As a consequence of increasing reliance on technology, citizens across the globe have expressed concern with the extent to which governments and corporations can access their digital communications and data. Reservations are particularly pronounced in the United States, where the nation's libertarian ethos clashes with a simultaneous desire to prioritize citizen safety through significant investment in local law enforcement and national defense. There is ample disagreement as to whether social media platforms ought to be permitted to sell consumer data and whether corporations should be prohibited from obtaining patient medical records, among other issues, but the institution whose access to data has produced some of the most civilian unease is the police. 

Thanks to improvements in closed-circuit television (CCTV) footage, advancements in data extraction technology, the widespread use of automatic license plate recognition (ALPR) systems, and other technological developments, law enforcement officers and their departments can survey the actions and communications of citizens with ease. This has become an especially salient issue in the United States, where these new developments have eroded already poor police-community relationships and thus inadvertently increased the likelihood of violent encounters. Given this tension, the discourse surrounding the role and powers of law enforcement has produced a contentious debate that revolves around whether the government ought to prioritize civil liberties or national security in times of crisis. Some are deeply uncomfortable with any surveillance of any form, whether it be public or private, whereas others posit that sacrificing one’s privacy in the case of emergencies is simply a cost that must be borne in order to prioritize public safety. 

When one takes into consideration the potential benefits and harms of permitting violations of privacy in the name of law enforcement, it appears as though the aforementioned technologies are not necessarily problematic if used solely as a means of deterring and fighting crime. However, some technologies, practices, and legislation facilitate the targeting of specific populations without justification and grant law enforcement excessive powers that harm citizens more than they protect them.

Though there are certainly uses of technology by law enforcement that ought to be prohibited, it must first be established that there are several appropriate practices that can and ought to be harnessed for the practical purposes of discouraging and locating illicit activity. There is ample data demonstrating the efficacy of surveillance footage and access to phone data in facilitating law enforcement. These are only two of dozens of technologies, but these two are highlighted because they are often emphasized in debates pertaining to police and privacy. Surveillance cameras, also referred to as CCTV cameras, have been proven to be exceptionally useful tools in deterring crime. 

Little explanation is needed to understand why visible security cameras discourage people from committing crimes they would have otherwise committed, and studies assessing the effects of their implementation support this. A study on the effects of Baltimore’s investment in surveillance cameras found that several areas affected by the program demonstrated statistically significant drops in some types of crimes [1]. The Greenmount area, for example, experienced a 15 percent decrease in all aggregated crime following camera installation, representing an average decrease of eight fewer incidents per month. Similarly, a systematic review based on 40 years of research found that CCTV is associated with a significant decrease in crime [2]. The largest and most consistent effects of CCTV were observed in car parks, with the study additionally finding significant reductions in other settings such as residential areas. The point is not that these studies demonstrate that surveillance footage is a cure to crime or evidence that unlimited increases in surveillance is guaranteed to be beneficial, but that small changes such as the placement of additional cameras throughout a city have the capacity to produce positive outcomes without forcing law enforcement to rely upon more invasive methods of evidence collection. As long as specific communities are not targeted solely due to their demographics, surveillance cameras in public spaces do not appear to innately compromise privacy and seem to rather redound to the advantage of citizens through their notable deterrent effects.

Furthermore, access to the cell phone data of suspects can be integral in the prosecution of crimes as well as the prevention of future crime. Some may reasonably object that law enforcement having access to this data constitutes a violation of privacy, but it is important to recognize that police must meet several procedural requirements in order to legally obtain citizen cell phone data. For instance, the Fourth Amendment requires that law enforcement officers serve a search warrant upon the mobile phone provider that the suspect’s phone communicates with in order to identify the phone number of the target device [3]. The phone data are then organized in what are referred to as call detail records, which include the date, time, duration, originating number, and terminating number for the calls made within a certain period, as well as the specific cell towers and sectors that the calls connected to [4]. An integral component of many law enforcement investigations, these records have proven invaluable in ascertaining whether a suspect was at the location at which the crime in question occurred, whether two suspects were in contact during or after the commission of a crime, whether a suspect lied about their whereabouts during an investigation, and more. 

