Privacy and the Internet isn’t just about passing any bill to protect email

As the tech industry and the rest of the country continue to – once again – debate the proper balance between privacy for law abiding citizens versus fighting terrorism, much of our current focus has tended to myopically remain on what is the proper Federal public policy regarding encryption.

And yet, as the crypto debate continues to simmer, roiled by every incident anywhere around the globe, the American public is in danger of overlooking another key point in the discussion of privacy and national security in the age of mobile communications.

{mosads}Recently, House Judiciary Chairman Goodlatte (R-Va.) announced a markup of the Email Privacy Act (H.R. 699). On its surface, progress on this issue is not merely timely, but necessary when one realizes the underlying law, the Electronic Communications Privacy Act (ECPA), was enacted in 1986 – before the age of email – let alone cloud-based storage, multi-country cacheing, international-based server clouds and “home bundling” with home phone, multiple mobile devices, television programming and broadband access all provided by a single service.

As our nation evolves further into an online and mobile society, it is important we not simply cede our privacy to Internet marketing in hopes of “free” apps but instead we must proactively preserve our rights granted by the 4th Amendment to the U.S. Constitution. Traditionally, our Federal, State and local governments need to secure a warrant to conduct a criminal search of our materials and possessions – yet in the digital realm this is largely not the case.

As Congress seeks to update the ECPA, there is a lack of specific legal guarantees within H.R. 699 which is frightening for those of us living in the Internet connected digital age. Passage of the Email Privacy Act in its current form would mean our digital 4th Amendment rights would not be protected, but to the contrary reduced yet further. H.R. 699 contains no protections for our email or data residing on servers – temporarily or permanently – based elsewhere around the globe.

We, the digital citizens of the globe, have become used to ready access to our data, email, music and movies from anywhere around the globe – whether we are at home, on vacation on a sunny beach or on a work trip halfway around the globe. Whether to facilitate that speed of access or merely to provide 24/7/365 access to our data, network providers and subscription services often cache multiple copies of that data in multiple locations around the globe.

Network engineering such as this allows us all greater access to our own data. Whether to check our latest order on Amazon or to have access to your XBox games – storing data in multiple locations allows consumers access to their data even when an ice and snowstorm temporarily takes down a company’s regional facility. However this also means that sometimes the data is stored outside the borders of the United States.

Data localization is a regulatory gambit that some other countries use to make certain that their citizens data is always stored and protected within the borders of their countries. The success of the Internet, the innovation and invention of the mobile revolution has been in part because of the unfettered border less platforms that we in the U.S. enjoy. Our laws and regulations have not created such a repressive and controlling data regime – and our laws should not be changed to do so in the future.

The LEADS Act, supported by a bipartisan group of members in both the House and the Senate, creates an avenue for lawful governments from around the globe to access data residing on the servers of American companies – but to do so in a manner which will preserve our privacy and the digital equivalent of our Fourth Amendment rights. Unlike the existing system haphazardly (and now ignored by the Department of Justice) granted through a “mutual legal assistance treaty” (MLAT), the LEADS Act would establish a common form for the foreign governments to use to make requests, create an organized docket system and publish annual statistics of requests made to – and by – the DOJ.

In a democracy such as ours, often the potential for oversight is sufficient to guarantee protect for all. But the annual report allows me comfort, knowing that at least once a year, the Department of Justice’s Inspector General, General Counsel and the various Committees of Congress would have to review the past year’s use.

Horowitz is an independent consultant based inside of the Washington Beltway. He has served as staff for members of both the U.S. House and Senate, including the House Committee on Small Business. He has also served as the assistant administrator for Policy at the U.S. Small Business Administration under President George W. Bush.