So I read this story yesterday which just pushed me over the edge into full scale paranoia. I now require instant password on my iphone, password when leaving the screen saver or when waking up. I haven’t had auto-login for a while, so that’s nothing new. I’m also looking into full-disk encryption (which seems to be a no-go for Macs for now), fully encrypting all my email (which is problematic since I use gmail) and am looking for other ways to protect myself.
The Smith ruling turned on the fact that “addressing information” of the sort obtained by a pen register had been conveyed to the phone company and stored in their records. It was emphatically not a finding that a person’s “addressing information”—the names and phone numbers of the other people someone contacts—was just per se unprotected. And in fact, Congress responded to Smith by establishing a statutory requirement that police obtain a court order (though subject to a lower evidentiary standard than full-blown Fourth Amendment warrants) before using a pen-register or a trap-and-trace device to get that “addressing information” from a telecom. So even if police had wanted to get Fierros-Alvarez’s call history from that less protected source, they’d at least be subject to some judicial process.
But in any case, let’s see anyone argue that my info doesn’t have a reasonable expectation of privacy when its behind a password (and hopefully soon, 256-bit AES encryption).