As is true of surveillance footage, though, the ability of cell phone data to assist in solving crime is not necessarily guaranteed or immune to bias. Though there are unfortunate cases in which discriminatory practices in police departments lead to the detention of innocent suspects, cell phone data can only be accessed if police obtain a warrant, a generally strong defense against arbitrary, unsubstantiated arrests. The fact of the matter is that police and prosecutors need tangible evidence in addition to eyewitness testimony to bring justice for victims of crime, and cell phone data are private until there is a reasonable level of suspicion of someone’s guilt to warrant the inspection of their data—which may, for innocent suspects, be exculpatory. Thus, though the use of surveillance cameras and police access to call detail records both operate as practices that infringe upon citizens’ privacy to some degree, their ability to deter and help solve crimes outweighs this harm. Insofar as the government does not engage in warrantless searches, surveil unfairly, or invade privacy in a way that is not aimed toward the ultimate goal of security, these practices do not necessarily pose a threat. However, the reality is that violations of this sort do occur and ought to be distinguished from the effective and justified temporary invasions of privacy.

There have been several instances in this country in which certain populations have been disproportionately targeted by law enforcement in a way that blatantly violates privacy. The underlying trend behind these violations is that police target groups as opposed to individuals, thereby eliminating the due process that is required in case by case prosecutions. Perhaps the strongest historical example of this kind of discriminatory approach is the War on Terror.

Launched by the Bush administration after the 9/11 terrorist attacks in order to reduce the likelihood of future attacks, this campaign resulted in the tracking and profiling of almost solely Muslim people, who were perceived as an imminent threat. For instance, the New York Police Department and CIA surveyed Muslim neighborhoods, restaurants, mosques, and student groups for over six years after 9/11 [5]. The NYPD’s “Demographic Unit” surveillance was not only prejudicial and based on false notions about the “dangers” posed by the Muslim population, but ineffective in preventing terrorism [6]. Whereas the technologies and practices discussed previously are conducted on a case by case basis to effectively trace and prevent individual crimes, initiatives like the War on Terror are generally ineffective because they inherently require profiling and warrantless searches to sift through a large pool of potential suspects. A prime example of this practice is STELLARWIND, a package of NSA surveillance programs launched shortly after 9/11 involving “bulk” or “programmatic” collection [7] . In addition to targeting individual suspects, the NSA collected troves of information by extracting metadata and content from phone calls and internet communications [8]. Not only was STELLARWIND a product of a presidential decision that lacked legislative oversight and approval, but it represented a significant intrusion into the private lives of Americans who had no known involvement in terrorism whatsoever. This kind of sweeping surveillance exemplifies the fine line between justified and unjustified invasions of privacy by law enforcement. 

Though it would be comforting to assert that the War on Terror was an isolated incident and that the profiling it required is not practiced today, such a statement would unfortunately not be grounded in reality. Section 1021(b) of the Obama administration’s National Defense Authorization Act permitted U.S. military forces to indefinitely detain anyone who “planned, authorized, committed, or aided the terrorist attacks that occurred on September 11, 2001, or harbored those responsible for those attacks” [9]. Civil liberties groups were alarmed by the sweeping nature of this legislation, which not only had no temporal or geographic limitations, but in fact jeopardized criminal investigations by making it difficult to transfer suspects out of military detention [10]. Though the House of Representatives voted to repeal this indefinite detention provision in 2024, signaling national recognition of its unconstitutionality, the implications remain clear: such infringements upon privacy erode the rights of citizens and simultaneously make the jobs of law enforcement officers more challenging. If not to improve public safety, why have such a broad and potentially dangerous clause at all? The harmful nature of such legislation is indisputable and indicates the necessity of a solution. 

