The Fourth Amendment was written in 1789 to protect against physical searches of homes and papers by British soldiers. Today, it must contend with cell phones that contain a lifetime of personal information, email accounts stored on distant servers, GPS tracking, and automated license plate readers. Here is how the Fourth Amendment applies in the digital age.
The Core Protection: Reasonable Expectation of Privacy
The Fourth Amendment protects against "unreasonable searches and seizures." The key question in most Fourth Amendment cases is whether the defendant had a "reasonable expectation of privacy" in the place or thing searched. This two-part test from Katz v. United States (1967) asks: (1) Did the person exhibit a subjective expectation of privacy? (2) Is that expectation one that society is prepared to recognize as reasonable?
In the digital context, this test has been applied in ways that diverge sharply from physical-world intuition:
Cell Phones: The Bright-Line Rule
In Riley v. California (2014), the Supreme Court unanimously held that police must obtain a warrant before searching a cell phone seized incident to arrest. The Court recognized that modern cell phones are not just containers — they are "minicomputers" containing the sum of a person's private life: emails, text messages, photos, internet search history, location data, and more. The search-incident-to-arrest exception does not apply because the justifications for that exception — officer safety and destruction of evidence — are not implicated by digital data.
This is a bright-line rule: if agents search your phone without a warrant, that evidence should be suppressed. If you are arrested, do not consent to a search of your phone, and do not provide your passcode. The Fifth Amendment may protect against compelled disclosure of a passcode (though courts are split on whether biometric unlocking — fingerprint or face — is protected).
Third-Party Doctrine: The Biggest Digital Privacy Gap
Under the third-party doctrine from Smith v. Maryland (1979) and United States v. Miller (1976), information voluntarily shared with a third party carries no reasonable expectation of privacy. This means bank records, phone call metadata (numbers dialed, call duration), and — critically — much digital information stored with service providers may be obtainable without a warrant.
However, in Carpenter v. United States (2018), the Supreme Court limited the third-party doctrine in the context of cell site location information (CSLI). The Court held that long-term CSLI — which provides a detailed picture of a person's movements over weeks or months — requires a warrant. This was a significant victory for digital privacy, but its scope beyond CSLI remains uncertain.
Email and Cloud Storage
The Stored Communications Act (SCA), part of the Electronic Communications Privacy Act of 1986, governs government access to emails and other stored electronic communications. Emails stored on a server for more than 180 days can be obtained with a subpoena (not a warrant) under the SCA's outdated framework — though Department of Justice policy now requires a warrant for email content regardless of age.
Practical Advice for Protecting Your Digital Fourth Amendment Rights
- Use a passcode, not biometric unlock, for your phone — courts are more likely to protect alphanumeric passcodes under the Fifth Amendment
- Do not consent to searches of your electronic devices, ever
- Invoke your right to counsel before answering any questions about your digital accounts or devices
- Understand that information shared on social media, stored with cloud providers, or transmitted through third-party services may not be protected by the Fourth Amendment
The Fourth Amendment continues to evolve in response to new technology. What was settled law five years ago may no longer be good law today. Anyone facing federal charges involving digital evidence needs an attorney who stays current on Fourth Amendment developments — particularly in the Tenth Circuit, which has been active in this area.