By Kade Crockford
Do the cops need to get a warrant before asking a tech company to disclose cellphone location data showing where you were at a given time? The Supreme Court, ruling 6-3 in a recent decision written by Justice Kagan, says yes.
That’s an important win for privacy. But arguably the most important part of the ruling is something Justice Kagan wrote ‘in dicta’—meaning the Court wasn't deciding the case on those grounds, but rather offering a preview of where its thinking is heading. And that preview signals something extremely promising for our privacy: a comfortable majority appears ready to move yet further away from 50-year-old Supreme Court precedent that leaves us dangerously exposed to governmental privacy invasions.
That precedent is called the “Third Party Doctrine,” and while it has always posed serious problems for our privacy, it is frankly absurd in the year 2026.
Established in two Supreme Court cases in the 1970s, the Third Party Doctrine says that if you voluntarily disclose information to a third party, you lose your privacy interest in the information. The two cases—United States v. Miller and Smith v. Maryland—involved government demands on private companies seeking information about customers. In Miller, the government obtained bank records without a warrant; in Smith, it was call detail records from a phone company.
In both cases, the Supreme Court held that because the defendants had “voluntarily” handed over their information to private companies, they had no legal standing to try to block the government from accessing the information.
That doctrine was always troublesome, but today its implications are genuinely alarming.
After all, to participate in contemporary life—to work, get an education, and even socialize or date—means to entrust tech companies with extremely sensitive information revealing almost everything about us. Our interests, habits, health concerns, patterns of movement, private communications—all of these and other details about our personal lives are stored on the servers of companies like Amazon, Google, Microsoft, and Apple. Can it really be that we lose our privacy interest in this information merely because it is stored on a private company’s servers?
—Thankfully, the Supreme Court appears closer than ever to slamming the door shut on that dangerous notion and overturning the Third Party Doctrine as it applies to all this sensitive information stored in “the cloud.”
Kade Crockford
The first major Supreme Court ruling eating away at the doctrine was an ACLU case called Carpenter v. United States, decided in 2018. In that case, police obtained Mr. Carpenter’s cell site location information from his mobile phone provider without a warrant.
ACLU lawyers representing Mr. Carpenter argued the Third Party Doctrine ought not to apply to that historical cellphone location data because cellphone users don’t in any meaningful way “voluntarily” convey their location information to their phone carriers. Instead, cellphones automatically ping cellphone towers, creating a location history record independent of any conscious or intentional action of a cellphone user. Indeed, the only way to avoid sending such signals is to turn off your cellphone or not carry one—not exactly a reasonable expectation for a person living in 21st century America.
In that case, the Supreme Court agreed with Mr. Carpenter and his ACLU lawyers, holding that cell site location information is not governed by the Third Party Doctrine and requiring the government to get a warrant before demanding a company like Verizon turn it over to the police.
Nearly a decade later, in Chatrie v. the United States, one of the final decisions of this term, the Court extended that logic.
Where Carpenter protects location data held by phone carriers, Chatrie safeguards the location history that Google retains on its servers. (Or rather, that it used to retain on its servers, at the time the case was filed. It no longer does so; that information is now stored on individual devices.)
In any case, Justice Kagan's majority clarifies the principle: the third-party doctrine does not apply to location data held by Google because carrying cell phones and using location services on them are essential, ordinary, everyday aspects of modern life.
But crucially, she didn’t stop there. Justice Kagan also signaled that she and five of her colleagues may in future cases extend these privacy protections to other types of information stored by private companies. For the majority, Kagan wrote:
“A cell-phone user is not to be viewed as sharing private information with third parties—which can then be freely passed on to the government—just by doing the ordinary things cell-phone users do... [Mr. Chatrie’s location] records serve as a personal journal of a user’s movements...In that way, Location History resembles other private materials—think of emails, documents, photographs, or calendars—that even if stored on Google’s servers, a user reasonably views as his own. And as a result, that he reasonably expects to be shielded from the ‘inquisitive eyes’ of the government.”
The language about "other private materials" should make us all very optimistic. Here, Justice Kagan and five colleagues are signaling they believe people retain a privacy interest in "emails, documents, photographs, or calendars," "even if stored" on a company's private servers.
To be clear, this isn't the law yet—it's dicta. But it's the surest signal we've yet received that a comfortable Supreme Court majority is ready to fundamentally expand Fourth Amendment protections for the digital age.
If future cases follow this trajectory, the practical implications will be enormous: the government would need a warrant to access your emails backed up to Gmail, your photos stored on iCloud, your documents in OneDrive. The Third Party Doctrine wouldn't just be limited—it would for practical purposes be dead.
Kade Crockford is director of technology and justice programs at the ACLU of Massachusetts.