What a solution ought to entail is less clear. The fact of the matter is that the overwhelming majority of Americans believe their online and offline activities are being tracked and monitored regularly by companies and the government alike—and that the situation is getting worse over time. A 2019 poll conducted by the Pew Research Center found that 70 percentof adults believed that their personal data was less secure than it was in the past [11]. At the same time, though, almost half of Americans surveyed in the same poll stated that it is acceptable for the government to collect data about all Americans in order to detect and potentially prevent terrorism. This desire for protection and simultaneous belief in the necessity of a strong national security apparatus may seem to indicate a sort of progress-hindering gridlock, but the consensus between proponents of each perspective is more strong than it may appear. 

Privacy laws do not exist to hinder the day to day operations of law enforcement. They exist to prevent intrusions into the lives of citizens who have yet to be charged with any crime or wrongdoing, thereby adding an additional layer of protection that can prevent abuses. As an example of an effective federal reform, Congress could establish limitations on the collection, storage, and retention of data by private companies, thereby limiting the amount of information that government agencies and corporations can later access [12]. Such a reform is not unrealistic, as residents of California, Virginia, and Colorado already enjoy similar protections. 

Perhaps the strongest exemplar, though, of what the U.S. can model a future privacy law off of is the General Data Protection Regulation (GDPR), a legal framework that sets limits on the collection and processing of the personal data of individuals who live both in and outside of the European Union (EU) [13]. Enforced as of 2018, the GDPR is the toughest security and privacy law in the world. It prohibits companies from deceiving consumers with confusing or vague language on their websites, requires that website visitors be notified of any and all data that is collected, requires that website visitors explicitly consent to such information gathering by manually interacting with the message, and requires that sites notify visitors of any breaches of their personal data held by the site, among other provisions [14]. Even if a given website is not intended to attract EU residents, the site must adhere to these regulations if it attracts any European visitors. 

What makes the GDPR unique is that it does not broadly prohibit corporations from collecting data that may be integral for their future operations. Rather, it mitigates the lack of transparency that has characterized the status quo by explicitly giving citizens the choice that has been denied to them for the past few decades. Data collection is not innately pernicious, but data collection that occurs without the public’s knowledge is. The GDPR is cognizant of this truth and aims to remedy it with strict, yet fair and feasible, regulations that limit violations of privacy by empowering citizens. 

The implications of the GDPR on law enforcement operations have been explicitly enumerated and are relevant for future American legislation. Directive (EU) 2016/680 was adopted by EU member states the same year as the GDPR to protect citizens' fundamental right to data protection and privacy whenever their data are used by law enforcement authorities for law enforcement purposes [15]. It protects the personal data of victims, witnesses, and suspects of crime while also facilitating multinational cooperation in anti-crime and anti-terrorism efforts. One provision, for instance, requires that personal data be processed in a manner that ensures an appropriate level of security and confidentiality, and another requires that law enforcement authorities ensure that personal data that are no longer up to date or otherwise inaccurate are not made available [16].

If codified on a national level, seemingly basic provisions like this can actually improve law enforcement operations (through the prevention of data breaches, for example) while affording citizens significantly more privacy. Policies similar to those of the GDPR could certainly bring American citizens out of the dark with respect to the uses of their information and possibly even erode the barriers that have made strong law enforcement-citizen relationships so difficult to achieve. 

Though everyone has a different level of comfort with surveillance and a different opinion as to whether the state ought to prioritize civil liberties over national security or vice versa, it is best to err on the side of caution and encourage practices that foster trust—not animosity—between law enforcement and the populations they aim to protect. Privacy laws are not a solution to the issues in the status quo, nor will they necessarily appease every citizen. What they will do is provide a benchmark for progress and make citizens more safe in an increasingly surveilled and technological world, and it is in this truth that their necessity lies.