Yesterday, the FTC online privacy report endorsed a “do not track” mechanism for Web browsers. This morning, the Subcommittee on Commerce, Trade and Consumer Protection in the United States House of Representatives will hold a hearing on “Do-Not-Track” legislation. The hearing will e”xamine the feasibility of establishing a mechanism that provides Internet users a simple and universal method to opt-out from having their online activity tracked by data-gathering firms (a.k.a. a ‘Do Not Track List’).”
A livestream of the hearing is available, along with testimony:
The subcommittee has posted a memo that sets the stage for the hearing, which is embedded below. Notably, the document heavily references the Wall Street Journal’s excellent “What Do They Know?” series on digital privacy.
In the Internet age, each keystroke or click of a mouse can betray the most mundane or even sensitive details of our lives, and those details are being collected and packaged into profiles by a data-gathering industry with an increasing hunger for information that can be sold and used to target consumers based on their tastes, needs, and even perceived desirability. Many Americans don’t know that the details of their online lives are being gobbled up and used in this way, much less how to stop it in the event that such collection offends their expectations of privacy.
This summer, the Wall Street Journal began reporting about the online gathering of information about Internet users in an ongoing investigative series called “What They Know.” For its first piece, the Journal uncovered the extent to which Internet users’ activity is being tracked. The Journal found that visiting the top 50 most popular websites in the U.S. resulted in the placement on a single test computer of 2,224 files by 131 companies that track Internet users’ activity across the Internet. In addition, not only is tracking of Internet users pervasive, but it has become more invasive through the use by some in the tracking industry of more sophisticated technologies that can keep tabs on an Internet users activity on a website (rather than collecting just the fact that the website was visited) and some can even re-spawn themselves if an Internet user tries to delete them.
If you haven’t read the series, take some time over the weekend or holiday. And if you’re interested in what the federal government is considering in the context of digital privacy, tune in to the livestream and follow the #DNTrack hashtag on Twitter for the live backchannel. http://widgets.twimg.com/j/2/widget.js //
The Federal Trade Commission released an online privacy report today that will reshape how companies, consumers and businesses interact on the Internet. The agency will take questions from reporters at 1 PM EST and from the public on Twitter in its first Twitter chat at 3 PM EST. The recommendation that “companies should adopt a ‘privacy by design’ approach by building privacy protections into their everyday business practices” is a key direction to every startup or Global 1000 corporation that comes under the FTC’s purview as the nation’s top consumer protection regulator.
The new FTC privacy report proposes a framework that would “balance the privacy interests of consumers with innovation that relies on consumer information to develop beneficial new products and services,” according to the agency’s statement, and recommends the implementation of a “Do Not Track” mechanism, which the agency describes as “a persistent setting on consumers’ browsers – so consumers can choose whether to allow the collection of data regarding their online searching and browsing activities.”
“Technological and business ingenuity have spawned a whole new online culture and vocabulary – email, IMs, apps and blogs – that consumers have come to expect and enjoy. The FTC wants to help ensure that the growing, changing, thriving information marketplace is built on a framework that promotes privacy, transparency, business innovation and consumer choice. We believe that’s what most Americans want as well,” said FTC Chairman Jon Leibowitz.
The report states that industry efforts to address privacy through self-regulation “have been too slow, and up to now have failed to provide adequate and meaningful protection.” The framework outlined in the report is designed to reduce the burdens on consumers and businesses.
“This proposal is intended to inform policymakers, including Congress, as they develop solutions, policies, and potential laws governing privacy, and guide and motivate industry as it develops more robust and effective best practices and self-regulatory guidelines,” according to the report, which is titled, “Protecting Consumer Privacy in an Era of Rapid Change: A Proposed Framework for Businesses and Policymakers.”
“Self-regulation has not kept pace with technology,” said David Vladeck, director of the FTC’s Consumer Protection Bureau, speaking this morning about the proposed online privacy rules. “We have to simplify consumer choice and ‘do not track’ will achieve that goal,” he said. “I don’t think that under the FTC authority we could unilaterally mandate ‘do not track.'”
One of the nation’s top technology policy advocates approved. “The FTC report hits all the right notes. It sets out a modern and forward looking framework for privacy protection that moves beyond a narrow focus on notice and choice toward a full set of fair information practices and accountability measures,” said Center for Democracy and Technology president Leslie Harris. “The FTC has provided the blueprint. Now it is time for Congress and industry to follow suit.”
