DIGITAL DOG SNIFFERS - Columbia Law Review

U.S. legislators are taking aim at technology companies for their role in the nation’s fentanyl crisis. Members of Congress recently introduced the Cooper Davis Act, which would require electronic communications service providers to report evidence of illicit fentanyl, methamphetamine, and counterfeit drug crimes on their platforms to the Drug Enforcement Administration. For the first time, such companies would be obligated to report suspected criminal activity by their users directly to federal law enforcement. While the Cooper Davis Act is modeled after a federal statute requiring providers to report child sexual abuse material (CSAM), the proposed bill targets a qualitatively different kind of crime—one highly dependent on context. By requiring providers to report directly to the government and by prohibiting deliberate blindness to violations, the Cooper Davis Act would incentivize providers to conduct large-scale automated searches for drug-related activity, raising novel questions about the Fourth Amendment’s applicability to mandatory reporting laws for crimes other than CSAM.

This Note examines the implications of extending practical and legal frameworks for regulating CSAM—such as the private search doctrine, which has created a circuit split in online CSAM cases—to other contexts. This Note argues that courts should adopt a narrow interpretation of the private search doctrine, in line with the Second and Ninth Circuits, in cases involving automated searches for criminal activity. This approach would resolve the circuit split in CSAM cases and clarify the doctrine’s scope for other kinds of warrantless digital searches.

The full text of this Note can be found by clicking the PDF link to the left.

* J.D. Candidate 2025, Columbia Law School. Many thanks to Professor Daniel Richman for his generous guidance and feedback; Jamie Jenkins, Carolina Herrera, and Shaunak Puri for their suggestions; and Susie Emerson, Matthew Nola, Akesh Shah, and the staff of the Columbia Law Review for their editorial assistance. I am especially grateful to my parents, who sacrificed their educational dreams so that I could pursue my own.

Introduction

Fentanyl poisoning is now the leading cause of death among Americans ages eighteen to forty-five, surpassing traffic accidents, suicide, and COVID-19. 1 DEA Administrator on Record Fentanyl Overdose Deaths, Get Smart About Drugs, https://www.getsmartaboutdrugs.gov/media/dea-administrator-record-fentanyl-overdose-deaths [https://perma.cc/S3UM-JGM7] (last visited Sept. 11, 2024); Fentanyl by Age: Report, Fams. Against Fentanyl (Dec. 15, 2021), https://www.familiesagainstfentanyl.org/research/byage [https://perma.cc/HP3A-JCMQ]. Electronic communications and social media have played an outsized role in the ongoing opioid epidemic, leading the Drug Enforcement Administration to take aim at technology companies in recent years. 2 See Kristin Finklea & Lisa N. Sacco, Cong. Rsch. Serv., IN12062, Policing Drug Trafficking on Social Media 1 (2022), https://crsreports.congress.gov/product/pdf/IN/IN12062 [https://perma.cc/WAY8-XW4X]; U.S. Gov’t Accountability Off., GAO-22-105101, Trafficking: Use of Online Marketplaces and Virtual Currencies in Drug and Human Trafficking 11 (2022), https://www.gao.gov/assets/gao-22-105101.pdf [https://perma.cc/4PXM-Y37X]; Marcus A. Bachhuber & Raina M. Merchant, Buying Drugs Online in the Age of Social Media, 107 Am. J. Pub. Health 1858, 1858 (2017). Teenagers and young adults are increasingly turning to social media platforms like Instagram and Snapchat to obtain fentanyl and other synthetic opioids. See, e.g., Robin Buller, Their Kids Died After Buying Drugs on Snapchat. Now the Parents Are Suing, The Guardian (Oct. 18, 2023), https://www.theguardian.com/technology/2023/oct/18/snapchat-sued-overdose-deaths [https://perma.cc/Q5UR-P4TW]; Jan Hoffman, Fentanyl Tainted Pills Bought on Social Media Cause Youth Drug Deaths to Soar, N.Y. Times (May 19, 2022), https://www.nytimes.com/2022/05/19/health/pills-fentanyl-social-media.html (on file with the Columbia Law Review). Drug distributors also use social media to connect with manufacturers and buyers. See Comm’n on Combating Synthetic Opioid Trafficking, Final Report 43–44 (2022), https://www.rand.org/content/dam/rand/pubs/external_publications/EP60000/EP68838/RAND_EP68838.pdf (on file with the Columbia Law Review) [hereinafter Commission Report] (“The internet presents unique challenges for drug control in that chemical suppliers in Asia openly advertise synthetic opioids and related chemicals on public platforms, including social media forums and B2B websites.”). In 2021, the DEA issued a public warning about the growing number of fentanyl-laced counterfeit pills being sold online and blamed social media companies for failing to protect their users. 3 See Devlin Barrett & Elizabeth Dwoskin, With Overdose Deaths Soaring, DEA Warns About Fentanyl-, Meth-Laced Pills, Wash. Post (Sept. 27, 2021), https://www.washingtonpost.com/national-security/dea-warning-counterfeit-drugs/2021/09/27/448fcb18-1f27-11ec-b3d6-8cdebe60d3e2_story.html (on file with the Columbia Law Review); see also Devlin Barrett, Poison Pill: How Fentanyl Killed a 17-Year-Old, Wash. Post (Nov. 30, 2022), https://www.washingtonpost.com/national-security/2022/11/30/fentanyl-fake-pills-social-media/ (on file with the Columbia Law Review) (reporting that DEA Administrator Anne Milgram described social media sites like Snapchat as “the superhighway of drugs”).
Federal law prohibits the distribution of controlled substances by means of the internet without a valid prescription. See 21 U.S.C. § 829 (2018). Between May 2022 and May 2023, the DEA conducted more than 1,400 investigations resulting in 3,337 arrests and the seizure of nearly 193 million deadly doses of fentanyl. 4 Press Release, Drug Enf’t Admin., DEA Operation Last Mile Tracks Down Sinaloa and Jalisco Cartel Associates Operating Within the United States (May 5, 2023), https://www.dea.gov/press-releases/2023/05/05/dea-operation-last-mile-tracks-down-sinaloa-and-jalisco-cartel-associates [https://perma.cc/JW73-7FZ3]. Over seventy percent of those investigations involved social media sites and encrypted communications platforms like Facebook, Instagram, Signal, Snapchat, Telegram, TikTok, WhatsApp, Wickr, and Wire. 5 Id.

