Civil liberties and privacy advocates have taken the side of a convicted robber in Pennsylvania who says police abused their power by collecting data from a college WiFi network to tie him to the armed holdup of campus pot dealers.
In legal documents filed Monday, the American Civil Liberties Union and the nonprofit Electronic Frontier Foundation sought to persuade the Pennsylvania Supreme Court that police at Moravian College in Bethlehem, Pennsylvania, violated the U.S. Constitution when they failed to seek a warrant to obtain digital evidence in the form of campus WiFi traffic.
The case is a new front in the battle over the government’s expanding ability to use high-tech surveillance techniques to search for people near the scene of a crime and then document where those people have been.
Investigators asked the school’s information technology department to turn over a list of students who were logged on to the campus WiFi network in the dormitory where two masked men posing as campus police officers held up a pot dealer and his roommate at gunpoint around 2 a.m. on Feb. 2, 2017, taking $1,000 and a jar of marijuana.
That list included three people who did not live in the dorm: two women and Alkiohn Dunkins, a member of the college’s football team. Dunkins denied being at the dorm, but a student who lived next door told police that Dunkins had bragged about the heist. Dunkins’ lawyer accused police of conducting an illegal search for the WiFi logs, but a judge allowed the logs to be used as evidence. Dunkins was convicted at trial in September 2018 and sentenced to five to 10 years in prison.
Another lawyer representing Dunkins appealed the conviction, arguing in part that the WiFi logs had been illegally obtained. Again, the argument failed.
This time, Dunkins is making the claim to the Pennsylvania Supreme Court. And he is now backed by the American Civil Liberties Union’s national and Pennsylvania offices, as well as the Electronic Frontier Foundation. Those three activist groups submitted a joint “friend of the court” brief on Monday saying the ability to use WiFi logs to identify people in a particular place and track their movements “poses a grave threat to privacy and constitutes a sweeping expansion of government power.”
The groups compared the search in the Dunkins case to “a search of every house in an area of a town — simply on the chance that the suspect might be located inside one.” The police violated the privacy not only of Dunkins but of the two women, the groups said. “The same investigative technique can reveal everyone present at a political gathering, a mental health center, or an Alcoholics Anonymous meeting,” they continued.
The group’s entry into the Dunkins case is part of a wider campaign to broaden judges’ interpretations of a 2018 U.S. Supreme Court ruling that police must obtain a warrant before asking telecommunications companies for records showing when someone’s mobile phone pinged cell towers. The court found that the data required judicial oversight because it could be used to conduct “near perfect surveillance” of a person’s travels.
Privacy groups have cited that 2018 ruling, Carpenter v. United States, to try to persuade judges to require warrants for other types of electronic surveillance, including real-time cellphone tracking, automated license plate readers, data collected by cars and video cameras positioned outside people’s homes.
Dunkins’ lawyer, Michael Diamondstein, also submitted a brief Monday arguing that the WiFi data was illegally obtained, calling it “an example of George Orwell’s art becoming reality.”
Prosecutors in Northampton County, Pennsylvania, where Dunkins was convicted, have said that a warrant was not needed because the WiFi request applied narrowly to a campus network and because all students, including Dunkins, agreed to a policy that allowed the college to collect and disclose their usage data.
An appellate court agreed, saying Dunkins had no expectation of privacy in using the WiFi network.
Richard Pepper, first deputy district attorney at the Northampton County District Attorney’s Office, said his office did not expect the Pennsylvania Supreme Court to expand upon the Carpenter ruling to include a WiFi search.
While Dunkins may have agreed to terms of service for the campus network, the ACLU’s filing also underscored similar circumstances for anyone who connects to a municipal or other publicly accessible network.
“Those who rely on public WiFi networks for connectivity are at even greater risk of surveillance because they may have few other options for Internet connectivity,” the ACLU wrote in its brief to the court.
CORRECTION (Sept. 28, 2020, 5:03 p.m. ET): An earlier version of this story misattributed the quote stating that Dunkins “had no expectation of privacy in using the WiFi network.” It was from the appellate ruling, not Richard Pepper, the first deputy district attorney at the Northampton County District Attorney’s Office.