Intolerable invasion of privacy

President Obama plans to give a major speech today (Friday, Jan. 17) on government surveillance and privacy.  What he says could go a long way to addressing Americans’ deep concerns about government intrusion into our private lives. An announcement of genuine reforms could also begin to restore global confidence in the security of data stored with U.S.-based companies.  On the other hand, a tepid mix of half-steps could reinforce the negative image of our government at home and abroad.

In the speech, the president will undoubtedly address the National Security Agency programs that were revealed last summer by Edward Snowden. However, while many Americans are distressed by the practices of the NSA, the fact is that domestically, ordinary law enforcement agencies are collecting more and more digital information and they are doing so under outdated rules that have failed to keep pace with technology’s rapid evolution.

ADVERTISEMENT
One law in particular is long overdue for an update.  The Electronic Communications Privacy Act was written in 1986, when few Americans used email.  It was a dial-up world then.  There was no “cloud,”  and email service providers routinely deleted messages soon after they were sent. Not realizing where technology was headed, ECPA’s authors said that government agencies did not need a warrant to obtain older emails and any private documents stored online with third party service providers.

Today, with free, unlimited storage, nearly ubiquitous broadband, and social media, ordinary Americans store all manner of private documents online. And U.S.-based companies have led the world in innovative cloud computing services.

The government can’t tap our phones, open our mail or search our homes without persuading a judge to issue a warrant based on probable cause to believe that a crime is being committed.  But ECPA says that the government can subpoena pretty much anything we store online – business plans, financial records, calendars, diaries, photographs – without a warrant and without good reason to believe a crime is being committed. That’s an intolerable invasion of privacy in a country founded on ideals of personal liberty.

It also threatens the growth of industries and technological innovations that are driving the American economy and job creation. Businesses, especially in the huge overseas markets, are reluctant to use American services that they believe would expose them and their customers to unwarranted US government scrutiny. American companies essentially invented cloud computing, but customers here and abroad will turn increasingly to service providers overseas if they are not assured that American companies can protect their privacy.

Unless it is brought up-to-date for the realities of life in the 21st century, ECPA will continue threaten the ideals and the economic interests of the American people. It is time to reform ECPA and make emphatically clear that our constitutional rights are guaranteed in the digital age.

Bipartisan ECPA reform legislation is pending in both houses of Congress. In the Senate, Sens. Patrick Leahy (D-Vt.) and Mike Lee (R-Utah) joined forces to introduce the Electronic Communications Privacy Act Amendments Act of 2013, which passed the Senate Judiciary Committee last spring. Similar legislation has been introduced in the House. Moreover, the legislation is supported by a broadest imaginable coalition of liberals and conservatives, tech giants and start-ups, former prosecutors and civil libertarians. The bills have one simple premise: before accessing private or proprietary information stored online, government agents must obtain a search warrant.

The Attorney General of the United States and the director of the FBI have both testified that their investigators should get a warrant for private content.  But the Securities and Exchange Commission is blocking the bill, seeking new power to read email and seize other private documents without a warrant.  These regulatory agencies want a carve-out, allowing them to issue subpoenas, without a judge’s approval, to force service providers to disclose what they hold for their customers. 

The issue is now before Congress and the president.  President Obama should not support expanding the powers of regulatory agencies.  In the face of growing public concern about government overreaching, one way for him to show that he is serious about protecting Americans' online privacy rights is by urging Congress to pass a clean ECPA bill, without a civil agency carve-out.

Nojeim is the senior counsel at the Center for Democracy & Technology (CDT) and McAuliffe is the federal affairs manager at Americans for Tax Reform.  They are both members of the Digital 4th coalition.