If you store sensitive files on your personal computer which law enforcement authorities wish to examine, they generally cannot do so without first obtaining a search warrant based upon probable cause. But what if you store personal information online—say, in your Gmail account, or on Dropbox? What if you’re a business owner who uses Salesforce CRM or Windows Azure? How secure is your data from unwarranted governmental access?
Both the U.S. Senate and the House of Representatives are investigating these crucial questions in two separate hearings this week. Congress hasn’t overhauled the privacy laws governing law enforcement access to information stored with remote service providers since 1986. The Electronic Communications Privacy Act (ECPA), the key federal law governing electronic privacy, has grown increasingly out of touch with reality as technology has evolved and Americans have grown increasingly reliant on cloud services like webmail and social networking. As a result, government can currently compel service providers to disclose the contents of certain types of information stored in the cloud without first obtaining a search warrant or any other court order requiring the scrutiny of a judge.
Thus, the Competitive Enterprise Institute has joined with The Progress & Freedom Foundation, Americans for Tax Reform, Citizens Against Government Waste, and the Center for Financial Privacy and Human Rights in submitting a written statement to the U.S. Senate and House Judiciary Committees urging Congress to reform U.S. electronic privacy laws to better reflect users’ privacy expectations in the information age. The groups also belong to the Digital Due Process coalition, a broad array of public interest organizations, businesses, advocacy groups, and scholars who are working to strengthen U.S. privacy laws while also preserving the building blocks of law enforcement investigations.