The Fourth Amendment was written for a world of desks, drawers, and locked trunks. The modern investigative reality is server farms, cloud indices, and behavioral inferences. Nowhere is that tension more acute than in the Supreme Court’s emerging jurisprudence on geofence warrants and, increasingly, AI-assisted search warrants.

The Court’s recent oral argument—focused on the constitutionality and limits of reverse-location searches—puts squarely before it a structural problem that has been building since Smith v. Maryland, 442 U.S. 735 (1979), available here.
. In Smith, the Court held that individuals lack a reasonable expectation of privacy in information voluntarily conveyed to third parties—in that case, dialed telephone numbers captured by a pen register. The “third-party doctrine” has since become the doctrinal fulcrum on which modern data surveillance turns. Later, in Carpenter v. United States, the Court seemed to push back on that doctrine, holding that a warrant was needed to compel the production of Cell Site Location Data from a phone company.

But geofence warrants—and their AI-enhanced descendants—push far beyond Smith’s narrow facts.

A geofence warrant does not seek information about a known suspect. Instead, it compels a provider such as Google to identify all devices (and thus, potentially, all persons) within a defined geographic area during a specified time window. The mechanics are technical but critical. Providers maintain location history data derived from GPS, Wi-Fi triangulation, Bluetooth beacons, and device telemetry. When served with a geofence warrant, the provider conducts an internal search across its location database, typically in stages. First, it returns anonymized device identifiers within the defined geospatial and temporal parameters. Second, investigators may request narrowing by excluding devices or focusing on patterns. Finally, law enforcement may seek identifying information for selected devices. For example, in the recent kidnapping investigation of Nancy Guthrie, the government could seek information on any cell phones in the area during the relevant time without naming a suspect. They also might seek information on anyone who conducted a Google search for “Nancy Guthrie,” or “Savannah Guthrie’s mom,” or the relevant address in the weeks or months before the kidnapping. It’s not that such information would not be relevant (probable cause). It’s not that the search is not “narrow” — in the sense that it looks for information about a single person (Nancy Guthrie) or a single address. It’s that it is a search of everyone in the world for that bit of information. If a “search” by Google (on behalf of the government) shows that I did NOT search for Nancy Guthrie, is my privacy invaded? A 21st Century problem.

Another problem with the GeoFence warrant is that it is not a traditional warrant. Nor is it a traditional subpoena. It is a hybrid.

Under the Fourth Amendment, a warrant must “particularly describ[e] the place to be searched, and the persons or things to be seized.” U.S. Const. amend. IV. A subpoena, by contrast, compels a third party to produce responsive materials within its possession, custody, or control. Geofence warrants occupy an uneasy middle ground: they describe a “place” (a digital geofence rather than a physical location) and “things” (location data), but they require the third party—not the government—to conduct the search.

That hybrid nature creates a doctrinal friction. The Fourth Amendment’s particularity requirement has historically been understood in two dimensions: accuracy and specificity. Accuracy refers to whether the warrant correctly identifies the place and items at issue. Specificity asks whether the warrant is sufficiently narrow to avoid sweeping in irrelevant information. The distinction is subtle but decisive.

Geofence warrants are often accurate. They identify a precise latitude/longitude boundary, a defined radius, and a discrete time interval. But they may lack specificity. By design, they capture all devices within that zone—most of which belong to innocent individuals. The warrant does not initially distinguish between suspects and bystanders.

Courts have struggled with this asymmetry. Compare Carpenter v. United States, 138 S. Ct. 2206 (2018), where the Court held that historical cell-site location information (CSLI) is protected by the Fourth Amendment despite being held by a third party, with Smith, which suggested the opposite for dialed numbers. Carpenter signals that the third-party doctrine is not absolute, particularly where the data reveals “the privacies of life.”

Geofence warrants go even further than CSLI. They are not targeted at a known individual’s historical movements; they are reverse searches that identify unknown individuals based on proximity.

