Yonaxis I.P. Law Group Logo
Back to Blog

Data as Property Right

ip practicum privacy technology
Tags: data intellectual property ip privacy

Privacy law is complicated. While U.S. courts have generally refused to recognize personal data as a traditional property right, the right to privacy is a tantamount constitutional right with high levels of protection, including a person’s own data. This posting discusses those issues related to intellectual property law.

General Rules re Data as Property

In Remijas v. Neiman Marcus Group, LLC,1 a data breach case, plaintiffs characterized their lost private information as an intangible commodity and argued they had suffered concrete injury.2 The Seventh Circuit analyzed property rights under the notion of a data breach. However, the court noted this theory assumes that federal law recognizes such a property right. The Seventh Circuit specifically noted:

“Under [plaintiff’s] theory, person who had unauthorized credit charges would have standing even if they were automatically reimbursed, their identities were not stolen, and they could not show that there was a substantial risk of lack of reimbursement or further use of their information. This assumes that federal law recognizes such a property right. Plaintiffs refer us to no authority that would support such a finding. We thus refrain from supporting standing on such an abstract injury, particularly since the complaint does not suggest that the plaintiffs could sell their personal information for value.”

Remijas v. Neiman Marcus Group, LLC, 794 F.3d 688, 795 (7th Cir. 2015) (Wood, C.J.)

While the Seventh Circuit found plaintiffs had Article III standing based on substantial risk of future harm and mitigation costs, they did not establish personal data was a property right.

In the U.S. Supreme Court case United States v. Miller,3 the Court established the “third-party doctrine,” explicitly rejecting property rights in personal information shared with third parties. The Court determined that bank records were not the private papers of Miller, but instead owned by the banks as part of their necessary business operations. The Court held that the defendant could assert neither ownership nor possession of the bank’s copies of the documents. This case has been a cornerstone for denying property rights in personal information shared with third parties for nearly fifty years.

Building on Miller, the Supreme Court held in Smith v. Maryland,4 that individuals have no reasonable expectation of privacy – and by extension, no property interest – in phone numbers dialed, as that information is voluntarily conveyed to the telephone company.

The Carpenter Exception

While the U.S. Supreme Court did not explicitly recognize property rights in data in its relatively recent case, Carpenter v. United States,5 it created an important exception to the third-party doctrine. The Court required a warrant for cell phone location data that service providers retain, and recognized that phone users retain expectations of privacy in location data generated from their phones.6 Significantly, Justice Gorsuch’s dissent harshly criticized the choice of counsel not to press property rights in the data, describing how property law allows a person to place their things in custody of others and maintain ownership along with Fourth Amendment rights.7 However, the majority did not adopt a property framework.

The Statutory and Practical Reality

Academic scholarship notes there is no authority establishing that federal law recognizes a property right in personal data. Instead, state data privacy laws effectively treat personal data as belonging to the person to whom it relates, but through privacy frameworks rather than property law. 8

Courts and legislatures have increasingly used phrases like “stolen information” in various contexts, particularly regarding trade secrets, insider trading information, and identity theft. However, this usage typically refers to the wrongfulness of the taking rather than establishing formal property rights.

European Contrast

It should be noted that the property-based approach to privacy faces challenges under First Amendment commercial speech doctrine. This constitutional constraint may explain why U.S. courts have been reluctant to adopt a property framework that European jurisdictions have more readily embraced.

Conclusion

The bottom line: U.S. courts have consistently declined to recognize personal data as traditional property, particularly when that data has been shared with third parties. The Miller/Smith third-party doctrine remains controlling law, though Carpenter has created limited exceptions based on privacy expectations rather than property rights. State privacy statutes provide individuals with rights over their data, but these are statutory privacy rights rather than common law property rights. The question of whether personal data should be treated as property remains an active area of academic and policy debate, but current case law does not support such recognition under federal common law. If you have any questions about I.P. law and privacy issues, please contact Yonaxis I.P. Law Group.

Footnotes

  1. 794 F.3d 688 (7th Cir. 2015).

  2. Steven H. Hazel, Personal Data as Property, 70 Syracuse L. Rev. 1055-1113 (2020).

  3. 435 U.S. 425 (1976).

  4. 442 U.S. 735 (1979).

  5. 585 U.S. 296, 138 S. Ct. 2206, 2220-21 (2018).

  6. Cameron F. Kerry & John B. Morris, Why data ownership is the wrong approach to protecting privacy, Commentary, Brookings Institution, June 26, 2019.

  7. Jim Harper, Information as property: seeing common law through the statutes, AEIdeas, July 18, 2023.

  8. Alessandra Masciandaro, Cleaning-up after Carpenter*: personal data as property under the Fourth Amendment*, 51 Seton Hall L. Rev. 1241-1277 (2021).

Back to Blog