Cops told: Er, no, you need a wiretap order if you want real-time Facebook snooping

New Jersey cops must apply for a wiretap order — not just a warrant — for near-continual snooping on suspects' Facebook accounts, according to a unanimous ruling by that US state's Supreme Court. 

Thursday's decision overturned a lower court's ruling that said a search warrant was sufficient to compel Meta's social network to turn over access to a user's future posts and messages every 15 minutes for a period of 30 days. That's effectively a real-time tapping system, it was argued.

"The state argues that because of the brief 15-minute delay involved, it is obtaining 'stored communications' rather than intercepting live ones, so fewer safeguards apply. We do not agree," the Garden State's Supremes said [PDF], noting that this would make New Jersey the only state in America to permit this practice.

This type of near-real-time access to Facebook users' communications "invokes heightened privacy protections," the top court argued. "We also find that the nearly contemporaneous acquisition of electronic communications here is the functional equivalent of wiretap surveillance and is therefore entitled to greater constitutional protection."

The case dates back to March 2021 when two law enforcement agencies — New Jersey State Police and the Atlantic County Sheriff's Office — applied for and were granted communications data warrants (CDWs) to obtain real-time data from two Facebook account holders. One was under investigation for drug-related offenses, and the other for drugs and gang involvement.

Both CDWs sought names, addresses, phone numbers, email addresses associated with accounts, as is usual. But they also wanted "stored electronic communications," which included "real time access to email with attachments, whether opened or unopened"; "private messaging content"; and "real time access to media uploaded to the account[s]," including images, videos, audio files, and "the contents of private messages in all message folders." 

Additionally, the CDW Atlantic County wanted specifically requested Messenger chats, while the state police wanted "posts, comments, [and] messages." This may be useful, but anyone using Messenger to run a criminal empire must be several gargoyles short of a full cathedral.

• Cop warrant orders Ring to cough up footage from inside this guy's home
• US senators and spies spar over Section 702 warrantless surveillance
• Feds, you'll need a warrant for that cellphone border search
• Supreme Court leaves warrantless camera surveillance an open book

The warrants directed the social media giant to disclose both historical and future communications for the next 30 days in "real time." That's a lot of data.

Facebook turned the historical data over to the cops, but fought back against the future communications part, arguing that it was an attempt to bypass state and federal wiretap laws. 

The police and lower court, however, said the wiretap order was only needed if, or when, they ordered the social media giant to intercept communications. Since the messages were technically stored on Facebook's servers, as opposed to being actively transmitted, they weren't in flight, the argument went.

In any case, Facebook prevailed.

Civil liberties and digital rights groups including the ACLU, Center for Democracy & Technology, Electronic Privacy Information Center, and Electronic Frontier Foundation filed friend-of-the-court briefs [PDF] in support of Facebook - not something that happens every day. So did Microsoft and Google, which are also no strangers to law enforcement subpoenaing user information.

The two tech giants argued that no other law enforcement agencies outside of New Jersey have sought ongoing future surveillance of electronic communications based on a warrant. Other states making similar requests must be granted wiretap orders.

Ultimately, the New Jersey Supreme Court agreed. Letting wiretapping get a semi-free pass is not a Jersey Thing it seems. ®