But these efforts have been insufficient, according to a bipartisan group of congressmembers, and the fentanyl crisis has worsened as “federal agencies have not had access to the necessary data to intervene.” 6 See Press Release, Jeanne Shaheen, U.S. Sen. for N.H., Shaheen, Marshall’s Bipartisan Bill to Crack Down on Online Drug Sales Through Social Media Clears Key Committee Hurdle (July 13, 2023), https://www.shaheen.senate.gov/shaheen-marshalls-bipartisan-bill-to-crack-down-on-online-drug-sales-through-social-media-clears-key-committee-hurdle [https://perma.cc/6E8H-3Q9E] [hereinafter Shaheen Press Release] (reporting that in a five-month period, the DEA conducted 390 drug-poisoning investigations and found that 129 had direct ties to social media). To address the inaccessibility of data held by third parties, Senators Roger Marshall and Jeanne Shaheen introduced in March 2023 the Cooper Davis Act, which would require tech companies to report evidence of illicit fentanyl, methamphetamine, and counterfeit drug crimes occurring on their platforms to the DEA. 7 Cooper Davis Act, S. 1080, 118th Cong. (2023). The bill was first introduced in September 2022 by Senator Roger Marshall and died in committee. See S. 4858, 117th Cong. (2022). In March 2023, Senators Marshall and Jeanne Shaheen reintroduced the bill, with Senators Dick Durbin, Chuck Grassley, Amy Klobuchar, and Todd Young as cosponsors. Press Release, Doc Marshall, U.S. Sen. for Kan., Senator Marshall’s Cooper Davis Act Heads to the Senate Floor Following Major Victory out of Committee (July 13, 2023), https://www.marshall.senate.gov/newsroom/press-releases/senator-marshalls-cooper-davis-act-heads-to-the-senate-floor-following-major-victory-out-of-committee/ [https://perma.cc/28QL-9N8H] [hereinafter Marshall Press Release]. In July 2024, Representatives Angie Craig and Mariannette Miller-Meeks introduced the Cooper Davis and Devin Norring Act, which mirrors the Senate bill, in the House. 8 Cooper Davis and Devin Norring Act, H.R. 8918, 118th Cong. (2024); Press Release, Angie Craig, U.S. Rep. for Minn., Rep. Angie Craig Introduces Bipartisan “Cooper Davis and Devin Norring Act” to Stop Fentanyl Trafficking on Social Media Platforms (July 2, 2024), https://craig.house.gov/media/press-releases/rep-angie-craig-introduces-bipartisan-cooper-davis-and-devin-norring-act-stop [https://perma.cc/46LB-NG2U] [hereinafter Craig Press Release]. Representatives Dan Crenshaw, Don Davis, Jake LaTurner, and Kim Schrier cosponsored the bill. Craig Press Release, supra. The Cooper Davis and Devin Norring Act is named after two teenagers who died of fentanyl poisoning after purchasing counterfeit fentanyl-laced prescription drugs on Snapchat. Id.
This Note refers to the proposed legislation as the Cooper Davis Act and primarily deals with S. 1080, as the Senate bill was introduced first and the laws’ contents are largely identical. The only material difference between the two bills for purposes of this Note is an encryption-protection provision in the House bill. See infra note 153. The proposed legislation would, for the first time, require electronic communications service providers and remote computing services (“providers” 9 This Note adopts the definition of “provider” in the Cooper Davis Act and 18 U.S.C. § 2258E(6) (2018), which refers to an “electronic communication service provider or remote computing service.” Electronic communication service providers give to the public the ability to send or receive wire or electronic communications, id. § 2510(15), and remote computing services provide to the public computer storage or processing services by means of an electronic communications system, id. § 2711(2). ) to report suspected criminal activity by their users directly to federal law enforcement. 10 S. 1080 § 2. The Senate Judiciary Committee approved the Cooper Davis Act in July 2023. 11 Marshall Press Release, supra note 7. On September 5, 2023, the bill was amended and placed on the Senate Legislative Calendar. Actions – S.1080 – 118th Congress (2023–2024): Cooper Davis Act, S. 1080, 118th Cong. (2023), https://www.congress.gov/bill/118th-congress/senate-bill/1080/all-actions [https://perma.cc/5MGR-Y4UJ]. The bill expired in January 2025. 12 The bill was not voted on by the Senate by the time the 118th Congress ended in January 2025. The House bill also died in committee. Actions – H.R.8918 – 118th Congress (2023–2024): Cooper Davis and Devin Norring Act, H.R. 8918, 118th Cong. (2024), https://www.congress.gov/bill/118th-congress/house-bill/8918/all-actions [https://perma.cc/QF3Z-36EE]. While the Cooper Davis Act was not enacted into law, history suggests the bill’s cosponsors may reintroduce it in the new congressional session. See supra note 7. And regardless of whether it is enacted, the issues examined in this Note remain relevant as legislatures continue to grapple with public safety concerns and criminal activity on social media platforms. See infra notes 236–237 and accompanying text.

