Home > Uncategorized > Digital Due Process and the 3rd Branch

Digital Due Process and the 3rd Branch

This week, we welcome a new member to the tech policy family – Digital Due Process, a concept conceived and birthed by an extensive coalition of academics, corporations and think tanks.  The goal of the effort is to reform certain aspects of our electronic surveillance laws, specifically the Electronic Communications Privacy Act (ECPA), that regulate how the government gains access to private data.  By doing so, the coalition hopes for legislation that will guarantee a certain amount of due process and privacy protection for the vast amounts of data – emails, photos, music – that private citizens upload to the cloud every day through email and social networking services.

A group of notable academics, companies (AOL, Google and Microsoft) and think tanks (EFF, CDT, PFF) working together is news in and of itself.  It’s clear however that the time has come to reform ECPA, a statute that was first passed in 1986, several years before commercial Internet activity was a reality (for more, check out the coalition’s white paper or my previous blog on the subject).  The law has simply become – in the words of both Senator Patrick Leahy and the EFF’s Kevin Bankston – “woefully outdated.”

Senator Leahy weighed in of course, because the goal of this effort is to get Congress to pass legislation that will reform the ECPA provisions having to do with government access to data.  According to his press release, Senator Leahy welcomes the opportunity to explore the privacy and law enforcement concerns with the current version of ECPA. It’s unlikely, however, that ECPA reform legislation will be enacted this year – with the mid-term elections looming, and with other tech policy issues such as net neutrality still simmering on Congress’ back burner.  It’s also uncertain what support, if any, the coalition’s proposals will have from law enforcement. For the most part, the coalition’s proposals focus on stored data – and will not interfere with the government’s ability to gain access to real-time communications under the Wiretap Act.

But, as Declan McCullagh points out, law enforcement’s position may differ from the administration’s position, as echoed by Candidate Obama in his campaign promise to strengthen privacy protections in the digital age.

By the way, the coalition’s proposals, which you can read in depth here, focus on government access to both electronic communications and important data such as subscriber information.  It also proposes to update ECPA’s requirements for access to location data – particularly important given the DOJ’s argument, made recently, that it does not need a warrant to track cell phone location data.

What I find intriguing is the precedent this effort could establish in defining a right to privacy for data – regardless if access is by the government or by a third party. In his campaign promise on privacy, the President also talked about using “the power of technology to hold government and business accountable for violations of personal privacy.”  Indeed, if the coalition’s efforts are successful, some of its members may themselves be subject to lawsuits with ECPA-based claims.  Congressional legislation will likely include some provision for regulating access to data by private parties, not just government.  This could lead to expanded causes of action against some of the very companies that are advocating for ECPA reform. Perhaps these companies realize and accept this inevitability– because even with the threat of additional litigation and regulatory actions in the near term, the ultimate goal is a reality where people are aware of the value of their personal data and are also willing to entrust that data to the provider who guards it most carefully.  As many of the coalition member companies argue, user trust is the keystone to a functional digital ecosystem.

Congress has not really tackled the issue of data privacy (yet), but the other two branches of government have encountered it in some form or the other. The administration continues to forge ahead with its ideal of individualized control over personal data – as seen most recently in the FCC’s Broadband plan, which contains a number of provisions aimed at giving private citizens more control over their online data profiles.  On the other end of the spectrum, courts continue to wrestle with the 4th Amendment third-party doctrine, and whether there is an expectation of privacy in data that an individual creates, and then hands over to a third party (ISP, etc.) for distribution or storage.

How will Congress handle the issue?  Painfully and slowly, I suspect.  At least the debate has started.  Let the shaping begin.

Categories: Uncategorized Tags: , ,
  1. May 31, 2010 at 5:46 pm

    Every time I come to thebalanceact.wordpress.com you have another fascinating article up. A friend of mine was talking to me about this topic several weeks ago. I think I will e-mail them the link here and see what they say.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: