Tomorrow, the House Judiciary Committee will host a hearing on, “International Conflicts of Law Concerning Cross-border Data Flow and Law Enforcement Requests.” Members of Congress and two panels of representatives from industry, academia, and law enforcement are set to discuss the security, privacy, and economic threats caused by laws that have not kept pace with advancements in technology.
Currently, the 1986 Electronic Communications Privacy Act (ECPA) governs how and when law enforcement can access data stored in the cloud. The law was drafted before most Americans had heard of email or surfed the World Wide Web. The bill was written the same year the first laptop was introduced, and car phones (the ones that worked like this) were just starting to catch on.
Since then, the vast majority of global commerce has moved to the cloud. Companies remotely store data where it can be accessed by employees anywhere in the world. Cloud computing has become essential to customer interactions and business-to-business transactions of today.
The emergence of the cloud has also changed how we communicate and access content. Services we take for granted such as web-based email, apps, streaming movies and digital music owe their success to the cloud. Nearly everything we do on smartphones and tablets is a cloud-based service. It’s where people store important data — from sensitive medical and financial information to family pictures and email.
American technology companies and cloud service providers have been leading this mobile revolution, building data centers around the globe to ensure the fastest, most reliable service for customers.
When Congress enacted ECPA 30 years ago, there’s no way it could conceive of the cloud that exists today. However, this outdated law is the tool upon which our law enforcement agencies must rely to access information stored abroad by American technology companies.
The outdated law doesn’t account for consumers that use apps and mobile devices to access sensitive work, health, financial or personal information. Nor does it provide a clear and fast way for investigators to get evidence stored in the cloud, preventing the U.S. government from quickly and efficiently coordinating with other countries. The Department of Justice currently handles requests for data using paper-based correspondence.
Americans deserve policies that enable technology companies to innovate, while allowing law enforcement officials to do their job. The world has rapidly become connected through mobile devices, but our efforts to coordinate with other governments on overseas investigations are fragmented and dated.
Congress must act to clarify how law enforcement can access data stored abroad, and address the questions left unresolved by laws in place today. There are solutions. Congress should pass legislation like the Law Enforcement Access to Data Stored Abroad (LEADS) Act, update the MLAT process, and support international agreements to protect our safety and our privacy.
Image: Thomas Hawk / license / no changes made