Most Americans expect the Fourth Amendment -- which protects individuals from illegal searches -- to extend to their digital lives.
In general, this expectation matches reality: unless law enforcement comes knocking with a warrant, the government cannot search a person’s phone or computer. However, cars are treated differently, and as “connected cars” become increasingly linked to people’s digital identities, there is a risk that police will use this exception to conduct digital searches without warrants.
Congress should close this loophole.
The Fourth Amendment is the cornerstone of people’s right to privacy and freedom from government intrusion in the United States. It requires the government to get a warrant based on probable cause before conducting a search and seizure of personal property.
The Supreme Court has found these protections important enough to update them for the digital world. For example, the court has extended warrant protections to cell phones and vehicle GPS tracking, and it is currently reviewing whether law enforcement officials should be required to get a warrant to obtain cellphone location information from wireless carriers.
However, there has been a long-standing exception for vehicles in the Fourth Amendment: law enforcement officials can stop and search a vehicle based on probable cause without having to get a warrant from a judge.
For example, police officers can stop a vehicle for a routine traffic violation, and search it on the spot if the officers have probable cause that they will find contraband or the evidence of a crime. This lower standard for government searches makes sense in a physical world, where vehicles can only hold so much information and drivers can easily drive away to dispose of evidence.
But cars are changing, both in term of the amount and sensitivity of the information they can hold. Next-generation vehicles generate gigabytes of data while driving, enabling a host of new applications that enhance convenience, safety, and efficiency for drivers.
When this information can be accessed either through a display interface in the car or programmatically through an on-board computer, law enforcement could gain access to a significant amount of data about drivers without a warrant. For example, police could access in-car apps that contain sensitive information, such as navigation apps that contain travel history, social media apps that store messages and other personal information, and payment apps that contain information about past purchases.
While some of these applications require passwords, many only do so when the driver first logs in. Therefore, they would likely be unlocked when police pull over a driver.
In addition, many drivers may be intimidated into revealing their passwords during a stop, as has happened to travelers forced to unlock their phones at border crossings.
Finally, police could retrieve information stored in an on-board computer which may collect and store a variety of potentially sensitive information about drivers, including their driving behavior. Already, some police use special devices designed to circumvent built-in security measures on citizens’ phones and quickly copy their contents -- similar devices could be designed for cars.