As you move through the world with a phone in your pocket, you likely leave a trail of digital breadcrumbs. If you have enabled location services for a wide range of common apps or services like Google Maps or a weather app, this trail could be a timestamped record of where you slept for the night, which doctor’s office you visited, or what protest march you joined. For years, the government treated this data trail as theirs for the taking, arguing that the moment you handed your location data to a third-party company, you waved goodbye to your privacy.
This week, in Chatrie v. United States, the Supreme Court rejected that idea. It held that police conduct a Fourth Amendment search the moment they reach into your location history, regardless of the quantity or quality of data that is revealed, or whether that data is held by a third-party. This means law enforcement will generally need a warrant to get it.
This is a major win in the fight for privacy, which CDT has supported from the start. We filed an amicus brief in Chatrie, and ahead of oral arguments we laid out why the case was a fork in the road for Fourth Amendment rights in the digital age. The Court took the road we hoped it would, and while many important questions remain about the bounds of geofence warrants and other digital searches, the decision is a major victory for privacy rights and a positive signal of where the law may be headed on other digital privacy issues.
Quick Recap of How We Got Here
The Chatrie case grew out of a 2019 bank robbery in Virginia. Unable to identify the suspects, police served Google with a geofence warrant, which is a demand for data on every phone present in a given area during a given window of time. The geofence stretched across roughly 17.5 acres, extending beyond the bank, sweeping in private homes and a church. Through a multi-step process, Google eventually turned over the identity of the defendant, Okello Chatrie.
Geofence warrants invert the basic logic of the Fourth Amendment: instead of searching for evidence centered on a specific person suspected of committing a crime, geofence warrants seek to identify everyone that was present near a crime to generate potential suspects. We have long argued that this is a surveillance dragnet, and that it poses acute dangers especially when aimed at sensitive places like houses of worship and protest activity.
The Chatrie case turned on two threshold questions. Does the Fourth Amendment protect location tracking for periods shorter than one week that the Court ruled required a warrant in Carpenter v. United States back in 2018? And does it protect location data collected through apps and services, as opposed to location data generated and stored by your mobile carrier? On both questions, the Court came down on the side of privacy.
Think of Your Data Like a Diary
One way to understand the Court’s reasoning is to picture your location history as a diary. Not one you sit down to write, but one your phone keeps for you. It logs every place you go, sometimes precisely enough to tell which floor of a building you are on. You consult it, edit it, and delete it. In the Court’s words, it serves as a personal journal of your movements. The fact that you store your diary on Google’s or another service provider’s servers, rather than in your nightstand, does not make it any less yours.
The Court found that this diary of location history is even more revealing and precise than the cell-site data it protected in Carpenter, and it is genuinely the user’s own, much like emails or photos kept in the cloud. Essentially, your diary stored at a friend’s house is still your diary.
A Peek Is Still a Search
The Court also rejected the government’s argument that a brief peek — grabbing only a couple of hours of location data — does not count as a search. It does not matter whether the government reads a single page of your diary or the whole thing, because the Fourth Amendment applies “regardless of the quality or quantity of information the government obtains.” Even a brief glance at where you have been can reveal deeply personal information, like visiting a doctor, joining a protest march, or attending a house of worship. CDT highlighted in its own brief, and the Court recognized, that this risk is amplified when a surveillance tool like a geofence allows the government to hone in directly on sensitive locations and events to track everyone present. Accordingly, the protection does not switch on only once the intrusion goes too far. If the diary is yours, a peek is as much a search as a thorough read.
This remedies a major issue the Court previously left unresolved related to location tracking. In Carpenter, the Court said that tracking for a week or longer required a warrant, but left open whether the Fourth Amendment required a warrant for shorter periods. That question now has a clear answer, which will provide strong privacy protections for cell phone tracking, and could have profound ramifications for other forms of location surveillance.
