The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
So, as has come up frequently in the NSA thread, we seem to be hitting a bump in society where communications technology, our utilization and expectations regarding their use and the laws that deal with those communications technologies intersect. Case in point: The collection of what we call "Metadata" without a warrant. Currently, the legal rationale in the United States finds, thanks to several court cases that there is no 4th Amendment protection of communications metadata due to the nature of it being shared with a third party. The numbers of the people you call, the time you called them, where you called them from and any other pieces of necessary routing data to make these digital communications
work has no protections under the 4th. The foundation of this legal rational being based in the Supreme Court case Smith vs. Maryland:
Smith v. Maryland, 442 U.S. 735 (1979),[1] was a case in which the Supreme Court of the United States held that the installation and use of the pen register was not a "search" within the meaning of the Fourth Amendment, and hence no warrant was required. The pen register was installed on telephone company property at the telephone company's central offices. In the Majority opinion, Justice Blackmun rejected the idea that the installation and use of a pen registry constitutes a violation of the "legitimate expectation of privacy" since the numbers would be available to and recorded by the phone company anyway.
Background[edit]
In Katz v. United States (1967), the United States Supreme Court established its "reasonable expectation of privacy" test. It overturned Olmstead v. United States and held that wiretaps were unconstitutional searches, because there was a reasonable expectation that the communication would be private. The government was then required to get a warrant to execute a wiretap.
In Smith v. Maryland, the Supreme Court held that a pen register is not a search because the "petitioner voluntarily conveyed numerical information to the telephone company." Since the defendant had disclosed the dialed numbers to the telephone company so they could connect his call, he did not have a reasonable expectation of privacy in the numbers he dialed. The court did not distinguish between disclosing the numbers to a human operator or just the automatic equipment used by the telephone company.
The Smith decision left pen registers completely outside constitutional protection. If there was to be any privacy protection, it would have to be enacted by Congress as statutory privacy law.
But back then, phone communication was almost, if not entirely, landline based. You had a phone number that was tethered to your home and there was a different culture surrounding their use. Chances were, if you wanted to talk to someone, you were going to probably speak to them directly: face to face.
But now we live an era where we are
constant communicating using these "indirect" methods. Consider for a moment your circle of friends and family members. Do you primarily talk to them face to face? Or thanks to the efficiency afforded by the digital age do you find yourself talking by email, by instant message, SMS, video chat, Facebook, Twitter DM, Google Hangout and the now comparatively mundane cell phone call?
And now ask yourself: How much privacy do you expect yourself to have in the not simply the content of those conversations, but that you had them
at all? Or even
where you had them?
In 2006, Senator Joe Biden discussed in an interview with CBS about the perils of Metadata collection and analysis:
http://www.thedailyshow.com/watch/mon-june-10-2013/moment-of-zen---joe-biden---government-surveillance
Harry: "Well the president, though, said, yesterday: 'We're not listening to phone calls. We're just looking for patterns.'"
Joe Biden: "Harry, I don't have to listen to your phone calls to know what you're doing. If I know every single phone call you made, I'm able to determine every single person you talked to. I can get a pattern about your life that is very, very intrusive."
In light of the recent NSA scandal,
the ACLU filed a lawsuit against various individuals in the intelligence community. In part of their filing, the organization alludes to the idea that the collection of Metadata is a violation of citizen's right to freedom of speech and freedom of association:
1. This lawsuit challenges the government’s dragnet acquisition of Plaintiffs’
telephone records under Section 215 of the Patriot Act, 50 U.S.C. § 1861.1
In response to
information published by the media, the government has acknowledged that it is relying on
Section 215 to collect “metadata” about every phone call made or received by residents of the
United States. The practice is akin to snatching every American’s address book—with
annotations detailing whom we spoke to, when we talked, for how long, and from where. It gives
the government a comprehensive record of our associations and public movements, revealing a
wealth of detail about our familial, political, professional, religious, and intimate associations.
