Three Court Cases That Shaped US Privacy Law

As we live more of our lives online, the boundary between private and public is constantly shifting. And sometimes, the law struggles to keep up.

This can lead to the government overstepping.

Fortunately, over the years there have been cases that have brought the law in line with the digital reality and kept governments in check. Here are three poignant examples of how our legal system modernizes to deal with the digital world.

USA v Pen Register

USA v Pen Register was a case brought before a judge in Texas in 2006. The US government wanted permission to track a cell phone's location as well as track "post-cut through digits," which are basically whatever numbers you dial after you connect your call.

The judge ruled that the government was allowed to proceed to tap the phone in question, but they were not allowed to track the location nor any post-cut through digits.

The Outcome

The judge did grant the warrant for the tracking and tapping of calls under the Electronic Communications Privacy Act (ECPA). However, he offered some caveats.

First, he made it clear that the government was not allowed to track numbers dialed after it was placed. Banks and other service providers often require customers to input personal information this way and the judge ruled that this was not covered under the ECPA.

Second, he ruled that governments would require an additional warrant to track the location of the cell phone. The government intended to use it proactively, and the judge ruled that they would need other justification in order to get a warrant.

Why It's Important

First, it's an important pushback against the blanket information gathering mandated by the Foreign Intelligence Surveillance Act, which calls for companies like Verizon to simply hand over all call information to the NSA.

Second, it provides protection against the government tracking locations in order to prove a case. Just like the government needs probable cause to search a car, so too they need probable cause to record your location.

And finally, this case forces the government to address the inconsistency between what the Patriot Act and its ilk enable and how judges are interpreting older statutes of privacy in the digital age. In particular, the failings of the ECPA to maintain current privacy protection due to its outdated understanding of how people share private information online.

Warshak v USA

Warshak v USA was a fourth amendment constitutional challenge made in 2010 when the government required an ISP to give them the emails of Steven Warshak. While Mr Warshak was convicted anyway (in part based on email evidence) the case marked a change in the privacy status of email communication.

Steve Warshak ran a company that sold a natural male enhancement drug called Enzyte. Although Enzyte was consistently advertised as being scientifically proven to be effective, there was no such evidence.

But in order to convict him, the government used a subpoena to compel his ISP to hand over archived emails — emails that Mr Warshak did not know were being archived.

Mr Warshak argued that this violated his fourth amendment rights, which guarantees citizens protection from unreasonable search and seizure.

The Outcome

Unfortunately for Mr. Warshak, he was still convicted. However, the judge did rule that the government had indeed violated his fourth amendment rights. The evidence gathered was admissible in this case because the government acted in good faith with the Stored Communications Act.

But for other cases, Warshak v USA set a precedent. Because emails carry an assumed privacy, the government is not legally allowed to collect, read, and submit into evidence emails unless they have cause and get a warrant from a judge.

Why It's Important

Warshak v USA is important for two reasons.

It's the first time that the issue of email surveillance has been addressed and is legal recognition that there's an assumed privacy when you send and receive email. What's more, that privacy doesn't end just because the email is archived on a third party server somewhere — your privacy is still guaranteed by the courts.

Second, Warshak v USA sparked a move to write a bill that would codify this ruling into law, providing nationwide protection for citizens from these sorts of violations.

Bernstein v US Dept of Justice

Bernstein v US Dept of Justice was a case in the late 1990s about a bizarre piece of the law — the legal standing of encryption and whether or not source code is protected as a first amendment right to free speech.

Technically, encryption is legally seen as a munition. And while it was fine to produce, distribute, and sell encryption software to people within the US, it was not legal to export it. Instead, you had to get permission from the Export Administration Regulations (EAR), who required you to go through a large amount of red tape.

Bernstein had developed an encryption system called Snuffle. He wanted to present his system worldwide at conferences and thus needed permission from the EAR.

He contested this requirement on constitutional grounds, arguing that his work was protected by his first amendment rights.

The Outcome

The courts ruled in Bernstein's favor. They supported the argument that his source code was protected under the first amendment and that the EAR couldn't require a license to distribute the software. And while the opinion in this case was later reversed, Bernstein v US Dept of Justice helped clarify the battle lines in the fight for encryption software.

Why It's Important

By controlling access to encryption software, the government makes it much harder to prevent your digital communication from being monitored.

By arguing that encryption software is a form of free speech, the courts have clarified that the government doesn't have a right to limit its distribution.

Second, with digital security and privacy increasingly important, the demand for access to good encryption software for individuals and companies is only going to go up. Bernstein v US Dept of Justice started the process of getting the law on the side with changing societal demands.


There's no denying that our concept of privacy is changing and under ever-increasing threat. What's more, there's no denying that as digital progress advances, legal protection of our privacy is slowly being eroded.

But it's also clear that legal challenges brought by these sorts of cases put these issues in front of judges. Who, again and again, act to modernize the law to offer the protection that all individuals deserve.

Further Reading and Resources

We have more guides, tutorials, and infographics related to privacy and the law:

The World Wide Web & Internet Privacy

Check out our infographic, The World Wide Web & Internet Privacy.