LITIGATION SUPPORT TIP OF THE NIGHT

In the wake of the June 22nd landmark Supreme Court decision in Carpenter v. United States, it's a good time to review the laws of each state on cell-site location information. The American Civil Liberties Union has posted an interactive map here showing in the level of protection for CSLI in each of the 50 states.

No warrant is required in the red states.

The blue states require a warrant for real-time location tracking.

The green states require a warrant for CSLI.

Conflicting decisions have been issued in the purple states.

Note California and Colorado are among the states requiring a warrant for the location information, but whereas California requires a warrant for all cell phone location information, Colorado only requires a warrant for obtaining the information from devices, not from service providers.

In New Jersey a decision of the state supreme court ordered that a warrant was required for real time information, and in Illinois a state law was passed requiring a warrant for such information.

The Nevada Supreme Court ruled that no warrant is required for past CSLI.

Today the Supreme Court of the United States issued a decision , Carpenter v. United States, reversing the Sixth Circuit's affirmance of the Eastern District of Michigan's denial of a defendant's motion to suppress CSLI data (cell-site location information). The Litigation Support Tip of the Night for December 6, 2017 discussed the oral argument in this case. CSLI data is generated each time a cell phone connects to a cell phone tower. The FBI obtained court orders under the Stored Communications Act of to obtain the cell phone records of suspects in a robbery case. The CSLI of the petitioner in this case, Timothy Carpenter, showed that he was nearby the location of four robberies at the time the robberies occurred. (Carpenter's phone generated CSLI showing his location on average more than 100 times a day).

The Supreme Court held that the Government's acquisition of the CSLI records constituted a Fourth Amendment search. Personal location information concerns both an individual's expectation of privacy with respect to his physical location, and his expectation of privacy in information given to third parties. The Court distinguished CSLI data from 'pen register' phone call data and banking records which the Supreme Court previously held to not be covered by the Fourth Amendment in Smith v. Maryland, 442 U.S. 735 (1979), and United States v. Miller. 425 U.S. 435 (1976) respectively. CSLI data is not voluntarily shared in the same way dialed phone numbers or business records are. "[A] cell phone logs a cell-site record by dint of its operation,without any affirmative act on the part of the user beyond powering up." Carpenter v. United Sates, 585 U. S. ____, slip op. at 17 (June 22, 2018).

The Court found that CSLI data raises greater privacy concerns than GPS data, because it allows authorities to track a person's movements over time.

The Court chose not to call into question other business records that might indicate a person's location. It also noted that exigent circumstances might justify a warrantless search of CSLI.

This week, Judge Marsha Berzon issued an opinion in Stevens v. CoreLogic, Inc., No. 16-56089, 2018 U.S. App. LEXIS 16620 (9th Cir. June 2018), affirming a district court’s grant of summary judgment to the Defendant on claims brought against it for violating the Digital Millennium Copyright Act by stripping copyright management information from photos with its Multiple Listing Services software, and later distributing the photos.

The 9th Circuit found that the Defendant did not have the required mental state - knowing that its actions would induce, enable, facilitate or conceal infringement. The MLS software is used to upload photos taken by real estate photographs. The copyright data may be embedded in the image file, or be saved in a separate 'sidecar' file. Federal copyright law restricts the removal of copyright management information.

CoreLogic downsamples real estate photos, in part to make them easier to load on web pages. This process can remove the EXIF and IPTC metadata which can contain copyright management information.

Judge Berzon noted that the Plaintiffs did not present any evidence that they had ever in fact used CMI metadata to detect or prevent copyright infringement. Further, "a party intent on using a copyrighted photograph undetected can itself remove any CMI metadata, precluding detection through a search for the metadata." Id. at *15.

The denial of the Plaintiffs' Motion to Compel the production of certain documents, solely for the purpose of showing that CoreLogic knew its software removed EXIF and IPTC metadata was also affirmed. The Plaintiffs contended that documents on the Defendant's privilege log, for which no attorney was listed as an author or recipient, would contain such evidence. A party seeking to postpone summary judgment for additional discovery must state the specific evidence it seeks and its relevance to its claims. In the light of the fact that extensive discovery has already taken place, this general request with a 'bare assertion' of their likely relevance was insufficient.