Now, as it stands, the
NSA has gone on record that it does not collect what is called "Cell Site Location Information," those little bits and pieces of data that indicate where a person's network-connected device has been [and, typically, where
they therefore have been]. This is good news in regards to privacy.
The bad news is that should Law Enforcement actually want your CSLI for whatever reason, they don't need a warrant to get it,
according to the US Court of Appeals for the Sixth Circuit, citing the provisions of the Stored Communications act. As Ars puts it:
However, by May and June 2006, law enforcement agents received authorization to intercept the communications of two phones established in West’s name. In an order written by a Tennessee federal magistrate judge, the prosecuting United States attorney received authorization to install a pen register, a trap and trace device, and to receive location data from the call’s origination and termination points, in addition to GPS and ping data from those phones.
Among other rationales, the judge cited the Stored Communications Act (also known as a 2703(d) order) as grounds to provide this order. Under that federal statute, authorities can’t receive the contents of electronic communication (what was said), but can find out where and to whom it was said. In contemporary cases within the last decade, law enforcement and judges have increasingly used this reasoning to obtain extensive location data that can effectively turn the phone into a tracking device. Such information previously would have required a much higher legal threshold—a probable cause-driven warrant.
Furthermore, they cited US v. Jones in such a manner that, because the pen register was not a
physical incursion into the phone, that it was therefore legal to tap for this metadata without a warrant, in fact a commendable effort by law enforcement thanks to the efficiency and inexpensive cost versus other methods:
"Here, the monitoring of the location of the contraband-carrying vehicle as it crossed the country is no more of a comprehensively invasive search than if instead the car was identified in Arizona and then tracked visually and the search handed off from one local authority to another as the vehicles progressed," Judge Rogers added in the decision.
"That the officers were able to use less expensive and more efficient means to track the vehicles is only to their credit."
However, other attorneys disagree with the ruling:
"In fact, the government's use of a pen register and a trap trace device (called a 'hybrid order') to obtain the info is something that has been extensively litigated and disputed," wrote Hanni Fakhoury, a staff attorney with the Electronic Frontier Foundation, in an e-mail sent to Ars.
"This ‘hybrid' theory has been challenged both as a matter of statutory interpretation (i.e., the government's statutory analysis is wrong; you can't use the statutes in that way) and as a matter of constitutional law (i.e., even if you could use a d-order to get this info, 2703(d) is unconstitutional because this information requires a search warrant). The fact the Sixth Circuit didn't mention that or go through any of the legal analysis or even note that this is a hotly contested legal issue is simply (to borrow a term I saw on Twitter) ‘lazy.'"
The question is now raising from the surface of the waters of the legal community and into the public eye: Should we consider stronger protections regarding citizens' metadata? Is there a reasonable expectation of privacy to this? Especially in an age where much of it can be anonymized yet still effective for the purposes of facilitating the function of the networked devices and improving the efficiency of the networks?
In the aforementioned
Jones ruling, Justice Sonia Sotomayor touched on this issue:
Nonetheless, as JUSTICE ALITO notes, physical intrusion is now unnecessary to many forms of surveillance. Post, at 9–12. With increasing regularity, the Government will be capable of duplicating the monitoring undertaken in this case by enlisting factory- or owner-installed vehicle tracking devices or GPS-enabled smartphones. See United States v. Pineda-Moreno, 617 F. 3d 1120, 1125 (CA9 2010) (Kozinski, C. J., dissenting from denial of rehearing en
banc). In cases of electronic or other novel modes of surveillance that do not depend upon a physical invasion on property, the majority opinion’s trespassory test may provide little guidance. But “[situations] involving merely the transmission of electronic signals without trespass would remain subject to Katz analysis.” Ante, at 11. As JUSTICE ALITO incisively observes, the same technological advances that have made possible nontrespassory surveillance techniques will also affect the Katz test by shaping the evolution of societal privacy expectations. Post, at 10–11. Under that rubric, I agree with JUSTICE ALITO that, at the very least, “longer term GPS monitoring in investigations of most offenses impinges on expectations of privacy.” Post, at 13.
