Congress must restore 4th Amendment protections for email privacy

Tech
Tech

It ought to bother us that in the case of most of the recent terror attacks in the United States, law enforcement knew the people involved.

Omar Mateen, who killed 53 in a gay bar in Orlando, had been questioned twice after people from his mosque told the FBI he had become dangerously radicalized. Russia had warned the FBI and CIA to beware of the Tsarnaev brothers who bombed the Boston Marathon. 

{mosads}The man who tried to shoot up a meeting of Jewish activists in Garland, Texas, had been arrested and released, but then police failed to monitor him.

 

“We knew him. We had investigated him. We had put him in jail,” Kentucky Sen. Rand Paul noted. Yet we did not closely monitor him after all of this, largely because we were too busy with searching the entire country’s electronic communications.

Paul raised points privacy advocates have wrestled with for some time. Why didn’t we realize these were the people who posed the most serious threats? How can we help law enforcement determine which of all the suspected terrorists it monitors is most likely to launch an attack? Are we watching closely enough or perhaps too closely? Would we notice more if we watched less?

These questions will be at the forefront in coming weeks when Congress takes up legislation to update the Electronic Communications Privacy Act. Such laws always attempt to balance legitimate security needs against Americans’ right to privacy in their own affairs. In this case, it seems America’s security would be enhanced if it gave Americans back their right to email in private.

The previous two presidential administrations viewed the 1986 law as a license to snoop into whole classes of emails without a warrant – as long as the email is 180 days old or more. And the results have not been edifying.

This random searching for the right combination of words to trigger further surveillance measures is itself an imprecise science, and one National Security Agency blogger estimated that reading all of America’s email generates 10,000 misfires for every hit. Not for nothing has National Law Review named this problem the top privacy issue of 2017. 

Additionally, unfettered access to private emails does not seem to comport with the Fourth Amendment protections against search and seizure without a duly sworn warrant.

Congress is attempting to fix the problem by restoring the Fourth Amendment. The Email Privacy Act, just re-introduced in the new Congress by Reps. Kevin Yoder (R-Kansas) and Jared Polis (D-Colo.) would force the government to obtain an individualized warrant before searching anyone’s email. 

Similar legislation, with more than 300 co-sponsors, passed the House last April by a 419-0 vote. It stalled in the Senate after controversial amendments were added, but Sens. Chris Coons, D-Del., and Orrin Hatch, R-Utah, plan to reintroduce it in this Congress. 

An update for ECPA has long been in order. “After spending two decades in the technology sector where things evolve at light speed, it is hard to believe that we’re starting another year with laws that were written for how computing worked in the 1980s, said Rep. Suzan DelBene (D-Wash.), a former Microsoft VP. 

But the impetus for action by Congress is a case in which the government ordered Microsoft to turn over emails stored on a server in Ireland. Although the courts ruled in Microsoft’s favor, the DOJ appealed the decision. This week, a federal appeals court affirmed that law enforcement cannot demand emails stored outside the country.

The Senate legislation, called the International Communications Privacy Act, would codify the court decision and require a specific search warrant for turning over emails to the government. It also would create a clear legal framework for law enforcement to obtain electronic communications of people in the United States, regardless of where those communications are housed and would allow law enforcement to obtain electronic communications relating to foreign nationals in some circumstances.

The legislation also would reform the Mutual Legal Assistance Treaty process and establish that data providers should not be subject to data localization requirements, which Hatch says are incompatible with the speed, innovation and borderless nature of the Internet. 

Mary Jo White, the head of the Securities and Exchange Commission, asked senators to consider exempting the SEC from the warrant requirement because it can’t get the FBI to request warrants on its behalf and it sometimes conducts civil investigations with no offsetting criminal investigation and thus has no opportunity to request warrants.

But an exception for the SEC means an exception for the IRS and a few other agencies, and thus should be opposed.

This is a situation where Congress seems largely on the same page, but no one is sure what President Trump will do with such legislation. He has vowed to cut regulation but has expressed support for providing strong anti-terrorism tools to foreign and domestic police. 

But a general search not only is precisely what the Constitution forbids, it creates a lot of useless leads law enforcement has to follow. It will keep us safer from both overweening government and enemies abroad if Congress can get reform over the finish line.

Brian McNicoll is a former director of communications for the House Committee on Oversight and Government Reform and a former senior writer for the conservative Heritage Foundation.


The views expressed by contributors are their own and are not the views of The Hill.

Tags Brian McNicoll Chris Coons cybersecurity ECPA Kevin Yoder Orrin Hatch Rand Paul Suzan DelBene Technology

Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

Most Popular

Load more