The Information Technology and Innovation Foundation today called for updates to federal laws regarding the privacy of electronic data and communications to bring our communications laws into the 21st century to reflect changes in technology over the last decade.
ITIF is part of a coalition of advocacy groups, legal experts, and major technology companies called Digital Due Process which is urging revision to the Electronic Communications Privacy Act (ECPA). The 1986 law establishes standards for government access to email and other electronic communications in criminal investigations.
“There is no way a law enacted at the dawn of the digital age can guide law enforcement officials and protect privacy rights in an age of cloud computing and the wireless Internet, and as billions of electronic exchanges occur every hour,” said ITIF President Robert D. Atkinson. “It is long past time to update the law to make sure it treats data stored on a person’s own computer on their desk at home the same way it treats their own data stored in the ‘cloud.’”
The group is calling for four specific steps:
- The government must obtain a search warrant based on probable cause before acquiring any communications content stored by online service providers and telecommunications services, such as private e-mails, instant messages, text messages, word processing documents and spreadsheets, photos, Internet search queries and posts made over social networks, consistent with recent court rulings.
- The government must obtain a search warrant based on probable cause before it can track the location of your cell phone or any other mobile communications device, and before obtaining records of your past locations from cell phone providers or other service providers with access to location data.
- Before monitoring when and with whom you communicate using email, instant messaging, text messaging, the telephone or any other communications technology, the government must demonstrate to a court that such communications data is actually relevant to an authorized criminal investigation.
- If the government wants to obtain the transactional data of multiple unidentified telephone or Internet users when trying to track down a suspect, it first needs to go to court and demonstrate that it needs the data for its criminal investigation.
"These steps are not about weakening the ability of law enforcement to take the steps they need to be able to take to protect Americans and fight crime and terrorism. They are about making sure that the rules law enforcement must abide by are technology neutral” added Atkinson. “The government must use the tools of the digital age to enforce laws and protect public safety. But we must ensure that ambiguity about the law neither undermines Constitutional rights nor impedes innovation in information technology."
Current DDP members include the companies AOL, AT&T, eBay, Google, IBM, Integra Telecom, Intel, Loopt, Microsoft, and Salesforce.com, and the organizations ACLU, American Library Association, Association of Research Libraries, Center for Democracy & Technology, Competitive Enterprise Institute, Electronic Frontier Foundation, Computer & Communications Industry Association, the Information Technology & Innovation Foundation, NetCoalition, and the Progress & Freedom Foundation.
In the coming weeks the group will continue to reach out to government officials from law enforcement agencies to develop legislative proposals.
More information about Digital Due Process can be found at www.digitaldueprocess.org.
Through its research, policies proposals, and commentary, the Information Technology and Innovation Foundation is working to advance and support public policies that boost innovation, e-transformation and productivity. For additional information, visit ITIF at www.itif.org or contact Steve Norton at (202) 626-5758 or [email protected].