In cases involving even short-term monitoring, some unique attributes of GPS surveillance relevant to the Katz analysis will require particular attention. GPS monitoring generates a precise, comprehensive record of a person’s public movements that reflects a wealth of detail about her familial, political, professional, religious, and sexual associations. See, e.g., People v. Weaver, 12 N. Y. 3d 433, 441–442, 909 N. E. 2d 1195, 1199 (2009) (“Disclosed in [GPS] data . . . will be trips the indisputably private nature of which takes little imagination to conjure: trips to the psychiatrist, the plastic surgeon, the abortion clinic, the AIDS treatment center, the strip club, the criminal defense attorney, the by-the-hour motel, the union meeting, the mosque, synagogue or church, the gay bar and on and on”). The Government can store such records and efficiently mine them for information years into the future. Pineda-Moreno, 617 F. 3d, at 1124 (opinion of Kozinski, C. J.). And because GPS monitoring is cheap in comparison to conventional surveillance techniques and, by design, proceeds surreptitiously, it evades the ordinary checks that constrain abusive law enforcement practices: “limited police resources and community hostility.” Illinois v. Lidster, 540 U. S. 419, 426 (2004).
Awareness that the Government may be watching chills associational and expressive freedoms. And the Government’s unrestrained power to assemble data that reveal private aspects of identity is susceptible to abuse. The net result is that GPS monitoring—by making available at a relatively low cost such a substantial quantum of intimate information about any person whom the Government, in its unfettered discretion, chooses to track—may “alter the relationship between citizen and government in a way that is inimical to democratic society.” United States v. Cuevas-Perez, 640 F. 3d 272, 285 (CA7 2011) (Flaum, J., concurring).
I would take these attributes of GPS monitoring into account when considering the existence of a reasonable societal expectation of privacy in the sum of one’s public movements. I would ask whether people reasonably expect that their movements will be recorded and aggregated in a manner that enables the Government to ascertain, more or less at will, their political and religious beliefs, sexual habits, and so on. I do not regard as dispositive the fact that the Government might obtain the fruits of GPS monitoring through lawful conventional surveillance techniques. See Kyllo, 533 U. S., at 35, n. 2; ante, at 11 (leaving open the possibility that duplicating traditional surveillance “through electronic means, without an accompanying trespass, is an unconstitutional invasion of privacy”). I would also consider the appropriateness of entrusting to the Executive, in the absence of any oversight from a coordinate branch, a tool so amenable to misuse, especially in light of the Fourth Amendment’s goal to curb arbitrary exercises of police power to and prevent “a too permeating police surveillance,” United States v. Di Re, 332 U. S. 581, 595 (1948).*
More fundamentally, it may be necessary to reconsider the premise that an individual has no reasonable expectation of privacy in information voluntarily disclosed to third parties. E.g., Smith, 442 U. S., at 742; United States v. Miller, 425 U. S. 435, 443 (1976). This approach is ill suited to the digital age, in which people reveal a great deal of information about themselves to third parties in the course of carrying out mundane tasks. People disclose the phone numbers that they dial or text to their cellular providers; the URLs that they visit and the e-mail addresses with which they correspond to their Internet service providers; and the books, groceries, and medications they purchase to online retailers. Perhaps, as JUSTICE ALITO notes, some people may find the “tradeoff” of privacy for convenience “worthwhile,” or come to accept this “diminution of privacy” as “inevitable,” post, at 10, and perhaps not.