“We are very pleased to see the FTC exerting strong leadership on privacy,” said CDT Privacy Project Director Justin Brookman. “This report should bolster efforts to enact a privacy bill next Congress. Its recommendations are consistent with what is being discussed on the Hill.”
In a novel move, the FTC tweeted out “key points” from the report, embedded below, using @FTCGov.
“FTC proposes new framework 2 guide policymakers & industry as they develop legislation & other solutions. Self-regulation on privacy has been too slow. Important privacy choices should be presented in relevant context, not buried in privacy policy. Baseline protections of FTC’s proposed framework include reasonable security & accuracy, confidence that data collected or kept only 4 legitimate needs & privacy considered at every stage of product development. Privacy notices should be clearer, shorter & more standardized to better understand privacy practices & promote accountability. Consumers should have reasonable access to data upon request. Commission supports a more uniform mechanism for behavioral advertising: a so-called “Do Not Track”. Do Not Track could signal consumer’s choices about being tracked & receiving targeted ads.”
Below are the prepared remarks of the FTC chairman, followed by a liveblog of the press call. Audio of the FTC online privacy press call is available as an MP3.
The FTC has issued a privacy advisory for tomorrow, stating that FTC chairman Jon Leibowitz, Jessica Rich, deputy director of the Bureau of Consumer Protection, and Edward W. Felten, the FTC’s new chief technologist, will answer reporters’ questions “about a new FTC report on privacy that outlines a framework for consumers, businesses and policymakers.”
This FTC online privacy report will be one of the most important government assessments this year. Look for widespread reaction to its contents across industry and technology media. Particular attention likely be paid to two events here in Washington:
Will online privacy look different by the end of the day? As Jamie Court, Author, President of Consumer Watchdog, wrote in the Huffington Post:
There are few issues 9 out of 10 Americans agree on. A Consumer Watchdog poll shows that 90% of Americans agree it is important to protect their privacy online. 86% want a “make me anonymous” button and 80% want the creation of a “do not track me” list online that would be administered by the Federal Trade Commission.
The release of the FTC online privacy report also comes with a new media twist: According to @FTCGov, the agency’s Twitter account, the nation’s top regulator will also host its first Twitter chat at 3 PM. It remains to be seen how civil citizens are in the famously snarky medium. The agency has suggested the #FTCpriv hashtag to aggregate tweets. UPDATE: Although the White House OpenGov account and FTC tweeted on Wednesday that the chat would be at #FTCpriv hashtag, not #FTCpriv, the chat ended up being at the original hashtag.
Breaking News! Tomorrow we will release our #privacy report & host our 1st Twitter Chat to answer Qs. More details to come. #FTCprivless than a minute ago via webFTC
FTCgov
Aeschylus wrote nearly 2,500 years ago that in war, “truth is the first casualty.” His words are no doubt known to another wise man, whose strategic “maneuvers within a changing information environment” would not be an utterly foreign concept to the Greeks in the Peloponnesian War. Aeschylus and Thucydides would no doubt wonder at the capacity of the Information Age to spread truth and disinformation alike. In November 2010, it’s clear that legitimate concerns about national security must be balanced with the spirit of open government expressed by the Obama administration.
The issues created between Wikileaks and open government policies are substantial. As Samantha Power made clear in her interview on open government and transparency: “There are two factors that are always brought to bear in discussions in open government, as President Obama has made clear from the day he issued his memorandum. One is privacy, one is security.”
As the State Department made clear in its open letter to Wikileaks, the position of the United States government is that the planned release of thousands of diplomatic cables by that organization today will place military operations, diplomatic relationships and the lives of many individuals at risk.
As this post went live, the Wikileaks website is undergoing a massive distributed denial of service (DDoS) attack, though the organization’s Twitter account is far from silenced. A tweet earlier on Sunday morning noted that “El Pais, Le Monde, Speigel, Guardian & NYT will publish many US embassy cables tonight, even if WikiLeaks goes down.”
In fact, Wikileaks’ newest leak, through the early release of Der Spiegel, had long since leaked onto Twitter by midday. Adrien Chen’s assessment at Gawker? “At least from the German point of view there are no earth-shattering revelations, just a lot of candid talk about world leaders.”
The New York Times offered a similar assessment in its own report on Wikileaks, Cables Shine Light Into Secret Diplomatic Channels: “an unprecedented look at backroom bargaining by embassies around the world, brutally candid views of foreign leaders and frank assessments of nuclear and terrorist threats.”
