In 2010, electronic privacy needed digital due process. In 2012, it’s worth defending your vanishing rights online.
This week, there’s an important issue before Washington that affects everyone who sends email, stores files in Dropbox or sends private messages on social media. In January, O’Reilly Media went dark in opposition to anti-piracy bills. Personally, I believe our right to digital due process for government to access private electronic are just as important.
Why? Here’s the context for my interest. The silver lining in the way former CIA Director David Petraeus’ affair was discovered may be its effect on the national debate around email and electronic privacy, and our rights in a surveillance state. The courts and Congress have failed to fully address the constitutionality of warrantless wiretapping of cellphones and the location of “persons of interest.” Phones themselves, however, are a red herring. What’s at stake is the Fourth Amendment in the 21st century, with respect to the personal user data that telecommunications and technology firms hold that government is requesting without digital due process.
On Thursday, the Senate Judiciary Committee will consider an update to the Electronic Communications Privacy Act (ECPA), the landmark 1986 legislation that governs the protections citizens have when they communicate using the Internet or cellphones. (It’s the small item on the bottom of this meeting page.)
UPDATE: Senator Leahy’s manager’s amendment to ECPA passed but Politico’s Tony Romm reports that the full Congress is unlikely to pass ECPA reform in this session.
If you somehow missed the uproar online last week, the tech policy world went a bit nutty when CNET’s Declan McCullagh broke a story about Senator Patrick Leahy (D-VT) rewriting the text of his ECPA amendment.
By the end of the day, Senator Leahy said he would not support that proposal, but what the draft reflected is pressure from law enforcement and federal regulatory agencies to not only keep warrantless access open but to enshrine it in law.
Today, Senator Leahy’s office posted a manager’s amendment and summary of changes for the committee’s consideration.
“The manager’s amendment is vastly improved, as compared to the controversial one last week,” said Greg Nojeim, senior counsel at the Center for Democracy & Technology and the director of its Project on Freedom, Security & Technology, in a phone interview.
“We support the manager’s amendment, and will support the bill,” he said. “It will establish a clear, consistent standard for law enforcement access to content. It will require a warrant going forward. This is a huge improvement over current law and will bring ECPA into the modern age.”
In a post on the amendment at CDT.org, Nojeim reiterated CDT’s support. “It will protect consumer privacy, remove the uncertainty law enforcement currently faces, and foster the growth of U.S. cloud computing companies, which will be able to promise their clients that the information they store in cloud will be as secure against government access as information stored locally,” he wrote.
Verify, then trust
This week, the senators on the Judiciary Committee are likely to continue be under some pressure to suggest changes to this amendment that would weaken the protections in it. The manager’s amendment already contains some concessions to law enforcement, with respect to extending the time periods after which the federal government must notify an individual that government has obtained electronic communications, or that a service provider must wait to inform that individual that those records have been obtained.
There’s also clarity that the search warrant requirement in this amendment does not apply to federal anti-terrorism laws, specifically the Foreign Intelligence Surveillance Act (FISA).
“We believe that they’ve kept the central protection in the manager’s amendment, that law enforcement must obtain a warrant to read private communications or digital content, such as documents stored in the cloud,” said Chris Calabrese, legislative counsel for the ACLU, in a phone interview. “That’s a huge privacy win, and we’re glad to see that that’s stayed in.”
Senator Leahy’s statement, however, does leave room for debate:
“I welcome the upcoming Senate Judiciary Committee debate on updating the Electronic Communications Privacy Act (ECPA) to better protect Americans’ digital privacy rights. Today, this critical privacy law is significantly outdated and out-paced by rapid changes in technology and the changing mission of our law enforcement agencies.
“When I led the effort to write the ECPA more than 25 years ago, no one could have imagined that emails would be stored electronically for years or envisioned the many new threats to privacy in cyberspace. That is why I am working to update this law to reflect the realities of our time and to better protect privacy in the digital age. I join the many privacy advocates, technology leaders, legal scholars and other stakeholders who support reforming ECPA to improve privacy rights in cyberspace. I hope that all members of the Committee will join me in supporting the effort in Congress to update this law to protect Americans’ privacy.”
The other side of the issue is represented by a diverse coalition of digital rights advocates that spans traditional ideological labels. Notably, Americans for Tax Reform and the American Civil Liberties Union (ACLU) agreed that electronic privacy deserves a bipartisan upgrade.
The coalition is urging people to go to VanishingRights.com to tell their senators to support warrants for personal electronic communication.
I think they’re on the right side of history.