I for one doubt that people would accept without complaint the warrantless disclosure to the Government of a list of every Web site they had visited in the last week, or month, or year. But whatever the societal expectations, they can attain constitutionally protected status only if our Fourth Amendment jurisprudence ceases to treat secrecy as a prerequisite for privacy. I would not assume that all information voluntarily disclosed to some member of the public for a limited purpose is, for that reason alone, disentitled to Fourth Amendment protection. See Smith, 442 U. S., at 749 (Marshall, J., dissenting) (“Privacy is not a discrete commodity, possessed absolutely or not at all. Those who disclose certain facts to a bank or phone company for a limited business purpose need not assume that this information will be released to other persons for other purposes”); see also Katz, 389 U. S., at 351–352 (“[W]hat [a person] seeks to preserve as private, even in an area accessible to the public, may be constitutionally protected”).
* United States v. Knotts, 460 U. S. 276 (1983), does not foreclose the conclusion that GPS monitoring, in the absence of a physical intrusion, is a Fourth Amendment search. As the majority’s opinion notes, Knotts reserved the question whether “ ‘different constitutional principles may be applicable’ ” to invasive law enforcement practices such as GPS tracking. See ante, at 8, n. 6 (quoting 460 U. S., at 284). United States v. Karo, 468 U. S. 705 (1984), addressed the Fourth Amendment implications of the installation of a beeper in a container with the consent of the container’s original owner, who was aware that the beeper would be used for surveillance purposes. Id., at 707. Owners of GPS-equipped cars and smartphones do not contemplate that these devices will be used to enable covert surveillance of their movements. To the contrary, subscribers of one such service greeted a similar suggestion with anger. Quain, Changes to OnStar’s Privacy Terms Rile Some Users, N. Y. Times (Sept. 22, 2011), online at
http://wheels.blogs.nytimes.com/2011/09/22/changes-to-onstars-privacyterms-rile-some-users (as visited Jan. 19, 2012, and available in Clerk of Court’s case file). In addition, the bugged container in Karo lacked the close relationship with the target that a car shares with its owner. The bugged container in Karo was stationary for much of the Government’s surveillance. See 468 U. S., at 708–710. A car’s movements, by contrast, are its owner’s movements.
[Emphasis mine; also I had to amend the original of "[situations]" because the original format was being interpretted through the BBCode as a strike through tag]
Representative Jerrold Nadler [D-NY]
issued his own concerns about the lack of protections for digital communications metadata during the testimony given by FBI Director Robert Mueller a couple weeks back:
Thank you. Let me just suggest, by the way, that uh, that 1979 decision of the Supreme Court that a phone bill is not uh, uh, protected by the 4th Amendment, uh, might not apply to a lot of this stuff today given how pervasive and privacy-invading this metadata has become, uh, compared to what could be done in 1979. So I wouldn't, I don't know that I totally rely on that precedent that everything that is being done.
Now, even the
FCC is taking measures to insure there are better protections over user's metadata [though my understanding this is more regarding the private sector side of things than interaction with law enforcement, but I would imagine it would indicate a viewpoint that must be considered in any legal matters as to the recognition of privacy over such things].
In conclusion, I would say that in our age of digital communications, the laws and regulations and constitutional interpretations must be updated to adapt to a form of identifying information that has become a widespread and entrenched facet of our every day lives and our expectations. Every day people use these technologies with the perception that their privacy is secure in them. If the law currently does not recognize that, then in order to maintain the Spirit of the Fourth Amendment, it must adapt to do so.
Posts
"More fundamentally, it may be necessary to reconsider the premise that an individual has no reasonable expectation of privacy in information voluntarily disclosed to third parties. E.g., Smith, 442 U. S., at 742; United States v. Miller, 425 U. S. 435, 443 (1976). This approach is ill suited to the digital age, in which people reveal a great deal of information about themselves to third parties in the course of carrying out mundane tasks. People disclose the phone numbers that they dial or text to their cellular providers; the URLs that they visit and the e-mail addresses with which they correspond to their Internet service providers; and the books, groceries, and medications they purchase to online retailers. Perhaps, as JUSTICE ALITO notes, some people may find the “tradeoff” of privacy for convenience “worthwhile,” or come to accept this “diminution of privacy” as “inevitable,” post, at 10, and perhaps not. I for one doubt that people would accept without complaint the warrantless disclosure to the Government of a list of every Web site they had visited in the last week, or month, or year. But whatever the societal expectations, they can attain constitutionally protected status only if our Fourth Amendment jurisprudence ceases to treat secrecy as a prerequisite for privacy. I would not assume that all information voluntarily disclosed to some member of the public for a limited purpose is, for that reason alone, disentitled to Fourth Amendment protection. See Smith, 442 U. S., at 749 (Marshall, J., dissenting) (“Privacy is not a discrete commodity, possessed absolutely or not at all. Those who disclose certain facts to a bank or phone company for a limited business purpose need not assume that this information will be released to other persons for other purposes”); see also Katz, 389 U. S., at 351–352 (“[W]hat [a person] seeks to preserve as private, even in an area accessible to the public, may be constitutionally protected”)."
