Extract from Leonard Deutchman’s article “Data Privacy: Why We Are All Over the Place, Part I”
Reading about the law and information technology (IT) these days, you come across a remarkable number of stories describing and discussing IT and privacy. What is fascinating about many of the articles is what information or actions are considered to be “private.” Many judicial opinions, for example, concern law enforcement obtaining cell site location information (CSLI) from cell providers and other sources in order to track the movements of a subject of investigation (we will discuss CSLI in greater detail and these opinions infra) and the privacy interests that prevent law enforcement from simply getting the data from providers or creating the data through its own tracking or interception of cell tower information. Other opinions and legal discussions concern what privacy interest a creator or recipient of a digital file (e.g., an email, a Word document) has in that file if it is stored by a third party, as is increasingly the case with Cloud storage, particularly as it has come to be relied upon in the age of the pandemic. Still other legal discussions concern the privacy rights of persons whose movements (not spoken words) are captured by surveillance cameras: the single camera outside a building and controlled by the building’s resident or director; cameras in many, or every, room in the building; cameras installed and controlled by law enforcement that survey public streets and other public areas. There are many other contexts in which privacy interests in information accessed by, transmitted by or stored in IT are discussed.
In Part I of this column, I will look at these privacy discussions, focusing on what in the circumstances discussed renders the IT data private and whether the criteria relied upon when courts and others in the discussion determine that the data is or is not private is truly determinative, as well as properly understood.