Third-party doctrine

The third-party doctrine is a United States legal doctrine that holds that people who voluntarily give information to third parties—such as banks, phone companies, internet service providers (ISPs), and e-mail servers—have "no reasonable expectation of privacy" in that information. A lack of privacy protection allows the United States government to obtain information from third parties without a legal warrant and without otherwise complying with the Fourth Amendment prohibition against search and seizure without probable cause and a judicial search warrant.

Chronology
Followed by the states in 1791, the Fourth Amendment to the United States Constitution was enacted in 1792, holding:

"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."

In Katz v. United States (1967), the United States Supreme Court established its reasonable expectation of privacy test, which drastically expanded the scope of what was protected by the 4th amendment to include "what [a person] seeks to preserve as private, even in an area accessible to the public."

In response to Katz v. United States (1967) and Berger v. New York (1967), the United States Congress enacted the Omnibus Crime Control and Safe Streets Act of 1968, of which Title III is known as the "Wiretap Act." Title III was Congress' attempt to extend Fourth Amendment-like protections to telephonic and other wired forms of communication.

In 1976 (United States v. Miller) and 1979 (Smith v. Maryland), the Court affirmed that "a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties."

In 1986, the United States Congress updated the Omnibus Crime Control and Safe Streets Act of 1968 by enacting the Electronic Communications Privacy Act which included an updated "Wiretap Act" and also extended Fourth Amendment-like protections to electronic communications in Title II of the Electronic Communications Privacy Act, known as the Stored Communications Act.

A 2012 Maryland District Court court case (United States v. Graham) held that historical cell site location data is not protected by the Fourth Amendment.

In the same year, Associate Justice Sonia Sotomayor, writing a concurrence in a case (United States v. Jones) involving the police placing a GPS tracker on a suspect without a warrant, noted that

"More fundamentally, it may be necessary to reconsider the premise that an individual has no reasonable expectation of privacy in information voluntarily disclosed to third parties. This approach is ill suited to the digital age, in which people reveal a great deal of information about themselves to third parties in the course of carrying out mundane tasks."

In Carpenter v. United States (2018), the Supreme Court ruled warrants are needed for gathering cell phone tracking information, remarking that cell phones are almost a “feature of human anatomy”, “when the Government tracks the location of a cell phone it achieves near perfect surveillance, as if it had attached an ankle monitor to the phone’s user”. and that

"[cell-site location information] provides officers with “an all-encompassing record of the holder’s whereabouts” and “provides an intimate window into a person’s life, revealing not only [an individual’s] particular movements, but through them [their] familial, political, professional, religious, and sexual associations.”"

In 2019, Utah passed the Electronic Information or Data Privacy Act which requires a warrant for accessing Utah residents' private information stored with third parties.

In June 2020, the Fifth Circuit found in United States v. Gratkowski that transaction data with exchanges of virtual currency such as Bitcoin, are akin to bank records and not subject to Fourth Amendment protections.