This I think is the crux of the discussion.
Do we as a society expect privacy? Yes
Does the law need to catch up with technological and societal advances? Yes
Now we need to really sit down and figure out exactly where that leads us to.
[edit]
I think metadata aggregation is likely not an issue. I realize this may not meet the expectations of many other posters. I also do not think GPS data in and of itself is an invasion of privacy. I am concerned with the concurrent aggregation of both GPS and other metadata when those individual pieces can be referenced against each other (in other words, when the GPS data is part of the other accepted metadata).
I guess the way I see it is this:
Metadata = OK
GPS = OK
Metadata+GPS = needs some work
Probably narrowed down by time and or place as relevant to the investigation. You couldn't simply get a dragnet going to collect a broad swath
See here I disagree. Metadata that meets pen register guidelines I think would be covered based on precedent. My question lies with the broadening of the scope of the law (and the data aggregation).
Just to keep this brief. I don't care if anyone can access the number of people that visit this site. I also don't care if anyone can figure out which percent of this sites population also visit the New York Times. That is data that can be used to better facilitate people's interactions. My issue is when people start adding names to the mix. I don't want the government to figure out how many times I, Mill, check the NYT site, nor do I want the NYT to know that it might be worth spamming my inbox and I sure as hell don't want google selling which sites I, Mill, happen to visit to anyone willing to pay the right price. I feel this is the point where things get intrusive and I also feel in the case of businesses, that they've hit a point where they are focusing too much on the bottom line despite having enough info to improve their business without the names.
In response to this section, I think there's another angle to be considered here. Sotomayor talks about the limited purpose of the disclosing of the data in question as an argument for stricter protection.
But I think there is also another, perhaps more important matter, which is that this disclosure is not by any reasonable definition voluntary. You can't access alot of basic services without being forced to disclose a great deal of private information. Even the most basic of these services, like "having a phone", is a necessity of modern life. This is why it's one of the services the government pays money to supply to rural areas. Because, like power and water and waste management, it's a necessity. Internet should be on this list too at this point. How much weight can you give to the idea that people are waving their right to privacy when there is no real choice in the matter?
I'm not arguing one way or the other on what should be or shouldn't be protected in this post, but I think it's important to consider that there is no way to live in the modern world without being forced to disclose your information to private 3rd parties and that fact needs to be taken in to account in any type of system proposed.
Well put; for what it's worth, SCOTUS has been pretty unsympathetic to this line of reasoning with respect to contract clauses mandating arbitration or barring class action.
Indeed, my concern isn't that the government knows, provided they restrict their usage of it to preventing violent crime and grand larceny etc. If the government finds out that I'm planning some awful terrorist attack by analyzing my metadata, then thats OK by me. The problem is the 'mundane but embarrassing' privacy issues. Should the government be able to find out if I'm watching porn? Or having an affair? Clearly not. And I also think that metadata is too intrusive to use for things like finding out if I'm stealing episodes of Game of Thrones etc.
