one can send encrypted messages on a peer-to-peer basis by the simple expedient of running one's on mail server
...except that you rely on the rest of the internet to actually deliver the message. So in a sense, the argument is the same: you have a reasonable expectation of privacy on the contents but not the addressing information.
But I think this argument misses a big part of the EFF's point. The reason that Smith v Maryland is outdated is that the nature of surveillance analysis has changed. The legal standard should not be based on some technicalities of implementation, but rather on the actual real effects in terms of policy and expectations.
Yes, technically, the difference between looking at a handful of records manually pulled by a technician in response to a court order and examining the metadata of literally every phone call made using sophisticated machine learning algorithms is one of degree, not kind. However, the difference in result is one of kind, not degree, and it's facetious to argue otherwise.
Basing our legal standard on such a technicality simply encourages the government to find loopholes. Basing it on the effective results makes the standard relevant, meaningful and future-proof.
You don't have to attack third party doctrine to get a sensible result in light of modern technology. A straightforward wrinkle to add to Smith is that unlike the plain text call information in Smith, an encrypted Skype call or encrypted cloud storage account is something people can have a reasonable expectation of privacy in.
The only reason you have to attack a Smith head-on is to validate the current monetization structure of the Internet. Encrypted data isn't very lucrative, after all. I don't think that's a valid justification for interpreting the Constitution one particular way.
> A straightforward wrinkle to add to Smith is that unlike the plain text call information in Smith, an encrypted Skype call or encrypted cloud storage account is something people can have a reasonable expectation of privacy in.
You're just hitting the heart of why Smith is broken. The content of a traditional phone call isn't encrypted but Smith still doesn't allow the government to record it without a warrant just because the call is transmitted via third party equipment, am I right? The issue is the metadata. But encrypting the call doesn't hide the metadata which is still needed in order to route the call.
Verizon Wireless knows where you are 24 hours a day, Facebook knows who all of your friends are and when and how often you communicate with each of them and Amazon knows everything you buy and what books you read. Encrypting the content of messages changes none of that. You're already paying money to Verizon and Amazon rather than viewing ads, it doesn't stop them from storing the metadata.
...except that you rely on the rest of the internet to actually deliver the message. So in a sense, the argument is the same: you have a reasonable expectation of privacy on the contents but not the addressing information.
But I think this argument misses a big part of the EFF's point. The reason that Smith v Maryland is outdated is that the nature of surveillance analysis has changed. The legal standard should not be based on some technicalities of implementation, but rather on the actual real effects in terms of policy and expectations.
Yes, technically, the difference between looking at a handful of records manually pulled by a technician in response to a court order and examining the metadata of literally every phone call made using sophisticated machine learning algorithms is one of degree, not kind. However, the difference in result is one of kind, not degree, and it's facetious to argue otherwise.
Basing our legal standard on such a technicality simply encourages the government to find loopholes. Basing it on the effective results makes the standard relevant, meaningful and future-proof.