Shedding a Little Light on Government Surveillance…And What We Can Do About It

Earlier today, Google released its first transparency report since “Edward Snowden” became a household name.

government requestsThis latest report seems to confirm what American citizens have feared — that increasing federal, state, and local requests show an unmistakable trend towards greater government surveillance in the U.S.  In fact, since Google began publishing transparency reports in 2010, requests from governments for user information have increased by more than 100 percent.

Giving even greater pause, the report suggests that law enforcement is relying more and more heavily on its ability to force companies to turn over information — with or without a warrant.  Since Google’s last report in 2012, the number of requests from law enforcement agencies has increased by 29 percent, consequently increasing the number of accounts impacted by these requests by 47 percent. And those numbers only include the requests that Google is allowed to publicly disclose.

The company’s related blog post emphasized what the company wanted to share, but could not…

redacted

Aside from the obvious implications for FISA court reform, this report serves as an important reminder that the law meant to safeguard electronic communications from government surveillance is woefully out of date.

Enacted in 1986, the Electronic Communications Privacy Act (ECPA) was meant to stop federal agents from extracting electronic information from digital sources without a warrant.  Specifically, the law says that federal investigators need a warrant to access to email, whether the message is in transit or stored on a server.  Sounds fine, right?  The catch: you don’t need a warrant if the email is more than 180 days old.

Now, this worked just fine in 1986, when most Americans had never heard of email and Compuserve dominated the market.  Before the age of free Internet-based email services and cloud-based storage.  Back then, the idea of keeping emails more than 180 days would have sounded crazy to me.  Today, though, the idea of not being able to search years of past email with a few keystrokes makes me twitchy.

ECPA was meant to protect electronic communications, but as technology evolved, it became a massive, gaping loophole for law enforcement.  It’s time to close the gap.

That’s why DMA has made ECPA reform one of its “Five Fundamentals for the Future – a key tenet in our efforts to safeguard the responsible use of data, and the value of the Data-Driven Marketing Economy.  In fact, DMA’s Data Protection Alliance meets tomorrow to discuss how to build greater momentum behind this important legislative priority in both the House and Senate.  And we’re going to keep working until what was intended to be a data protection law is updated to provide true safeguards for the data-driven future.

Your Comment