Leonard Deutchman Leonard Deutchman

Introduction: Privacy Everywhere

In my April 2021 column, "Data Privacy: Why We Are All Over the Place," we discussed the meaning of privacy in the digital age. We discussed in detail Commonwealth v. Pacheco, 2020 PA Super 14 (Jan. 24, 2020) and Commonwealth v. Dunkins, No. 118 MAL 2020 (petition for allowance of appeal to the Supreme Court granted Aug. 4, 2020), both of which had recently been argued before the Pennsylvania Supreme Court, both of which illustrate how the language of the Fourth Amendment and Article I, Section 8 has been stretched, or overlooked, to protect "privacy" rights not protected in the U.S. and State Constitutions. On Nov. 17, the Pennsylvania Supreme Court announced its opinion in Pacheco, and followed the Superior Court in finding that cellphone users had "privacy" rights in data not in their possession and "private" simply because one could reasonably infer from the data actions taken by the users, regardless of whether those actions took place in public or solely in the privacy of the users' home or other private location. In this month's article, I shall discuss the Pennsylvania Supreme Court's actions and their ramifications,

'Commonwealth v. Pacheco'

In 2015, the Narcotics Enforcement Team of the Montgomery County District Attorney's Office (commonwealth), working with the Federal Drug Enforcement Agency (DEA), learned that a large Mexican drug-trafficking organization was smuggling heroin into the United States for distribution, and that Pacheco, a resident of Norristown, Pennsylvania, played a significant role in the operation by retrieving the heroin in Atlanta, Georgia, and transporting it to wholesale buyers in New York City. Throughout the nearly year-long investigation, the commonwealth applied for and obtained several orders pursuant to the Pennsylvania Wiretapping and Electronic Surveillance Control Act (Wiretap Act), 18 Pa.C.S. Section 5701-82. Pacheco objected to those orders obtained under 18 Pa.C.S. Section 5771-75, which allow the commonwealth to obtain an order permitting it to obtain "mobile communications tracking information."

For cellphones to communicate without losing their connection to whom they are calling or who is calling them, to a website the phone has logged into, and so on, constant communications must be made between the phone and cell towers that receive, send and pass along signals. Cell towers, when they were new, stood out in all but the most crowded urban settings; now, they are far more familiar and mix in with all manner of settings. The communications between persons talking, with at least one on a cellphone, are the culmination of the efforts of the cell provider. To allow those communications to be made easily, the phones must constantly be "checking in," i.e., sending and receiving signals, to the provider. That "check in" information will include the identity of the cellphone (obviously, the person making the call can be no more identified than can the person making a call on the home phone, even if the fact that if the phone is the "home phone" indicates the likelihood of who will be making or the call), the date and time of the communication, the location of the cellphone (obtained by noting which cell tower connected with the cellphone and mapping the towers connected over time to produce the route the phone took), the length of the call and other such information. If law enforcement wishes to locate a cellphone at an exact moment, it will direct the cellphone carrier to "ping" the phone; when, in the second or seconds it takes to ping that phone, that phone is pinged, it will report back its physical location on the cell line, and so in the world. By pinging the phone over minutes, the carrier (and, hence, law enforcement) will obtain strong evidence as to where the phone is heading or where it has stopped. The information that allows the government (who is doing the searching under the Wiretap Act) to track a subject or target is referred to generically as "cell site locator information" or CSLI.