA’s Public Contract Law and Science & Technology Sections and has been inducted as a lifetime fellow in the American Bar Foundation.

Read more about Kate Growley
Show more Show less
Related Posts
Text Messages Lead to $4.47B Liability in Securities Fraud Case
June 27, 2024
Best Practices for Navigating Discovery of Mobile Data and Alternative Communication Tools in Today’s Digital World
March 25, 2020
What we can learn about joint controllership from the CJEU Fashion ID ruling
August 21, 2019