informa
/
3 MIN READ
Commentary

Electronic Privacy Laws Need An Overhaul

Laws governing electronic privacy, written before companies like Google and Facebook existed, are in desperate need of Congressional revision.

Last month's release of Google's Transparency Report detailing government and court requests for user data highlights a growing challenge to service providers like Google and other technology companies: How to meet the skyrocketing number of requests from government authorities for data while working under murky and unclear guidelines. 

The report reveals that demands by US law enforcement agencies for user account data from Google rose 30% in the last six months. A significant percentage of these demands come from civil regulatory agencies who want access to users' email and other stored documents from online providers -- using subpoenas they issue themselves, with no judicial or other third-party review.

Govt-requests-for-user-data-Google3.jpeg

Requests to Google for user data from U.S. authorities. Source: Google Transparency Report

However, service providers have resisted these requests, insisting that the law enforcement agencies obtain a warrant for the production of these materials.

TechAmerica, like the rest of the technology community, consumer groups, privacy advocates, and others, are supporting legislation that would ensure that government agencies should be able to access these files only with a warrant issued by a judge.

[Is it time for Congress to reconsider privacy protection laws? Its own watchdog group thinks so. Read Consumer Privacy Protections Need Review, GAO Tells Congress.]

Specifically, we are urging Congress to pass an update to the nearly 30-year-old Electronic Communications Privacy Act (ECPA). This statute, written before companies like Google and Facebook even existed, is in desperate need of Congressional revision.

The changes proposed by this legislation will bring the law up to speed with the way Americans communicate today, ensuring that law enforcement is required to obtain a warrant to access all stored content, regardless of age.

This common-sense change is vitally important to the technology community and to any American who uses email. Currently, email or other stored content older than 180 days does not require a warrant for access, which we consider woefully inadequate. The bill ensures that there is one standard for all content, and it provides the necessary clarity for US technology companies.

So what's the holdup? Why won't Congress deal with a law that has not kept up with technology?

Civil law enforcement agencies apparently want to continue the status quo and don't want to need permission from a judge to access sensitive data from consumers and businesses through service providers.

However, Congress must act now to establish a clear, across-the-board standard that requires a warrant before obtaining information from service providers about the content of users' communications.

The Constitution protects us from unreasonable search and seizure, including requiring the government to obtain a warrant to access information. It's time Congress provided the same protection to electronic records that paper records receive.

Joe Rubin is the Acting Head of Federal Government Affairs for the technology trade association TechAmerica.

Consumerization 1.0 was "we don't need IT." Today, we need IT to bridge the gap between consumer and business tech. Also in the Consumerization 2.0 issue of InformationWeek: Stop worrying about the role of the CIO. (Free registration required.)

Editor's Choice
Brian T. Horowitz, Contributing Reporter
Samuel Greengard, Contributing Reporter
Nathan Eddy, Freelance Writer
Brandon Taylor, Digital Editorial Program Manager
Jessica Davis, Senior Editor
Cynthia Harvey, Freelance Journalist, InformationWeek
Sara Peters, Editor-in-Chief, InformationWeek / Network Computing