Why Congress must update USA’s definition of Internet privacy
Major tech groups like ACT the App Association have sent a joint letter to US Congress in support for the International Communications Privacy Act. But why exactly?
There are several changes that the new US administration has been trying to push, but amidst this seemingly wasteful effort, there is one particular issue that truly requires Congressional action: making sure the US has an up-to-date, 21st-century-ready understanding of what law enforcement should look like regarding Internet data. That’s why several tech-related groups like ACT the App Association, the Software Alliance, the Internet Association, and the US Chamber of Commerce have expressed their support for continued conversation around the topic in an open letter.
The US does have the Electronic Communications Privacy Act (ECPA), which was enacted more than 30 years ago when the Internet as we know it today did not exist.
As outlined in the letter, the US does currently have the Electronic Communications Privacy Act (ECPA), which was enacted more than 30 years ago when the Internet as we know it today did not exist. It’s not surprising, therefore, that the US Court of Appeals for the Second Circuit recently ruled that the ECPA does not authorize US law enforcement to obtain a warrant for certain communications content stored overseas by a US company. In other words, current Internet- and data privacy-related laws in the US put US tech giants like Apple or Microsoft as well as small businesses in a difficult position.
According to these groups, this outdated law could raise very serious problems:
- Putting U.S. citizens and U.S. companies at risk by encouraging reciprocal action by foreign governments;
- Continuing to place U.S. cloud providers in a conflict of laws situation – to choose either to comply with U.S. law or violate another country’s;
- Competitively disadvantaging and undermining trust in U.S. cloud providers; and
- Undermining international cooperation.
Last year, in an effort to update the antiquated ECPA, a few senators introduced the International Communications Privacy Act (ICPA), which “amends the federal criminal code by allowing a governmental entity to require providers of electronic communication services or remote computing services to disclose the contents of communications in electronic storage (e.g., the cloud), regardless of where those communications are located.” It thus allows a governmental entity to obtain a warrant for electronic communications stored outside of the United States “if certain conditions for obtaining the warrant are met.” Not only would this establish a clear process so that tech entities aren’t put in an awkward position (and so that users are assured of the safety of their data), but it also addresses national and international threats related to the Internet.
The ICPA allows a governmental entity to obtain a warrant for electronic communications stored outside of the United States.
The open letter is, needless to say, in support of the ICPA, thanking Chairman Goodlatte and Ranking Member Conyers for their efforts. It also urges Congress to create a “new framework that accounts for law enforcement’s needs” and “the realities of today’s technology.”
What are your thoughts on the International Communications Privacy Act? What do you think Congress must address to ensure US law enforcement is 21st-century-ready? Let us know by leaving a comment below!