This article was written by Molly McDermott, an intern at Libertas Institute.
Increasingly, legal doctrines are impacting the lives of ordinary Americans. Until the recent ruling in West Virginia v. Environmental Protection Agency, the major questions doctrine was largely unknown.
However, many legal principles impact the daily lives of Americans. The state action and third-party doctrines play an influential role in determining how easy it is for the government to access an individual’s digital data.
On its face, the state action doctrine reads like common sense – no government can pass a law that violates the rights of its citizens, and neither may it enforce an unjust law that has the same effect.
But what happens when the government isn’t the one doing the enforcing?
Private corporate functions are not as separate from government functions as they once were. As the government has grown, a substantial amount of government action is contracted out to third-party providers. Government contracts out services for everything from education to military defense. For example, school districts contract with companies such as Panorama, and law enforcement contracts with companies such as Clearview AI.
The merging of state and corporate function not only makes it difficult for courts to determine what constitutes state action, but also frustrates plaintiffs.
Modern government is an amalgam of agencies, commissions, and boards. It is a Leviathan of bureaucracy shrouded in impenetrable hierarchy, secrecy, and paperwork. Determining who is responsible for a specific injury is not an easy task. To work through the process, it is necessary to identify the harm caused and to determine this harm was authorized by the state. Practically speaking, the public is largely unaware of how complex bureaucratic systems work. To find the actor responsible for an injury, and then assign him blame for a constitutional violation? It’s a near impossible task for most plaintiffs.
At a certain point, the difficulty of this process becomes a feature of the system rather than a bug. Where there is no practical remedy, there is no right – and our rights are only as strong as the institutions we have in place to protect them.
Because determining whether the state injured an individual is not an easy analysis, the vast majority of possible plaintiffs would never bring suit. They are too poor, lack the right connections, or simply don’t have the time to deal with years of litigation.
Fundamentally, the state action doctrine is meant to ensure that constitutional rights are protected at every level of government, from the president all the way down to the county clerk in the smallest municipality. However, over the last several decades, courts have eroded the state action doctrine, further weakening the relationship between government officials and their offices.
This erosion is clearly visible in the way the courts have handled recent constitutional challenges to privacy violations.
If the government wants to search through your house, papers, or pockets, it needs to first obtain a probable cause warrant.
In the twenty-first century, however, there is very little “searching” that needs to be conducted face-to-face. Internet service providers (ISPs) maintain vast troves of data from all of their customers’ devices. Any information that would be of interest to law enforcement, such as location history data, incoming and outgoing calls and messages, or account passwords, has already been collected by these companies, in accordance with the terms of your service contract.
Now, if the government wants to search through that data, it has to jump through far fewer hoops. The same agencies search for the same information, but now there is no warrant requirement. The state is no longer the primary search actor when it comes to electronic personal information – your ISP is. And private companies are not bound by the same constitutional checks and balances as law enforcement.
The state can reap the benefits of these systems without the constitutional assurances provided by a warrant. These companies are free to turn over as much information about you and your devices as law enforcement requests. The third-party doctrine allows the government to circumvent the state action doctrine by taking advantage of private data collection systems that already exist.
The state action doctrine is an important safeguard when it comes to data privacy and information security. Judicial narrowing of this doctrine, however, has given the state extensive latitude to act outside of constitutionally prescribed rules.
When we are left without a meaningful way to remedy government wrongs, tyrannical tendencies are incentivized. Privacy concerns will only continue to grow as internet service providers and law enforcement form closer relationships.
State legislatures should not wait for courts to catch up with technological changes and instead should follow Utah’s lead by passing laws closing exceptions to the Fourth Amendment’s warrant requirement.