A remarkable consensus has emerged among industry and civil liberties groups on the right and the left about the need for ECPA reform, leading to the creation last year of the Digital Due Process Coalition to press Congress to update ECPA. The coalition includes Microsoft, AT&T, Intel, Salesforce, Facebook and Google and groups as diverse as CDT, the ACLU, EFF, Freedom Works and Americans for Tax Reform. If these strange bedfellows can find common ground on ECPA reform, Congress should be able to do it as well.
3) The PROTECT IP Act (PIPA)
PIPA aims to target websites that enable copyright and trademark infringement, a goal worthy of congressional attention.
Encouragingly, PIPA is an improvement over similar legislation introduced last session; among other things, it does not lay the burden of blocking infringing websites on domain names registries and registrars.
But PIPA does require Internet service providers (ISPs) to block domain name lookup requests of sites found to be infringing. This is no small thing. It would cross a line that U.S. law has thus far eschewed: government mandated ISP blocking and filtering.
Experts agree that the law won't be effective and may harm security. A group of noted technologists in the domain name space have warned that if PIPA becomes law it could undermine the security of the domain name system. That ought to be enough to get Congress to move cautiously in this area.
4) Data Retention
In July, the House Judiciary Committee passed a bill titled the "Protecting Children from Internet Pornographers Act."
Despite its name, the bill has little if anything to do with porn and everything to do with the privacy of Internet users. The bill would require those who offer Internet service for a fee -- wireless and wire line ISPs, hotels, coffee shops and others -- to retain the IP addresses of each of their customers (not just those suspected of child pornography) and the data would be available to all government agents for all investigations, not just those related to child pornography.
One congresswoman on the Judiciary Committee proposed changing the name of bill to the "Keep Every American's Digital Data for Submission to the Federal Government Without a Warrant Act." Elsewhere, it has been called the "Legislation That Could Kill Internet Privacy for Good."
The bill has its share of congressional critics and there was strong bi-partisan opposition to the bill in the committee, including the chairman of the crime subcommittee, Rep. James Sensenbrenner, R-Wis., who argued, "It should be defeated and put in the dustbin of history."
The European Union has had a wildly unpopular data retention law for several years; the law has been successfully challenged on constitutional or human rights grounds in three national courts (in Germany, Romania and the Czech Republic). With that powerful precedent before them and strong opposition among influential House members, maybe the House leadership will think twice before bringing the bill to the floor.