The Lede is liveblogged reaction to Wikileaks at NYTimes.com, including the statement to Fareed Zakaria by the chairman of the Joint Chiefs of Staff, Admiral Mullen, that “the leak would put the lives of some people at risk.”
Despite that dire warning, Robert Gates, the defense secretary, told Congress in October that a Pentagon review “to date has not revealed any sensitive intelligence sources and methods compromised by the disclosure,” of the war logs by WikiLeaks.
The Guardian put today’s release into context, reporting that the embassy cable leaks sparks a global diplomatic crisis. Among other disclosures, the Guardian reported that the cables showed “Arab leaders are privately urging an air strike on Iran and that US officials have been instructed to spy on the UN’s leadership … a major shift in relations between China and North Korea, Pakistan’s growing instability and details of clandestine US efforts to combat al-Qaida in Yemen.” The Guardian’s new interactive of diplomatic cables is one of the best places online to browse the documents.
Is the “radical transparency” that Wikileaks both advocates for – and effectively forces – by posting classified government information “open government?” The war logs from Afghanistan are likely the biggest military intelligence leak ever. At this point in 2010, it’s clear that Wikileaks represents a watershed in the difficult challenge to information control that the Internet represents for every government.
On the one hand, Open Government Directive issued by the Obama administration on December 8, 2009 explicitly rejects releasing information that would threaten national security. Open government expert Steven Aftergood was crystal clear in June on that count: Wikileaks fails the due diligence review.
On the other hand, Wikileaks is making the diplomatic and military record of the U.S. government more open to its citizens and world, albeit using a methodology on its own site that does not appear to allow for the redaction of information that could be damaging to the national security interests of the United States or its allies. “For me Wikileaks is open govt,” tweeted Dominic Campbell. “True [open government] is not determined and controlled by govts, but redistributes power to the people to decide.”
The New York Times editorial board explored some of these tensions in a note to readers on its decision to publish Wikileaks.
The Times believes that the documents serve an important public interest, illuminating the goals, successes, compromises and frustrations of American diplomacy in a way that other accounts cannot match… The Times has taken care to exclude, in its articles and in supplementary material, in print and online, information that would endanger confidential informants or compromise national security. The Times’s redactions were shared with other news organizations and communicated to WikiLeaks, in the hope that they would similarly edit the documents they planned to post online.
…the more important reason to publish these articles is that the cables tell the unvarnished story of how the government makes its biggest decisions, the decisions that cost the country most heavily in lives and money. They shed light on the motivations — and, in some cases, duplicity — of allies on the receiving end of American courtship and foreign aid. They illuminate the diplomacy surrounding two current wars and several countries, like Pakistan and Yemen, where American military involvement is growing. As daunting as it is to publish such material over official objections, it would be presumptuous to conclude that Americans have no right to know what is being done in their name.
It seems that the Times and Guardian decided to make redactions from the diplomatic cables before publication. It’s not clear how that will compare to what will be posted on Wikileaks.org alongside the War Logs and Afghan Diaries.
Open government, radical transparency and the Internet
More transparency from the military, Congress and the White House regarding the progress of wars is important, desirable and perhaps inevitable. Accountability to civilian leadership and the electorate is a bedrock principle in a representative democracy, not least because of the vast amounts of spending that has been outlaid since 9/11 in the shadow government that Dana Priest reported out in Top Secret America in the Washington Post.
Wikileaks and the Internet together add the concept of asymmetric journalism to the modern media lexicon. File asymmetric journalism next to the more traditional accountability journalism that Priest practices or the database journalism of the new media crew online at the Sunlight Foundation and similar organizations are pioneering.
As Tim O’Reilly tweeted, “wikileaks *challenges* [open government government 2.0] philosophy. Challenges are good if we rise to them.” No question about the former point. Governments that invest in the capacity to maneuver in new media environment might well fare better in the information warfare the 21st century battlefield includes.
Open government is a mindset, but goes beyond new media literacy or harnessing new technologies. The fundamental elements of open government, as least as proposed by the architects of that policy in Washington now, do not include releasing diplomatic cables regarding espionage or private assessments of of world leaders. Those priorities or guidelines will not always be followed by the governed, as Wikileaks amply demonstrates.