Providers use a variety of nonhuman moderation tools to detect content that violates their terms of service, such as drug transactions, spam, hate speech, and child sexual abuse material (CSAM). 13 See Hannah Bloch-Wehba, Automation in Moderation, 53 Cornell Int’l L.J. 41, 48–66 (2020) [hereinafter Bloch-Wehba, Automation in Moderation] (tracing the history of providers’ automated tools to screen, rank, filter, and block user-generated content). Federal law requires providers to report evidence of CSAM to the National Center for Missing & Exploited Children (NCMEC), but providers are not statutorily obligated to report any other kind of suspected illegal activity. 14 See infra section I.A.1 (describing platforms’ reporting obligations). Providers often still collaborate with law enforcement voluntarily. See, e.g., Suzanne Smalley, Senate Bill Crafted With DEA Targets End-to-End Encryption, Requires Online Companies to Report Drug Activity, The Record (July 17, 2023), https://therecord.media/senate-dea-bill-targets-end-to-end-encryption-requires-companies-to-report-drugs [https://perma.cc/S2YN-D8VN] (reporting that many social media sites share data with the police). The Cooper Davis Act is modeled after the federal statute requiring providers to report CSAM: the PROTECT Our Children Act of 2008 (PROTECT Act). Both laws aim to make technology companies play a more proactive role in aiding law enforcement and public safety efforts. 15 See infra note 25 and accompanying text.

While courts have upheld the constitutionality of providers detecting and reporting CSAM pursuant to the PROTECT Act, 16 See infra section I.B. the proposed bill targets a qualitatively different kind of crime—one highly dependent on context. 17 See infra section II.A. This Note argues that by requiring providers to report directly to the government and prohibiting deliberate blindness to violations, the Cooper Davis Act would incentivize providers to conduct large-scale automated searches for drug-related activity, raising novel questions about the Fourth Amendment’s applicability to mandatory reporting laws for non-CSAM crimes. 18 See infra section II.B.2.

This Note examines the constitutional problems raised by the Cooper Davis Act and, more broadly, legislation requiring providers to report evidence of illegal activity based on automated computer searches of their users’ communications. Part I introduces the proposed bill, its model statute, and Fourth Amendment issues stemming from providers’ CSAM reporting requirement, including a circuit split over the private search doctrine’s application in online CSAM cases. Part II discusses the differences between automated searches for CSAM and drug-related activity and outlines the novel Fourth Amendment questions raised by the Cooper Davis Act. Part III then explores these issues, concluding that courts would likely treat providers as private parties under the bill. Accordingly, Part III argues that courts should adopt a narrow private search exception to the Fourth Amendment, which best balances users’ privacy rights against the government’s public safety interests. This approach would also resolve the circuit split in online CSAM cases and provide clear guidance to courts as they confront algorithmic search methods in the future.