US sets personal cloud privacy precedent

A recent landmark US Supreme Court ruling on the legality of searching a mobile phone without a warrant is a ‘historical moment’ for defenders of privacy rights according to Microsoft general counsel & executive vice president, legal & corporate affairs Brad Smith.

This case focused on whether police can search a suspect’s cell phone without a warrant during an arrest.

David Leon Riley was arrested on August 22, 2009 after a traffic stop, which resulted in the discovery of loaded firearms in his car. The officers subsequently seized and searched Riley’s phone and its contents, and the officers charged him with an unrelated shooting that had taken place several weeks prior to his arrest based in part on information found during that search.

Riley argued that the evidence obtained during that search should have been omitted because the search violated his Fourth Amendment rights to privacy and unwarranted search.

In Riley v. California, the lower court ruled that a police officer can not only seize and secure a suspect’s cell phone following an arrest, they can also search the contents of that phone without any warrant or probable cause. But the Supreme Court reviewed the ruling after the California Legislature passed a bill requiring police to obtain a warrant before searching the contents of any “portable electronic devices,” which had implications in another case being reviewed.

In a unanimous decision by Chief Justice Roberts, that court upheld that police generally require a warrant in order to search cell phones, even when it occurs during an otherwise lawful arrest, in part because it’s unfair to treat data accessed on a mobile phone as information that is locally stored on that device, and because access to this data would often unfairly give deep sight into a suspect’s personal life.

“To further complicate the scope of the privacy interests at stake, the data a user views on many modern cell phones may not in fact be stored on the device itself. Treating a cell phone as a container whose contents may be searched incident to an arrest is a bit strained as an initial matter,” Roberts said in his ruling.

“But the analogy crumbles entirely when a cell phone is used to access data located elsewhere, at the tap of a screen. That is what cell phones, with increasing frequency, are designed to do by taking advantage of ‘cloud computing.’”

“The United States concedes that the search incident to arrest exception may not be stretched to cover a search of files accessed remotely—that is, a search of files stored in the cloud.”

The ruling may have deep implications in a wide range of cases involving government seizure of data stored in the cloud, an issue that has risen to prominence since NSA contractor Edward Snowden release the NSA / GCHQ-related activities last year, as it’s one of the first to explicitly discuss privacy rights within the context of cloud computing.

Microsoft general counsel & executive vice president, legal & corporate affairs Brad Smith said that the ruling is a historic victory for privacy defenders.

“More than in any other recent decision, the Supreme Court this week advanced privacy in a digital era characterized by ubiquitous computing,” Smith said in a recent blog post lauding the ruling, adding that it “strikes the right balance between public safety and the privacy concerns of users of mobile technology.”

But perhaps most important was the Court’s reasoning and its positive implications both for smart devices and the storage of personal information in the cloud, Smith explained: “As Chief Justice Roberts noted, “before cell phones, a search of a person was limited by physical realities and tended as a general matter to constitute only a narrow intrusion on privacy.” As he pointed out, most people cannot lug around “every piece of mail they have received for the past several months, every picture they have taken, or every book or article they have read – nor would they have any reason to attempt to do so.”

Yet smartphones, as access points for a range of services, have changed this dynamic, and should force government to reassess how its balances effective law enforcement with privacy rights at a time when an increasingly large chunk of the population depends on these services.

“For those of us at Microsoft and other tech companies who are seeking to ensure that the Fourth Amendment protects information stored in the cloud, these are encouraging words,” he said.

The ruling arrives just weeks after the House approved an amendment to a defense spending bill to prohibit government agencies from using funds to require ISPs to give the government direct access to their servers or to access private electronic communications without a warrant, a move Microsoft also welcomed.

US-based cloud service providers like Microsoft have been keen for the US government to claw back what many view as overreaching surveillance activities, which have seemingly begun to impact the ability of some service providers to effectively compete for contracts globally. Just last week the German government dropped a contract with Verizon, in part because of the Snowden revelations.

  • Cloud Native World

  • TechXLR8

  • Cloud & DevOps World Summit

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.


There are no upcoming events.


Do you agree public funding should be used to support mobile operators to more broadly deploy Open RAN?

Loading ... Loading ...