Now my real problem is companies. Lets say I apply for a job at google. Right now I don't think they would do this, but clearly Google could learn a VAST amount about me from the metadata it has access to and it could elect to say, not offer me a job because I spend a lot of time looking at Republican websites, or because I spend a lot of time on medical sites and they think I'm sick. And this is just the beginning of private intrusions. Whole firms are going to be (and already are) set up dedicated to gathering info from security cameras, websites, services providers etc to find out what you are doing, who you are doing it with and selling it to your bosses. Suddenly at your quarterly review you're going to be answering questions about why you were out drinking on a tuesday night, or why you went to a strip club when you were staying a few extra days after the end of a conference. Why were you making a personal call between 9:15 and 9:19 on Wednesday the 9th? And so on. The capabilities of people to exploit this data are going to grow massively, and it needs to be stopped now, before it gets out of hand.
Metadata and email scanning by the owner to sell me better products? OK, providing it is computerized and never disclosed.
Anonymized metadata sales for better understanding website and social operations? OK
Personalized metadata or private surveillance sales? Never OK.
The aggregation really is what the issue is. If google wants to use my emails to try and target ads at me, I'm relatively comfortable with that because I agreed to it and google's use of that information is fairly limited. If my cell provider looks at my usage pattern and uses that data to suggest a different subscription plan that's also a reasonable and fairly limited use. The problem is all this information about me being pooled together and being accessible to any company or government actor that wants to pay for it.
that's why we call it the struggle, you're supposed to sweat
The government doesn't pay for it, they get a court-ordered warrant for it. And the companies are in fact obligated to turn it over, as you agreed to in all that contract stuff. And I don't know if Google or the others actually sell your data to anyone.
I don't think anyone here is gonna say "Hands off my metadata no matter what!" Just that we bring in law enforcement's authority to collect it in line with the Fourth Amendment in regards to the growth of technology and people's experiences with and expectations of it.
Which, at basic for law enforcement would require a warrant, served for probable cause, restricted to acquiring a specific set of metadata relevant to the case at hand that the warrant was issued for
I'm sorry, I got confused. Yeah, metadata is not private.
that's why we call it the struggle, you're supposed to sweat
Schrodinger, I am very very very very uncomfortable with the idea that just because any of us send something over a network that means we have given up any expectation of privacy to it, especially in a world where it becomes increasingly difficult to lead a normal life without sending vast quantities of information over it, be they content data or metadata.
And while privacy is not in and of itself freedom, it is an integral component to having freedom. I'd also, generally, disagree with the notion that privacy is 1:1 tied together with private property. There's a variety of situations in which people expect privacy when on the grounds of property that they have no ownership over, but the violation of that privacy without just cause tends to incur significant negative social and/or legal repercussions.
With Google, I'd say a large part hinges on what at google is searching all of our data. A "dumb" computer doing all of this poses significantly less of a risk than a person doing so [depending on what the computer is supposed to be doing with that information].
The risks still involved however would, I'd say, require us to take a look at enshrining stronger legal protections for the privacy of data in the care of third parties [Anonymization, restricting the any of the parties' rights to sale of non-anonymized data, etc.]
Suppose I make a phone call on the pay phone. I paid 25 cents for that phone call. The phone call is essentially my property. Cops cannot tap that phone call without a warrant, even if someone else owns the phone line.
On the other hand, let's take about the metadata and record of the call itself. Is the metadata my property? No, not really.
I'd have to disagree. Even if I'm storing something on Google, there is still an expectation of privacy there. Culturally, the act of sharing something with another person, or even a select group, does not mean that we have sacrificed the privacy of that information. You yourself are, as you said, a lawyer. Your clients, I would assume, disseminate private information to your firm all the time, yet they and yourself still assume a significant degree of privacy regarding that information and restriction on it's dissemination.
Out of curiousity, do your firms computer systems ever search through the information stored in any private communications between it's lawyers and clients? Or any other digitally stored private information?
I'm not entirely sure that a pay phone works for this analogy considering that the pay phone belongs to the company and an inherent part of it's nature is that it's used by anonymous users every day. The very nature of it's design makes it difficult, if not impossible, to tell who was calling on it.
