Anti-Distracted Driving “Textalyzer” Technology: Not as Simple as it Seems
There’s been a lot of national interest and attention around a New York state proposal that would allow the police to access a driver’s phone without a warrant after an accident to try to determine whether or not the driver was using his or her phone when the accident occurred.
The proposal would create an “implied consent” by drivers for such searches utilizing phone-analysis software that’s been dubbed a “textalyzer.” Under similar laws that exist in all states for breathalyzer tests, drivers are deemed to have implicitly consented to such searches by driving in the state. First proposed in the 2016 session in New York state, it did not pass the legislature that year or this year. Meanwhile New York Governor Andrew Cuomo has asked a committee to study the issue.
The ACLU opposes this concept (see this memo from the NYCLU). For centuries a warrant based on probable cause has been the framework through which highly intrusive searches are conducted. It’s not time to throw that framework overboard now. The Supreme Court has ruled that police must get a warrant to search a phone even when a suspect has been arrested, because of the vast range and detail of personal information that can be revealed by a phone search today. Yet under this proposal, the police could search a phone even where there is no arrest.
The argument for allowing such searches hinges on the creation of a theoretical “textalyzer” device—a “breathalyzer for texting” that would supposedly produce a answer to the question, “was this person using their cell phone in a way that contributed to this accident?” But the textalyzer remains largely vaporware. The cellphone forensic data extraction company Cellebrite claims that a textalyzer “is under development” that would, according to media reports, “solely say whether the phone was in use prior to a motor-vehicle mishap,” without providing police with any content on the phone. Cellebrite has not defined what “in use” means.
The company has produced a developmental prototype that has been shown to some stakeholders (though not the ACLU or independent experts) and shown off for TV reporters, but reportedly won’t provide an actual device to police until states enact legislation authorizing its use. That means there’s an unusual constitutional chicken-and-egg problem here: the legislation is premised on the availability of technology that will do certain things in certain guaranteed ways, but that technology won’t be available for anyone to look at until the passage of legislation authorizing its use. The company may understandably want to limit its investment in a technology that the legislature may not authorize, but that means legislators are being asked to vote for a new law based on unproven assurances that textalyzer software can be developed that will analyze cellphone usage without invading privacy.
In fact there is little assurance that such a textalyzer can be developed. Unanswered questions include:
- How would textalyzer software reliably identify those phones that were in use in ways that were actually dangerous and illegal? For example, how would they distinguish between texts manually entered by a driver and texts using other means such as hands-free speech-to-text?
- Does the Constitution permit the police to search a phone using a textalyzer without a warrant under the Fourth Amendment?
- If multiple people were in the car during an accident, how would a textalyzer establish that it was the driver operating a phone around the time of a crash and not a passenger? It’s common for a driver to ask a passenger for help: “Can you check if that text is from my boss, and if it is, write back to her saying…”
- For that matter, how will the police even verify whether a phone they want to search belongs to the driver and not a passenger, or is not a spare phone? Distracted drivers seeking to evade detection in such ways will probably be cited before long to justify additional and expanded searches of phones—not only drivers’ but potentially also passengers’. And what if a driver tells police they don’t even have a cellphone with them?
- How could the public be certain that a textalyzer is not invading privacy in the way it accesses data? Our phones today often contain reams of very private information about many aspects of our lives. If individuals are going to be forced to give the government (police) access to their to phones, individuals’ and policymakers’ confidence in the ostensible limits of that access would need to be absolute. At a minimum, the device’s source code would need to be public so that independent technology experts could scrutinize its operation to verify that its operation remains within the bounds claimed.
- Relatedly, how could the public be certain that a textalyzer is not a security threat—that it does not contain either software from the manufacturer that goes beyond the scope the legislation allows, or third-party malicious code the police are not even aware of?
- If drivers are required to give a police officer possession of their phone so that a textalyzer analysis can be applied, how can they be sure that the officer won’t look at data on their phone? Cellebrite says that owners would be able to keep their phones in their hands as the police plug into it to conduct their search, but that might be ignored by officers or be impractical, such as where the owner is injured in a crash.
- What happens if a driver refuses to unlock their phone for a police officer? All recent Apple phones and many other phones are encrypted by default as soon as a password or PIN code are set on the device.
To be clear, we’re not against a constitutional search of a cellphone where there’s evidence that cell phone use contributed to a crash (such as a witness report, or a statement by the driver themselves) and the police get a warrant. And as I’ve said before, I by no means want to undercut the menace of distracted driving. As a cyclist I personally see it out on the roadways, and it is a mortal threat to me. The problem that these proposals are trying to solve is a very real one.
That said, the questions about and problems with this solution are also real. Let me go into a little more depth on two of the biggest.
Boosters are expecting magic from the technology
There are numerous reasons to be skeptical about the hypothesized textalyzer device—how it would work and whether it would lead to charges against innocent people. To begin with, modern cellphones are sophisticated computers running numerous software processes at the same time—apps, system processes, etc. There are a practically infinite number of software applications available for such phones, some of which may send and receive data autonomously or semi-autonomously, such as in response to voice commands. How would a textalyzer distinguish between a cell-phone that is “in use” for, say, navigation purposes, or has a bot sending automated replies, or is operating via voice command, versus a cell-phone that is being used manually in ways that violate anti-distracted driving laws?
Our technologist Leigh Honeywell tells me that textalyzer software would have to look at log files generated either by a phone’s operating system (such as iOS or Android), or by specific apps that the user was running. Android and Apple’s iOS currently log some information that could be easily read by a textalyzer, such as text message metadata that would indicate when messages were sent and received. What they do not currently log is whether such texts are manually tapped out on a phone’s keyboard, entered via voice command, or generated by a bot or some other autonomous or semi-autonomous means.
