Lawmakers Call for Greater Protections From E-Surveillance
If U.S. law enforcement agencies agree to changes in electronic surveillance law to better protect the privacy of stored email and documents, they want several changes in return, including a requirement that email and cloud service providers hold onto records longer.
Tue, March 19, 2013
IDG News Service (Washington, D.C., Bureau) — If U.S. law enforcement agencies agree to changes in electronic surveillance law to better protect the privacy of stored email and documents, they want several changes in return, including a requirement that email and cloud service providers hold onto records longer.
Representatives of the U.S. Department of Justice and the Tennessee Bureau of Investigation told U.S. lawmakers Tuesday that they could accept some changes to the 1986 Electronic Communications Surveillance Act (ECPA), after several members of the U.S. House of Representatives Judiciary Committee called for changes in the law that would require law enforcement agencies to get court-ordered warrants to obtain emails and other electronic documents stored for more than six months.
Right now, U.S. law enforcement agencies need only a subpoena to obtain electronic documents stored for longer than 180 days on servers outside a suspect's computer. Several tech companies and digital rights groups have been calling for more privacy protections in ECPA for three years, saying it doesn't make sense that a document in a file cabinet, or an email less than 180 days old, should enjoy more privacy protections than stored electronic documents.
The U.S. Constitution's Fourth Amendment, prohibiting unreasonable searches and seizures by the government, "protects more than just Luddites," Representative Jim Sensenbrenner, a Wisconsin Republican and chairman of the Judiciary Committee's crime subcommittee, said during a hearing Tuesday. "Americans should not have to choose between privacy and the Internet."
While ECPA reform is a top priority, finding a balance between privacy and law enforcement needs won't be easy, Sensenbrenner said. Lawmakers tried during the last session of Congress to pass ECPA reform bills, but failed, he noted.
If Congress makes it harder for law enforcement agencies to get access to stored documents, it should also require email and cloud service providers to hang onto documents longer, and it should prohibit service providers from warning customers when investigators seek access to their documents, said Richard Littlehale, assistant special agent in charge of the Technical Services Unit at the Tennessee Bureau of Investigation.
Congress should also require service providers to respond to law enforcement records requests in a timely manner, Littlehale told the subcommittee.
"When we request these records, it is for a reason -- we believe that the records constitute evidence that will lead to identification of sexual predators, the recovery of kidnapping victims, or the successful prosecution of a murderer," Littlehale said. "Any consideration of changes to ECPA that will make obtaining communications records more time-consuming and laborious should reflect an understanding of how those changes will impact our ability to do our job."