Wazers Beware: Can Police Access Your Data?Posted on Aug 13, 2019
The average American spends roughly 42 hours per year sitting in traffic. This staggering figure helps to explain the public’s enthusiastic response to Waze, a social media platform and mobile application designed to help drivers more effectively avoid traffic and reach their destination. What sets Waze apart from other navigation applications is the platform’s ability to effectively combine electronic meta-data with user-generated reports to determine the most efficient route for a driver to take. Users, referred to as “Wazers” on the application, are able to alert other users in real time when they come across a police speed trap or a car accident that may impact travel plans. Understandably, police departments across the country tend to harbor intense criticism of the application, and argue that the application might be “misused by those with criminal intent to endanger police officers and the community.” As with most technological innovations, particularly those that utilize user information, the efficiency afforded by Waze’s technology presents some troubling issues. For example, if Waze is constantly collecting data about users’ location, movement speed, and other similar information, can law enforcement officials use this data to incriminate these individuals?
Given the breadth of data that Waze collects from its users, the issue of whether law enforcement officials may exploit this information has significant implications. Intuitively, it seems reasonable that law enforcement officials might be able to gain access to much of this information. Despite this instinct, the accessibility of users’ private data is severely limited by the protection afforded by the Fourth Amendment guarantee of security against unreasonable searches and seizures. In essence, law enforcement officials may not take something from an individual without probable cause, and there have been countless litigations defining the exact scope of what a “search” may or may not entail. An important and particularly relevant development in Fourth Amendment jurisprudence is the “Third-Party Doctrine.” This doctrine first emerged in Katz v. United States, in which the Supreme Court linked held that “what a person knowingly exposes to the public, even in his own home or office, is not a subject of Fourth Amendment protection” because that person can claim no legitimate expectation of privacy.
Thus, per the third-party doctrine, in revealing information to a third-party, an individual waives her expectation of privacy and, consequently, loses any Fourth Amendment protections.  This is demonstrated in Smith v. United States, in which the Supreme Court held that telephone users had no expectations of privacy for telephone numbers that they physically dialed on their home phone. The Court reasoned that the telephone users forfeited their expectations of privacy because they “typically know that they must convey numerical information to the phone company; that the phone company has facilities for recording this information; and that the phone company does in fact record this information for a variety of legitimate business purposes.” Under Smith, as long as the individual was aware that the third-party could and was storing the information as part of a legitimate business practice, the information in question was no longer protected.
However, there may be an argument that this case is different from Smith in that the extent of the information gathered and collected by Waze far exceeds that of dialing a telephone. The argument that the Waze user “typically knows” all possible utilities of their information is sufficiently more questionable in this situation. Studies have shown that between 0.05% and 0.22% of consumers access the terms and conditions, and those who do access it do not spend enough time on the material to sufficiently digest its content. The complexity of innovation urges us to reconsider the expectations of technology users, and may influence the court’s direction on the matter going forward.
Finally, it is worth asking whether the third-party doctrine is appropriate given society’s increasing reliance on third-party technology providers. Justice Sotomayor recently suggested that the third-party doctrine is “ill suited to the digital age” because we live in an era “in which people reveal a great deal of information about themselves to third parties in the course of carrying out mundane tasks.” As a result, it is virtually impossible to use any technologies without revealing large amounts of information to third parties. In the coming year, the Supreme Court will again consider the scope of the third-party doctrine when it releases its decision in Carpenter v. United States. In Carpenter, the Court will determine whether law enforcement’s warrantless seizure of cell-site-location information, a type of GPS data, was a violation of Fourth Amendment protections. Many critics hope that this case will be the moment where the Supreme Court explicitly addresses the applicability of the decades-old third-party doctrine to the 21st century, and the result may have dramatic effects down the road.
As this analysis suggests, the current legal landscape seems to be exceptionally favorable for Waze: the company has the flexibility to cooperate, or even to proactively participate, in law enforcement efforts without incurring liability. Waze users may not share the same bright outlook: they must choose to either discontinue using the application or assume the risk that their data might be disclosed to the police. One thing seems to be clear: Wazers should be sure to think twice before embarking on their next journey.