A personal cell phone that's generating metadata like it's number, the number called, the time, it's CSLI, etc. not so much.
Just out of curiosity, where would you say that the right to privacy actually comes from?
An inherent expectation of people to be secure in what they do or say and the right to choose how they disseminate those things, founded at least in part in the freedom of self-expression, and that without privacy we do not have any true freedom of self-expression thanks to the chilling effect that prying eyes tends to have on the behavior/self-expression of humans.
This is circular reasoning though, because expectations change over time. Look at the reaction to Facebook feed when it first came out, and look at how people react to it today.
Again, this is circular. You're telling me what would happen without privacy, but you're not actually telling me what privacy is or where privacy comes from.
I'm saying privacy is a default inherent need of humans, and that when you take that away bad things (chilling effects on behavior; i.e., undue limiting of individual freedom of expression) tend to happen.
As Sotomayor says:
The same goes for third parties and individuals to whom we have not consented to being party to the dissemination of our speech or actions.
The right to privacy is never directly mentioned in the constitution, which is where the debate over Roe vs. Wade comes from. It's generally implied by the 14th amendment, "nor shall any State deprive any person of life, liberty, or property, without due process of law."
Ergo, while the right to privacy exists, you have to explain how life, liberty, or property is being explicitly denied. Not based on a "chilling effect," but based on the actual policy. i.e., abortion laws deprive liberty, not because they discourage people from having abortions, but because they prevent abortion from happening legally.
Why aren't chilling effects enough, in your opinion? If a policy will alter the populace in such a way, why do we have to prove explicit examples of harm instead of the understanding as to why these politics will damage society and infringe on our rights?
The constitutional basis for privacy rights comes from the due process claus. And the due process clause comes from the prevention of actual harms to life, liberty, or property.
Where do you draw the line?
For instance, is it illegal to take photos of the license plates for cars outside the strip clubs? No. It's a douchey thing to do, but it's not illegal, even though it has a chilling effect on association (which is sort of the point).
Suppose you're cheating on your wife, and someone discovers this information. Is it illegal for him to share this information with your wife, even though it would have a chilling effect on your association with your mistress? No. Is it illegal for him to blackmail you by offering to stay silent in exchange for payment? Apparently, yes.
If you want to discuss the right to privacy, you need to be more specific on what you mean by it.
Right but I would really like it if google didn't search my data. Your argument seems to be that since I let google see my shit I might as well let everyone else see my shit too.
Even if I lose my expectation of privacy when I use google or hotmail, or my cell phone on the metadata of that one device; the combination of the metadata from all of these devices reveals information which I never consented to sharing, and for which I do have the expectation of privacy. This is further expanded when combining that data with the data of other people.
There is information that is not part of the data, and cannot be obtained from any one database. Combining these databases it what causes the intrusion of privacy. This has a lot to do with the difference between data and information and with the increasing power of more complete data.
As an example, my phone GPS tracks where I am. For the sake of argument, let's pretend I lose the expectation of privacy with regards to where I am. Now assuming I use a Verizon plan, and I meet with a person using an AT&T phone. If you combine the databases of both Verizon and AT&T now you know who I was with. This is information I did not share with Verizon, and my companion did not share with AT&T. Since I did not share this information with anyone, I don't see how I could have lost my expectation of privacy.
If the exact example of GPS and location VS. association doesn't sit with you, be aware that it is trivial to produce a similar example for other kinds of "metadata"*.
*This use of the term metadata is not typical of what metadata is usually defined as. Metadata is usually defined as data on where data is or how data is stored.
Well I have an expectation of privacy in that I expect my government (or yours for that matter) not to invade my privacy. While I expect some invasion of privacy it seems weird to suggest that I must expect complete invasion of privacy by everyone.
Of course, I don't really expect the government to not invade my privacy. I'm just saying that I should expect it. The government shouldn't have my data. Much like your government shouldn't be spying on our governments.