IDG News Service - A new bill introduced in the U.S. Senate would update a 25-year-old law that sets the rules for law enforcement surveillance of e-mail and other electronic communications, with more legal protections for the privacy of data stored in the cloud.
The Electronic Communications Privacy Act Amendments Acts would update the 1986 ECPA by requiring that U.S. law enforcement agencies get court-ordered search warrants before accessing electronic data stored with third-party vendors, such as cloud providers.
Currently, the ECPA allows law enforcement agencies to gain access to unopened e-mails and files stored in the cloud for longer than 180 days through a subpoena, typically issued by a prosecutor, not a judge. The 180-day rule is "outdated," said Senator Patrick Leahy, a Vermont Democrat and sponsor of the new bill.
The 1986 law has been "out-paced by rapid changes in technology and the changing mission of our law enforcement agencies" since the Sept. 11, 2001, terrorist attacks on the U.S., Leahy, chairman of the Senate Judiciary Committee, said in a statement. "Under the current law, a single email could be subject to as many a four different levels of privacy protections, depending upon where it is stored and when it was sent."
The bill would also require that law enforcement agencies get court-approved warrants to access the geolocation information of a mobile phone subscriber. Under current U.S. law, it's unclear if mobile phone location information is protected by the warrant process.
The bill requires that law enforcement agencies notify suspects within three days that government agents have accessed their data, although it would allow law enforcement agencies to seek court orders delaying the notification for 90 days in sensitive situations. The legislation allows ISPs and other vendors to voluntarily disclose information that is pertinent to addressing a cyberattack to the government.
"I drafted this bill with one key principle in mind -- that updates to the Electronic Communication Privacy Act must carefully balance the interests and needs of consumers, law enforcement, and our nation's thriving technology sector," Leahy said.
A group called the Digital Due Process Coalition, made up of tech vendors and privacy groups, has been pushing for changes to the ECPA since early 2010. The different levels of protection for e-mail and other stored data don't make sense with the growing dependence on cloud computing, the group has argued.
ECPA deals with third-party control of data "imperfectly," with different rules if e-mail is on a suspect's computer, if it's been opened, if it's in transit and if it's stored for 180 days, said James Dempsey, vice president for public policy at the Center for Democracy and Technology.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
If you use ‘password,’ one the worst passwords, as your password, fail to keep antivirus protection updated and don’t bother to deploy security patches to close critical vulnerabilities, then maybe you should consider working for the cybersecurity-clueless federal government; you’d fit right in, according to Senator Tom Coburn's cybersecurity and critical infrastructure report.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Changing the Way Government Works: Four Technology Trends that Drive Down Costs and Increase Productivity
- This paper discusses four technology-based approaches to improving processes and increasing
productivity while driving down department and agency costs.
- Mobile Policy Checklist
- Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Mobile Applications Case Study: 8 Billion Transactions a Day
- The story documents how the online brokerage company tradeMONSTER created a custom mobile app and the success gleaned from this initiative. Also covered...
- Who's afraid of the big (data) bad wolf? Survive the big data storm by getting ahead of integration and governance functional requirements
- This paper provides a detailed review of the best practices clients should consider before embarking on their big data integration projects.
- Understanding big data so you can act with confidence
- Automating information integration and governance and employing it at the point of data creation helps organizations boost confidence in their big data. All Government IT White Papers
- Mobile Apps and Devices Slash Customer Cycle Time Consolidated Engineering Laboratories' field employees used to collect data on triplicate forms that were sometimes hard to read and difficult to manage. After...
- Cloud Knowledge Vault Learn how your organization can benefit from the scalability, flexibility, and performance that the cloud offers through the short videos and other resources...
- Testimonial: Cystic Fibrosis Trust Peter Hawkins, the Head of IT for Cystic Fibrosis Trust, discusses the role CommVault's Simpana software platform plays in improving the company's information...
- PST Archiving: What is it and How is it Done? Learn more about what PST data is, the risks relating to it, and how the new PST Archiving feature in the Simpana 10...
- How to Select the Right IoT Platform We are rapidly entering a world where almost everything will be connected to the cloud and managing these connected things and leveraging the...
- All Government IT Webcasts