Published by The Lawfare Institute
in Cooperation With
Today, more than ever, law enforcement has access to massive amounts of consumer data that allow police to, essentially, pluck a suspect out of thin air. Internet service providers and third parties collect and aggregate precise location data generated by our devices and their apps, making it possible for law enforcement to easily determine everyone who was in a given area during a given time period. Similarly, search engines compile and store our internet searches in a way that allows law enforcement to learn everyone who searched for specific keywords like an address or the word “bomb.” And DNA is now amassed in consumer genetic genealogy databases that make it possible for law enforcement to identify almost any unknown person from their DNA, even if the unknown person never chose to add their own DNA to the database. Modern law enforcement officials very frequently conduct “suspicionless searches”—searches that are not based on individualized suspicion—on these computer databases. This article describes the problem of suspicionless searches of consumer databases, explains the threat these searches pose to privacy interests, argues that the legal arguments put forth by law enforcement in defense of these practices are flawed and suggests what should be done about the problem, both in courts and in the legislature.