Weather Report: Cloud-E with a Chance of Privacy Law Changes


Congress is facing a complex dilemma as it focuses on Internet privacy legislation. As personal communication migrates from traditional telephone lines to e-mails, Facebook, and VOIP calls, Congress must seek a balance between public safety concerns and individual privacy interests as law enforcement officials seek increased access to these forms of electronic communication.

Currently, one law receiving intense focus is the 1986 Electronic Communications Privacy Act (ECPA), with a building consensus calling for revisions to the statute.

Specifically, the United States Department of Justice and state law enforcement officials are seeking an extension of the ECPA to permit the wiretapping of all forms of electronic communication, including P2P messages, social media websites, and encrypted e-mail services. The U.S. Senate Judiciary Committee is weighing whether to modify this nearly 25-year-old law.

Wanting to speed changes to the ECPA, a coalition of over 50 technology companies, legal groups, privacy advocates, think tanks, and law professors founded Digital Due Process earlier this year to “moderniz[e] surveillance laws for the internet age.”  You can watch and listen to an overview of the group’s positions below.

According to Microsoft General Counsel Brad Smith, “[t]he reality today is that ECPA increasingly falls short of a common sense test.” The changes being sought would require all electronic communication — regardless of format, encryption, or security — to be capable of complying with any wiretap order.

Thomas B. Hurbanek, a Senior Investigator with the New York State Police Computer Crimes Unit, told Congress that changes in the law are warranted, because the various “Cloud Computing technologies…could create an environment where entire segments of business activity could be conducted outside of the reach of law enforcement.”

A Chicago law enforcement official educated Congress on how quickly criminal enterprises have adapted new technologies into their illegal operations by

using social networking applications as an instant communication tool to conduct gang operations, a recruiting tool that can enlist and indoctrinate criminal cohorts from around the world, or a training platform to teach effective ways to avoid detection.

Richard Salgado, Google’s Senior Counsel, Law Enforcement and Information Security, notes that technological advances warrant the law’s overhaul: “ECPA provisions no longer reflect the way people use the services or the reasonable expectations they have about government access to information they store in the cloud.”

Facebook Deputy General Counsel Mark Howitson told lawyers at a legal technology conference in New York this year that the social networking company feels that the public does not really understand what Facebook’s legal responsibilities are to users over privacy protection matters. “We don’t want to have to deal with these requests.”

Howitson believes that privacy litigation could actually help Facebook clarify its responsibilities to users under the ECPA. “We’re itching for that fight,” he remarked.

The reality is that the creation and use of new technologies has far outpaced the ability of law enforcement officials and lawmakers to keep up with them.

Do you ever think about these privacy issues?  Are you concerned about them? Do you double-check what you are posting on Facebook, tweeting, or sending in an e-mail?

Share your opinions on these electronic privacy issues with us and our readers.

Photo credit: Clix