There is, however, an underappreciated countervailing argument: These hybrid warrants may, in some respects, enhance privacy. When the search is conducted by the custodian of the data—Google, Meta, or another provider—the government does not directly rummage through raw datasets. As the Court analogized in other contexts, this is akin to a storage company searching a rented locker and producing only responsive items. See, e.g., United States v. Miller, 425 U.S. 435 (1976), recognizing the role of third-party custodians.

But that analogy is imperfect. The provider, acting under compulsion, is effectively deputized as an agent of the government. It searches across vast troves of data belonging to multiple individuals, including those for whom there is no probable cause. The fact that the provider already possesses the data does not eliminate the intrusion; it merely shifts the locus of the search.

The constitutional question, then, is not whether these searches are broad—they are—but whether they are unnecessarily broad. That distinction matters. The Fourth Amendment prohibits unreasonable searches, not expansive ones per se. Properly constructed geofence warrants can mitigate intrusiveness through tightly defined parameters: narrow geographic boundaries, short temporal windows, staged disclosure protocols, and minimization procedures. Courts have increasingly focused on these safeguards as conditions of constitutionality.

This is where AI enters the analysis—and complicates it exponentially.

AI-assisted search warrants, whether executed by the government or by third-party custodians, promise unprecedented filtering capability. Machine learning models can parse emails, messages, and metadata to identify patterns consistent with fraud, drug trafficking, or other criminal activity. In theory, this could enhance specificity. Instead of seizing all communications within a category, the system could isolate only those that match probabilistic indicators of criminal conduct.

The analogy often invoked is Illinois v. Caballes, 543 U.S. 405 (2005). In Caballes, the Court held that a narcotics-detection dog sniff does not constitute a search because it reveals only the presence or absence of contraband—something in which there is no legitimate privacy interest. If AI were perfectly accurate—if it revealed only evidence of crime and nothing else—the argument follows that its use might be constitutionally permissible, even without individualized suspicion.

But that premise collapses under scrutiny.

Unlike a trained dog, AI does not operate with binary certainty. It produces probabilistic outputs, often opaque even to its designers. False positives are inevitable. More fundamentally, AI does not merely detect contraband; it interprets context, infers intent, and constructs narratives from data. A search for “evidence of drug dealing” is not self-limiting. It requires definitional choices embedded in the model—choices that may sweep in lawful behavior, ambiguous communications, or protected speech.

The slope becomes apparent when one considers the progression of warrants. A narrowly tailored request—“all communications between X and Y regarding transaction Z”—is uncontroversial. A broader request—“all evidence of drug dealing by X”—raises questions but may still be grounded in probable cause. But what of a warrant seeking “all evidence of drug dealing by anyone within a dataset”? If AI can identify such evidence with increasing accuracy, does that render the warrant sufficiently specific? Or does it transform the Fourth Amendment into a mere procedural hurdle for generalized searches?

The historical aversion to general warrants—those that allowed indiscriminate rummaging—was a driving force behind the Fourth Amendment’s adoption. See Stanford v. Texas, 379 U.S. 476 (1965),(invalidating a broad warrant as a general search). AI risks reintroducing that very evil under a veneer of technological precision.

At bottom, the challenge is temporal as much as technological. The Fourth Amendment encodes 18th-century values—particularity, reasonableness, and judicial oversight—into a 21st-century investigative environment defined by scale, automation, and inference. Geofence warrants and AI-assisted searches expose the fault lines in that translation.

The Supreme Court’s forthcoming decisions will not resolve the tension. They will, at best, articulate boundary conditions—requirements for minimization, limits on scope, perhaps heightened scrutiny for reverse searches. But the deeper question will persist: when the tools of search become capable of examining everything, the constitutional inquiry cannot be limited to whether they are accurate. It must confront whether they are justified.

Because in a world where everything can be searched, the only meaningful constraint is what should be.