As technology advances, it’s likely that the lines between manual, semi-autonomous, and fully automated responses are going to blur, with more and more functionality moving into the latter categories as AI improves and digital assistants become more capable. Understanding such subtleties will be a moving target that will further complicate the task of trying to sort out who was in violation of the law.
It’s possible that in the future, prominent phone operating systems could begin to support a higher level of detail in their system logs, but we don’t know what operating systems will be prevalent in the future, how many different ones there will be, and how many would include the specific logging details a textalyzer would require.
The log files generated by specific apps would be even less reliable, consistent, and easy for textalyzer software to digest. Each individual application programmer can decide what logs his or her app will generate, if any, what data they include, how they are formatted, etc. There is no consistency in logging practices. There is also a rapid proliferation of apps that communicate via Internet data connections rather than the cellular SMS texting infrastructure: Snapchat, Signal, Whatsapp, Facebook Messenger, Twitter DM, Kik, Viber, and whatever else kids start using tomorrow. That means the police are going to have to constantly expand the reach of what their textalyzers look at.
As if that weren’t enough, the interactions between different apps and the operating system, and among different apps, could complicate things further. One app might automatically launch other apps, for example, or change how they run. Apps can use operating system flags to change how they behave, and operating system metadata about application behavior might vary between two apps that do the same thing depending on exactly how they were programmed.
The fact is, even if sufficiently detailed logs are available for a textalyzer to work, evaluating those logs will be a complicated task that requires human judgment—a person looking at the full context of software use and whatever data exchange and app-usage records exist to reach a judgment about the likelihood that phone usage contributed to an accident. A breathalyzer only needs to produce a single number by measuring the amount of one chemical in air blown into a tube; a textalyzer would need to analyze an entire computing ecosystem, and to do so operating within the limits on privacy invasion that boosters hope will allow it to pass constitutional muster.
The Constitution doesn’t permit this
Despite supporters’ hopes, it’s dubious that the creation of the hypothesized textalyzer will pass constitutional muster. Supporters rely on an analogy to breathalyzer tests of a person’s blood alcohol content (BAC), and hope to rely upon the same “implied consent” legal framework to make it happen. But the analogy does not hold.
The Supreme Court has found that breathalyzer tests can be required without a warrant—but it has also ruled that blood tests cannot. Blood tests, unlike breath tests, not only require an intrusion into a person’s body, the Court explained, but also provide the police with a physical sample of the person’s body that can be used to reveal a great deal of information about a person. Significantly, the Court concludes,
Even if the law enforcement agency is precluded from testing the blood for any purpose other than to measure BAC, the potential remains and may result in anxiety for the person tested. [emphasis added]
So would a textalyzer search be more like a breathalyzer, which yields one numerical measurement of direct relevance to the law being enforced, or a blood test, which also gives the police potential access to much more information about a person? It is obviously the latter. Like a blood test, plugging into another person’s phone potentially offers access to a wealth of personal data and will naturally leave people uncertain and anxious about what is being revealed about them.
An attempt by the legislature to circumvent the constitution by declaring every driver to have “implied consent” to such a search does not fix this. As the Supreme Court stated in its decision striking down warrantless blood tests, “There must be a limit to the consequences to which motorists may be deemed to have consented by virtue of a decision to drive on public roads.”
And the fact that textalyzers will supposedly look only at metadata rather than the content of communications should not be taken to mean they will not invade privacy. The very existence of certain apps on a person’s phone, for example, can tell a lot about them. As the Supreme Court observed in its landmark decision in Riley v. California requiring a warrant to search cell phones,
There are apps for Democratic Party news and Republican Party news; apps for alcohol, drug, and gambling addictions; apps for sharing prayer requests; apps for tracking pregnancy symptoms; apps for planning your budget; apps for every conceivable hobby or pastime; apps for improving your romantic life. There are popular apps for buying or selling just about anything….
And just because a hypothetical textalyzer phone search would not reveal as much as a full phone search does not mean it would pass constitutional muster. As the Supreme Court also observed in Riley, phone searches are an extreme invasion of privacy:
a cell phone search would typically expose to the government far more than the most exhaustive search of a house: A phone not only contains in digital form many sensitive records previously found in the home; it also contains a broad array of private information never found in a home in any form….
Even a reduced version of such an extreme invasion should require a warrant. Obviously the “lesser” invasion of a home search always has.
Proponents of warrantless textalyzers say police just aren’t getting warrants after accidents and examining phones, in part because current procedures take too long. But if police are not sufficiently investigating the potential involvement of illegal distracted driving in connection with car crashes, education and political agitation is the answer, not making it super-easy for them to poke around in our private phones. As the Supreme Court has put it, “the warrant requirement is an important working part of our machinery of government, not merely an inconvenience to be somehow ‘weighed’ against the claims of police efficiency.” In addition, as the Court observed in a 2012 case,
Well over a majority of States allow police officers or prosecutors to apply for search warrants remotely through various means, including telephonic or radio communication, electronic communication such as e-mail, and video conferencing. And in addition to technology-based developments, jurisdictions have found other ways to streamline the warrant process, such as by using standard-form warrant applications for drunkdriving investigations.
The efficiencies of communications and the ease of securing warrants have no doubt only increased since that was written.
Unlike a breathalyzer, the solution that is being proposed here would not involve giving the authorities access to a single data point that is directly relevant to (if not determinative of) a driver’s innocence or guilt. The potential invasion of privacy would be enormous, and needs to be subject to the centuries-old warrant framework by which such potential invasions have always been restrained.