No Cops in the Cloud Without a Warrant

April 9, 2010— -- What do Google, Microsoft, AT&T, Intel, Americans for Tax Reform, ACLU, the American Library Association, the Competitive Enterprise Institute and the Electronic Frontier Foundation have in common?

They actually all agree that the law covering government access to today's sophisticated electronic communications is in desperate need of an update.

That law, the Electronic Communications Privacy Act (ECPA), was adopted when the Internet was in its infancy. The law was prescient for its time, setting out the rules for government access to electronic data. But technology has evolved rapidly since that time.

And there is a widespread view among major companies and trade associations, advocacy groups and think tanks from across the political spectrum that this critical privacy law needs to be updated in light of modern technology.

The diverse interests came together last week to propose principles to guide revision of the law and launch the Digital Due Process coalition (DPP).

When ECPA was adopted in 1986, the Web didn't exist, commercial access to e-mail was limited and only a select few Americans had mobile phones (large brick-shaped devices). No one knew how these new mediums would develop but the rules about government access to the information that would flow over them were murky, at best.

Existing law only protected voice communications carried over a wire. Many believed that cellular phone calls and e-mail enjoyed no constitutional protection.

Congress enacted ECPA to fill that void and extend protection to wireless and Internet communications so that these new technologies would be trusted by consumers and therefore able to grow.

What followed was the great technology boom. Today, approximately three out of every four Americans are Internet users.

There are 277 million cell phones in use in the United States. Cloud computing is all the rage, and exciting new location-based technologies are becoming ubiquitous.

But the rules governing how, when and under what circumstances law enforcement can get access to the information generated by these services is frozen in a 1986 vision of technology.

So DDP is proposing a set of principles for law enforcement access that will safeguard end-user privacy, provide clarity for service providers and enable law-enforcement officials to conduct effective and efficient investigations. The recommendations focus on a handful of the most important issues that are arising daily under the current law.