Bringing Privacy Protections into the Digital Age, One (Big) State at a Time
By: Mike Godbe, PHRGE Fellow at Electronic Frontier Foundation
Original Mural located in EFF’s San Francisco office by EFF Art Director, Hugh D’Andrade
Earlier this month, the Governor of California signed the Electronic Communications Privacy Act (CalECPA), which requires that police in California get a warrant before they can search an electronic device, obtain digital records like emails and text messages, or obtain a user’s past or future location information.
Most importantly, evidence obtained in violation of CalECPA is inadmissible in criminal cases.
California is only the third state to have so far offered protections for both electronic content as well as location information (along with Maine and Utah), but with a population larger than Canada’s that encompasses about 12% of the total U.S. population, this is no small deal.
Attorneys at the Electronic Frontier Foundation (EFF), the ACLU of Northern California, and the California Newspaper Publishers Association worked together to write and sponsor the bill. Lead by activists at the EFF, a campaign to build support among a wide array of groups was key the bill’s ultimate success. Moreover, this campaign got the state’s most influential law enforcement organizations – the state’s District Attorney, Police Chiefs, Sheriffs’, and Law Enforcement Associations – to all drop their opposition to CalECPA.
Writing good law is one thing, but organizing a campaign to build support is another. Without the efforts of activists at the EFF, it is highly unlikely that the bill would have passed, let alone with two-thirds support from both houses of congress. And as it turns out, getting that two-thirds’ support was extremely important.
Without a supermajority, criminal defendants would not be able to suppress evidence collected in violation of CalECPA, which would have meant these new laws would have merely created nominal rights without actual remedies. Luckily, thanks to the efforts of a diverse coalition, CalECPA did pass with a supermajority and does include suppression.
In order to see why CalECPA’s supermajority was so critical, it is important to understand a bit about the ‘fruit of the poisonous tree doctrine’ and the California ballot initiative process.
The ‘fruit of the poisonous tree’ doctrine embodies a straightforward and principled idea: that law enforcement officers cannot use illegally obtained evidence against criminal defendants. Without it, police would be incentivized to break the law to gather incriminating evidence (e.g. warrantless searches, compelled confessions, etc). In essence, the doctrine says that police cannot break the law to make their case (i.e., cannot yield fruit from a poisonous tree).
However, when common law rules and statutes contradict each other, the statute generally prevails. California has a ballot initiative process by which citizens can bypass the legislature and enact statutes by way of popular vote, and in 1982 Californians chopped down the ‘fruit of the poisonous tree’ doctrine with the passage of Prop. 8 (this is an earlier Prop. 8 than the famed 2008 law that rendered same-sex marriage in the state illegal).
The 1982 proposition was a ‘tough-on-crime’ initiative that added a new section to the state constitution, which included a deceptively named “Right to Truth-in-Evidence.” This “right” stated that all “relevant evidence shall not be excluded in any criminal proceeding” unless “by a two-thirds vote of the membership in each house of the legislature.” Essentially, this means that any evidence that is “relevant” is admissible – even if the police violated the law to obtain it – unless the law the police violated passed with a supermajority in both houses of congress
States cannot diminish rights guaranteed by the federal constitution, so in practice the “truth in evidence” law only applies to state-specific protections that go above and beyond those guaranteed by the federal constitution. So, police in California cannot use evidence against criminal defendants obtained pursuant to a warrantless home invasion or some other search or seizure that violates the federal constitution. However, the Supreme Court of California has found additional protections to be guaranteed by the state constitution, which go above and beyond those provided by the federal constitution. For example, the California constitution has stronger privacy protections than the Fourth Amendment when it comes to one’s expectation of privacy in phone records, bank records, garbage left for pickup, and overhead aerial surveillance. Because of Prop. 8, a criminal defendant cannot suppress relevant evidence collected in violation of Thus, these protections are essentially meaningless if you are a criminal defendant whose rights have been violated.
Since there are pretty much no federal laws or broad Supreme Court decisions mandating warrants for searches of electronic communications or location information, CalECPA has created privacy rights that go above and beyond those currently guaranteed by the 4th Amendment. Thus, it was imperative that CalECPA passed with a supermajority, and it is cause for genuine celebration that it did.
While gaining these protections in California is a momentous achievement, law enforcement should be required to get a warrant to read anyone’s emails or track his or her location. The last federal laws that provided standards for collection of electronic communications were passed before the internet was a thing and before people carried tiny computers full of their most personal communications in their pockets. If you support these protections on a national level, contact your congresspersons to tell them to bring our privacy protections into the digital age: http://www.digital4th.org/
 The Secured Communications Act does require a warrant for the content of electronic storage is less than 180 days old (e.g., emails from within the past six months). Given many people’s habit of storing years worth of text messages and emails on third party servers (e.g., those of your cell phone companies and Google), this 180-day warrant requirement is a temporary and limited solution at best.