On March 10, the 4th U.S. Circuit Court of Appeals handed down a ruling that managed to boost digital privacy rights while still keeping a North Carolina child-pornography conviction firmly in place. The panel held that people retain Fourth Amendment privacy interests in files stored in the cloud, yet it affirmed the defendant’s conviction anyway. Detectives had opened previously unopened Google Drive files without a warrant, but the court decided the later evidence was far enough removed that it did not have to be thrown out. The case started with a 2019 tip and ended with an eight-year prison sentence and 20 years of supervised release.
What the court said
Writing for the court, Judge Stephanie Thacker concluded that “Americans enjoy a reasonable expectation of privacy in the digital files they place in cloud based storage accounts,” and that law enforcement may not open unopened cloud files without a warrant. The opinion also emphasized that a hashing algorithm, the short digital fingerprint companies use to detect suspected content, does not by itself eliminate that expectation of privacy. The court walks through that reasoning in detail in the published decision from the 4th Circuit.
How investigators found the files
The investigation began after Google’s hash-matching system flagged 156 files uploaded to a Google Drive account in 2019 and generated a CyberTip that went first to the National Center for Missing & Exploited Children and then on to local authorities, according to WBT Charlotte's News Talk. In Chesapeake, Detective Jennifer Rider opened at least three files that neither Google nor NCMEC had viewed before she applied for a warrant, and the images she saw then became part of the basis for later warrants and searches carried out in North Carolina.
Why the conviction survived
Even while declaring that initial look at the unopened files unconstitutional, the appeals panel refused to suppress the evidence that followed. The judges concluded that “the causal connection between the illegal search and the later discovered evidence was too strained to trigger the exclusionary rule.” The court also stressed that the detective’s conduct was not sufficiently “flagrant,” noting there was no record that she opened the files with the purpose of sidestepping the warrant requirement. On that basis, the panel upheld both the conviction and the sentence. Judge Robert B. King agreed with the outcome and concurred in the judgment, but he wrote separately to address how the private-search doctrine fits into the analysis.
Where this fits in the wider legal fight
Judge Thacker pointed out that the 4th Circuit’s rule on cloud-file privacy lines up with the positions of the Second and Ninth Circuits, and that it conflicts with precedent from the Fifth and Sixth Circuits, which take a more expansive view of the private-search doctrine. Commentators have noted that such a split could draw further review. As WBT Charlotte's News Talk highlights, that division means similar cases may come out differently depending on which circuit they land in.
Practical takeaway
For everyday users, the ruling serves as a reminder that what sits in a cloud account can carry constitutional privacy protections, not just what is stored on a hard drive at home. For investigators, it is a warning that opening unopened cloud files before obtaining a warrant risks a Fourth Amendment violation, even if the evidence might later survive under attenuation principles. The procedural history and the technical details of Google’s hashing and reporting system are spelled out in the appellate filings and briefs, including the appellant’s opening brief, which tracks how the CyberTip and later warrants developed. Courthouse News Service hosts filings that show how the court ultimately weighed privacy doctrine against concerns about attenuation and deterrence.
