Congressman Bob Goodlatte (R-VA) is the Chairman of the House Judiciary Committee. In that position of power Rep. Goodlatte will get a chance to weigh on America’s “Privacy” in a big way.
The House Judiciary recently held a hearing titled “Data Stored Abroad: Ensuring Lawful Access and Privacy Protection in the Digital Era” on the idea of just how far around the world U.S. warrants should reach. The Senate had a similar hearing last month titled “Law Enforcement Access to Data Stored Across Borders: Facilitating Cooperation and Protecting Rights.” Hearings are great, but the important thing is the outcome of these hearings. What our Congress does about privacy at home and abroad will directly influence how data is stored worldwide and our everyday lives.
Seizure of data stored overseas is being proposed in the name of fighting crime, yet it could impact the way cloud computing is applied to all Americans. For example, most of us know about and use the cloud, but don’t know how it works.
The clear majority of Americans in general have no idea that their data may be stored in a foreign nation for efficiency. Virginia’s own, Congressman Goodlatte, will play a central role in how this debate plays out for the entire nation and we will plainly see if he is for privacy protections.
For example, a resident of Roanoke who is using cloud computing would expect that the federal government would need to get a warrant to seize his or her data pursuant to U.S. law. A resident of Paris, France would expect that the less stringent laws of France would govern the privacy of data.
They both might be wrong, if that data is held in a foreign land, then the U.S. warrant can’t reach that other country just as the laws of France could not reach data held in the United States. Currently, the U.S. Government simply tries to bully companies into giving up the data of American citizens on a subject of interest all in the name of crime fighting. This inevitably lowers privacy standards for Americans and removes their right to privacy guaranteed by our Fourth Amendment.
The House and Senate hearings shed light on an attempt by the Justice Department to push a change in law to make it easier for the federal government to seize data stored in a foreign nation. The problem is that warrants have not traditionally been allowed to reach foreign lands unless that foreign government has an agreement or agrees to provide data in a time of crisis. Even if a new law is passed, many countries will just say no and ignore the warrants.
Many countries are skeptical of the United States because of the revelations of Edward Snowden and further worried because of recent controversies surrounding the NSA monitoring of political figures on the Donald Trump for President campaign. A push to seize foreign stored data will not inspire confidence when the American national security apparatus is right now mired in controversy.
One concern about allowing the U.S. government more power to go to foreign nations with demands for data is the lack of trust many foreigners have for privacy rights in the United States. Data localization is already an issue and many of these countries will encourage domestic tech companies to set up structures that mirror American companies to avoid jurisdictional issues.
Basically, they don’t trust us with their data and, why should they? They worry that if an American company holds their data, the U.S. government can snoop and see that data of non-American citizens and they may not even need a warrant.
Right now, there is a case being appealed from Second Circuit Court of Appeals to the Supreme Court. In that case, the court ruled against the United States in a case involving Microsoft. The court held that the government can’t compel companies to turn over customer emails stored outside the U.S.
Our laws relating to computer and email privacy are old and outdated. The protection of privacy and the needs of law enforcement require new legal solutions that reflect the world that exists today. Rather than using technologies that existed three decades ago when current law was enacted, the law needs to be updated.
Chris Calabese, Vice President of Policy, Center for Democracy and Technology summed it up like this:
While there is no perfect solution, CDT believes that significant progress toward all three objectives can be made through a package of reforms focused on improvements in four areas:
● Enactment of a strong, privacy protective reciprocal framework for enacting bilateral agreements between nations,
● Improvement to the existing MLAT system,
● Passage of the Email Privacy Act, and
● Adoption of a version of the International Communications Privacy Act (ICPA).
These hearings will serve an important purpose, yet they should not be used to overturn the Microsoft decision with a new statute that violates our privacy. Allowing warrants to reach overseas, without applying the laws of the nation where the data resides, would lead to less privacy. Taking away more of our privacy in this manner will not solve the problem that there needs to be a complete modernization of our current law to address both privacy and law enforcement concerns.