‘My Computer Is My Castle’: New Privacy Frameworks to Regulate Police Hacking

87 Pages Posted: 1 Apr 2019 Last revised: 3 Aug 2020

See all articles by Ivan Škorvánek

Ivan Škorvánek

Tilburg University - Tilburg Institute for Law, Technology, and Society (TILT)

Bert-Jaap Koops

Tilburg University - Tilburg Institute for Law, Technology, and Society (TILT)

Bryce Clayton Newell

University of Oregon - School of Journalism and Communication

Andrew Roberts

Melbourne Law School

Date Written: February 1, 2019

Abstract

Several countries have recently introduced laws allowing the police to hack into suspects’ computers. Legislators recognize that police hacking is highly intrusive, e.g., to personal privacy, but consider it justified by the increased use of encryption and mobile computing — both of which challenge traditional investigative methods. Police hacking also exemplifies a major challenge to the way legal systems deal with, and conceptualize, privacy. Existing conceptualizations of privacy and privacy rights do not always adequately address the types and degrees of intrusion into individuals’ private lives that police hacking powers enable. Traditional privacy pillars such as the home and secrecy of communications do not always apply to computer-based police investigations in an era of mobile technologies and ubiquitous data.

In this Article, we conduct a comparative legal analysis of criminal procedure rules in the United States, Germany, Italy, the Netherlands, and the United Kingdom to see which privacy frameworks law-makers and courts apply when regulating policy hacking. We show that while classic privacy frames of inviolability of the home and secrecy of communications remain adequate for some forms of police hacking (observation and interception), they fail to capture novel and fundamentally different ways in which the most intrusive forms of police hacking (covert online searches and remote surveillance) impact privacy in twenty-first-century society. Our analysis shows the emergence of two new frameworks that have the potential to begin filling this void: 1) a container-based approach, focusing on the computer as protection-worthy in itself — or the “informatic home,” and 2) a content-based approach, focusing on the protection of data — or “informatic privacy.” Since both approaches have valuable benefits and potential drawbacks, we propose that a complementary application of the two might work best to capitalize on their advantages over traditional privacy frameworks to regulate police hacking.

Suggested Citation

Škorvánek, Ivan and Koops, Bert-Jaap and Newell, Bryce Clayton and Roberts, Andrew, ‘My Computer Is My Castle’: New Privacy Frameworks to Regulate Police Hacking (February 1, 2019). BYU Law Review 2019 (4): 997-1081, TILT LAW & TECHNOLOGY WORKING PAPER , Tilburg Law School Research Paper Forthcoming, Available at SSRN: https://ssrn.com/abstract=3348711

Ivan Škorvánek

Tilburg University - Tilburg Institute for Law, Technology, and Society (TILT) ( email )

Tilburg
Netherlands

Bert-Jaap Koops

Tilburg University - Tilburg Institute for Law, Technology, and Society (TILT) ( email )

P.O.Box 90153
Prof. Cobbenhagenlaan 221
Tilburg, 5037
Netherlands

Bryce Clayton Newell (Contact Author)

University of Oregon - School of Journalism and Communication ( email )

Eugene, OR
United States

Andrew Roberts

Melbourne Law School ( email )

185 Pelham Street
Carlton
Victoria, 3052
Australia

Do you have negative results from your research you’d like to share?

Paper statistics

Downloads
570
Abstract Views
1,953
Rank
88,361
PlumX Metrics