How much has technology changed since 1986? A lot. How much has the major law protecting the privacy of users participating in electronic communication changed? Negligibly. Currently, personal and business protections from government intrusion into stored data relies on an outdated bill passed well before the advent of the full scale internet, during the waning years of the Cold War.
Currently relying on the Electronic Communications Privacy Act of 1986, last amended as part of the USA PATRIOT Act and by the FISA Amendments Act of 2008, the law as it stands inadequately protects businesses and consumers in modern times from intrusion into personal data stored in servers abroad. But there is a way to improve data privacy. the Law Enforcement Access to Data Stored Abroad (LEADS) Act.
In Favor of International Process and Privacy
Why is this needed? The law is outdated and fails to protect companies and users based on international data standards. Microsoft’s Brad Smith highlighted exactly why the Federal Government needs to work to update ECPA, which can be done by choosing to accept the Law Enforcement Access to Data Stored Abroad (LEADS) Act.
The increasing use by governments of unilateral legal process – rather than international process – to obtain digital data is creating real problems and these problems are quickly getting worse. But you can protect it.
Brittenford Systems has joined major players including Microsoft, Apple, Cisco, IBM, HP, Verizon and many more in the fight for privacy, and Brittenford Chief Technology Officer and Voices for Innovation leader Ryan Risley sounded off on the current Congressional discussions regarding the Law Enforcement Access to Data Stored Abroad Ace (LEADS Act) in a recent Voices for Innovation article.
LEADS Act: The Basics
In a September 2015 U.S. Court of Appeals hearing, where Microsoft challenged the U.S.’s request for private data held in Ireland, the U.S. government asserted its right and even the right of other nations to access data beyond national borders.
The growing threat of privacy and confidentiality intrusions is eroding trust in technology. Without user trust, innovation and its benefits are undermined. As troubling, people are losing confidence that our nation is upholding the commitment to privacy enshrined in the Fourth Amendment of the U.S. Constitution.
The Law Enforcement Access to Data Stored Abroad Act—the LEADS Act—will help restore trust in tech by ensuring that digital communications and data receive the same privacy protections as paper letters and documents. The LEADS Act will:
- Require a court-approved search warrant—for government agencies to access private digital communications and documents, just as required for government access to physical documents.
- Establish fair rules for government to access data stored abroad—this will protect Americans’ privacy and set a model for other nations.
- Strengthen international cooperation—U.S. law enforcement will be better able to conduct international investigations through Mutual Legal Assistance Treaties with other nations.
Brittenford CTO Ryan Risley Sounds off on LEADS Act
As the CTO of technology consulting firm Brittenford Systems, I spend a lot of time helping our diverse range of mid-market clients understand how technology can drive operational improvements and growth. Our clients put their trust in us and the solutions we implement, and today, of course, the best options for ERP, BI, and other functions live in the cloud.
But when it comes to business confidentiality and privacy, there are clouds over the cloud, so to speak. The main U.S. law governing digital privacy protections and access to data—the Electronic Communications Privacy Act (ECPA)—was adopted in 1986, before the advent of the full-scale Internet. The legal framework for cloud computing is outdated—in the U.S. and around the world. This is especially true given the international nature of cloud computing, with data often moving across borders.
The legal uncertainty surrounding cloud computing is a concern to my company and many of our clients—and that’s why I’ve been involved with advocating for passage of the Law Enforcement Access to Data Stored Abroad Act—or the LEADS Act. Last October, I joined other members of Voices for Innovation (VFI) to visit Capitol Hill and meet with legislators and their staff to voice our support for the LEADS Act.
Will Congress Take Action?
While about 150 members of Congress have co-sponsored the LEADS Act, the legislation hasn’t moved in the U.S. House or Senate. I was starting to wonder if Congress truly understood how important this issue is, not just to the tech sector, but to the global business community and to individuals.
Finally, however, the House Judiciary Committee announced that it would hold a hearing on the issue of international legal conflicts concerning cloud data. I could’ve watched the live stream of the hearing, but since I work in northern Virginia, I cleared my schedule and made the trip to Capitol Hill to attend in person.
The hearing I witnessed included two panels. In the first panel, Judiciary Committee members grilled David Bitkower, Principal Deputy Assistant Attorney General from the U.S. Department of Justice, on the DOJ’s attempt to use search warrants to access data stored in other nations.
In the second panel, several witnesses, including Microsoft President and Chief Legal Officer Brad Smith, highlighted the problems technology companies and users face because of our nation’s outdated digital privacy laws. (You can read Brad Smith’s recap of the hearing at this link.)
The main positive takeaway from the hearing is that Congress—or at least many members of the House Judiciary Committee—recognizes that there is a problem that needs attention. This is a critical step. But it remains to be seen if Congress will make addressing this issue a priority this year. I hope that momentum from this hearing will advance the LEADS Act or some other legislative solution.
How Citizens Can Take Steps to Protect Their Privacy
The best way to convince Congress to act is to let them know that you’re watching and want legal reform that both protects privacy and improves cross-border law enforcement cooperation. If you haven’t emailed Congress on this issue yet (or recently!), do so now.