IDG News Service - A new bill introduced in the U.S. Senate would update a 25-year-old law that sets the rules for law enforcement surveillance of e-mail and other electronic communications, with more legal protections for the privacy of data stored in the cloud.
The Electronic Communications Privacy Act Amendments Acts would update the 1986 ECPA by requiring that U.S. law enforcement agencies get court-ordered search warrants before accessing electronic data stored with third-party vendors, such as cloud providers.
Currently, the ECPA allows law enforcement agencies to gain access to unopened e-mails and files stored in the cloud for longer than 180 days through a subpoena, typically issued by a prosecutor, not a judge. The 180-day rule is "outdated," said Senator Patrick Leahy, a Vermont Democrat and sponsor of the new bill.
The 1986 law has been "out-paced by rapid changes in technology and the changing mission of our law enforcement agencies" since the Sept. 11, 2001, terrorist attacks on the U.S., Leahy, chairman of the Senate Judiciary Committee, said in a statement. "Under the current law, a single email could be subject to as many a four different levels of privacy protections, depending upon where it is stored and when it was sent."
The bill would also require that law enforcement agencies get court-approved warrants to access the geolocation information of a mobile phone subscriber. Under current U.S. law, it's unclear if mobile phone location information is protected by the warrant process.
The bill requires that law enforcement agencies notify suspects within three days that government agents have accessed their data, although it would allow law enforcement agencies to seek court orders delaying the notification for 90 days in sensitive situations. The legislation allows ISPs and other vendors to voluntarily disclose information that is pertinent to addressing a cyberattack to the government.
"I drafted this bill with one key principle in mind -- that updates to the Electronic Communication Privacy Act must carefully balance the interests and needs of consumers, law enforcement, and our nation's thriving technology sector," Leahy said.
A group called the Digital Due Process Coalition, made up of tech vendors and privacy groups, has been pushing for changes to the ECPA since early 2010. The different levels of protection for e-mail and other stored data don't make sense with the growing dependence on cloud computing, the group has argued.
ECPA deals with third-party control of data "imperfectly," with different rules if e-mail is on a suspect's computer, if it's been opened, if it's in transit and if it's stored for 180 days, said James Dempsey, vice president for public policy at the Center for Democracy and Technology.
- 18 Hot IT Certifications for 2014
- CIOs Opting for IT Contractors Over Hiring Full-Time Staff
- 12 Best Free iOS 7 Holiday Shopping Apps
- For CMOs Big Data Can Lead to Big Profits
- Slideshow: 5 ways to lock down your mobile device
- Slideshow: 10 mistakes companies make after a data breach
- How to rob a bank: A social engineering walk through
- Which smartphone is the most secure?
If you like your iPhone, you can keep your iPhone. Period.
President Obama has revealed that he's not permitted to carry an iPhone. It's too insecure for the job, he says. Instead, he's stuck with a BlackBerry. Well, someone's got to have one still. However, it turns out that the Pentagon has also outlawed non-BlackBerry smartphones. In IT Blogwatch, bloggers joke that 2006 called and they want their smartphones back.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Mitigating DDoS Attacks with F5 Technology
- This document examines various DDoS attack methods and the application of specific ADC technologies to block attacks in the DDoS threat spectrum while...
- The DDoS Threat Spectrum
- Bolstered by favorable economics, today's global botnets are using distributed denial-of-service (DDoS) attacks to target firewalls, web services, and applications, often simultaneously.
- Defending Against Denial of Service Attacks
- By utilizing end-user interviews, this whitepaper explores a deeper understanding of DDoS defense plans and reveals the knowledge gaps around the Denial of...
- Strategic Solutions for Government IT
- This paper outlines why F5 is the optimum partner to help achieve the levels of security, performance and availability that are vital to...
- Accelerating Speed to Market in the Highly Competitive Automotive Industry
- This White Paper discusses how an Enterprise Project Portfolio Management solution optimizes project analysis, management, reporting and risk mitigation processes to accelerate new... All Government IT White Papers
- Modernizing SAP environments with minimum risk - a path to Big Data Hear from top IDC analyst, Richard Villars, about the path you can start taking now to enable your organization to get the benefits...
- The Power of the Citrix Mobility Solution, XenMobile Does everything become a smartphone? Or does the smartphone begin to do everything? How can we afford to support BYOD? Rather, how can...
- BYOD Happens: How to Secure Mobility How to navigate the journey of securing mobility, including the BYOD corruption of IT, the top ten mobility strategies, and the mobility management...
- HR and Finance Were made for Each Other View now >>
- The Value of Human Capital for Finance Professionals View now >>
- All Government IT Webcasts
Does your organization offer extensive benefits, cool perks, competitive salaries, opportunities for training and advancement? Then get it recognized!
Nominate your company or another deserving organization for Computerworld's 2014 Best Places to Work in IT list now through Dec. 12, 2013.