Why the Government’s Reliance on the “Third-Party Doctrine” Failed
The government’s central argument rested on the “third-party doctrine,” which is a legal doctrine established in the 1970s that has generally held that information you disclose to a company is no longer private, and that you have no right to claim Fourth Amendment protections for the data you volunteer to the third-party company. In this case, the government contended that while carrying a phone may be unavoidable in modern life, turning on location tracking is optional. “Opt in” by using such services, and you have voluntarily exposed your movements for the company — and therefore the government — to sweep up.
But the Court was not persuaded, and its reasons are arguably the most important and far-reaching part of the opinion. Many location-based services repeatedly prompt users to turn location services on, sometimes warning a device will not work correctly otherwise, without explaining how often it records your location or that the record may be accessible to the police.
More fundamentally, nearly everything we do on a phone requires this kind of “opt-in.” Sending an email, uploading a photo, and adding a calendar entry each hand private information to a third-party company. The Court properly recognized that these activities, which are integral to daily cell phone use, are done with the expectation that the data still belongs to the user and remain private. To say that using the most basic apps, services, and features of modern cell phones forfeits your privacy rights would mean pretending we all still live in flip-phone days. As the Court put it, cell phone users do not share private information with the government “just by doing the ordinary things cell-phone users do.”
That single sentence is the heart of the ruling. Using the tools of modern life is not consent to government surveillance.
A Narrow Ruling With a Long Shadow
The Court kept its holding tied to location data. It did not decide whether police need a warrant for your search history, your purchase records, or your messages with an AI chatbot. But much of the same reasoning will apply with equal force to other digital breadcrumbs like these.
The Court refused to apply the third-party doctrine to location data because it is highly revealing, because it is genuinely the user’s own, and because using everyday digital services is not a meaningful choice to surrender privacy. Those same three observations could describe your browser history, your online orders, and the prompts you give a chatbot. As we warned before this case, geofence warrants represent the tip of the spear for a broader class of “reverse warrants” that effectively search the many to find the one. The logic in Chatrie gives advocates a powerful foothold to argue that other digital breadcrumbs deserve protection from reverse searches, too.
Notably, while the Court determined that a geofence is a “search” that triggers Fourth Amendment protections, it declined to rule on when such a search is reasonable. It left for another day the difficult questions of whether the search conducted under the geofence warrant issued in this case was “reasonable,” whether searches supported by geofence warrants more generally are prohibited under the Fourth Amendment, and if not, what parameters must be met for a geofence warrant to be valid. That gap matters because some geofence warrants have swept breathtakingly wide, like one Google described in its amicus brief covering 25 square miles across Vail and Aspen that pulled in hundreds of homes, dozens of hotels, and multiple hospitals. Absent proper limits, even more geographically narrow geofences can sweep in sensitive areas and activities.
The case now returns to the Fourth Circuit, which must decide whether the warrant used against Chatrie was backed by probable cause and sufficient particularity at each step in the geofence process. It is unclear what standard the court will apply, or how demanding it will be, and whatever it decides may well set up a return trip to the Supreme Court. For now, the warrant requirement is firmly established, but the rules governing how narrow these searches must be remain unwritten.
The Fight Is Not Over
The warrant requirement is a meaningful safeguard, but not a complete one. The Court addressed what police must do to compel production of your location data, and strongly indicated that other types of data are similarly protected, including “emails, documents, photographs, or calendars.” But the full extent of these protections is unclear. And while the ruling is a significant step toward safeguarding data, it does not address the data broker loophole, which the government exploits to stockpile data without any judicial approval. After all, a warrant requirement means little if the government can pull out its credit card and buy the same data from a broker instead.
That is why this ruling should energize, not end, the push for legislation like the Fourth Amendment Is Not For Sale Act, which helps close the data broker loophole. Chatrie affirms that your digital trail is protected, regardless of whether that data is stored on a company’s servers or the phone in your pocket. Whether that promise holds depends on what Congress and regulators do next.
Sentinel — Human
The article exhibits strong human characteristics, blending detailed legal facts with persuasive rhetoric and original conceptual framing to argue a clear privacy position.