Increasingly, citizens are turning to the Internet for data, policy and services. Alongside the efforts of government webmasters at .gov websites, citizens will find the rich stew of social media, media conglomerates or mashups that use government and private data. That mix includes sites like Wikileaks, its chosen media partners, the recently launched WLCentral.org or new models for accountability like IPaidABribe.com.
That reality reinforces that fact that information literacy is a paramount concern for citizens in the digital age. As danah boyd has eloquently pointed out, transparency is not enough. The new media environment makes such literacy more essential than ever, particularly in the context of the “first stateless news organization” Jay Rosen has described. There’s a new kind of alliance behind the War Logs, as David Carr wrote in the New York Times.
There’s also a critical reality: in a time of war, some information can and will have to remain classified for years if those fighting them are to have any realistic chances of winning. Asymmetries of information between combatants are, after all, essential to winning maneuvers on the battlefields of the 21st century. Governments appear to be playing catchup given the changed media environment, supercharged by the power of the Internet, broadband and smartphones. This year, we’ve seen a tipping point in the relationship of government, media and techology.
Comparing the Wikileaks War Logs to the Pentagon Papers is inevitable — and not exactly valid, as ProPublica reported. It would be difficult for the military to win battles, much less wars, without control over situational awareness, operational information or effective counterintelligence.
Given the importance of the ENIGMA machine or intercepts of Japanese intel in WWII, or damage caused by subsequent counterintelligence leaks from the FBI and elsewhere, working to limit intelligence leaks that damage ongoing ops will continue to be vitally important to the military for as long as we have one. Rethinking the definitions for secrecy by default will also require hard work. As the disclosures from the most recent release continue to reverberate around the globe, the only certainty is that thousands of State Department and Defense Department workers are going to have an extra headache this winter.
“The single best thing we could do in open government is to get the American people engaged in the question of what high value data is,” said Aneesh Chopra, the first United States chief technology officer, speaking at this morning’s Politico “What’s Next in Tech” forum in Union Station. Video is below:
In an interview with Politico’s technology editor, Kim Hart, Chopra looked back at the lessons learned from his first two years on the job and ahead, appropriately, to what to expect in tech policy from the Obama administration. They covered a lot of ground, from open government successes to what’s next in Congress (hint: watch the push to open up spectrum for first responders) to supporting entrepreneurial growth.
Lessons learned
What were Chopra’s lessons learned? He offered up three examples.
First, with support from the President, Chopra said that they’ve been able to open up discussion and build trusted relationships across the federal government, which has been “critical” to improving the way technology could be used and the long term policy posture.
Second, with that support, he’s been surprised on seeing the pace of response become fast. There’s a “lesson on balance of getting long term balance, versus getting results in 90 days,” he said, referring to the turnaround on projects like HealthCare.gov.
Third, Chopra emphasized the role of “government as a convener,” where the administration can use its influence to bring people together to accomplish goals with technology without new regulations or legislation.
Working tech policy levers
What are the levers that the first US CTO has worked to try to galvanize action on the administration’s priorities?
First, a commitment to openness. From Manor, Texas, to inner cities, “people have found ways to tap into info in ways that helps them do something different,” said Chopra, speaking to the phenomenon of Gov 2.0 going local. “85 to 90% of that activity is happening in places we wouldn’t have imagined,” not gathering in Washington.
Second, Chopra cited the White House’s work towards “voluntary, consensus-driven standards,” noting that he was ” very proud of the work on NHIN Direct.”
Finally, Chopra noted that there’s some $150 billion spent on research and development every year, which offers a number of ways to push forward with innovation in priorities like healthcare IT, energy, smart grid or communications.
Making meaningful use modular
Given the new Congress coming in to Washington, Chopra’s description on the bipartisan agreement on tech policy from his time in Virginia under Republican leadership has to be more than a little strategic. He talked about “getting to the right answer,” referring back to an former manager, David Bradley, and his management strategy of “True North.”
That approach will be rested in the next Congress, on rulemaking. and in moving forward with the tech policy decisions. Outside of the healthcare bill that President Obama signed into law, which continues to meet with significant opposition in Congress, Chopra noted that “healthcare is signature part of President’s agenda,” specifically advanced by more than 20 billion dollars in Recovery Act spending on healthcare IT.
Chopra looked back at two decisions related to approaching technology policy a bit differently. “Rather than walking into Best Buy and buying software, we created more flexible standards for meaningful use,” he said. As a result, “entrepreneurs that never thought of themselves as EMR companies are entering the market.”
The decision to make meaningful use more modular was also significant, asserted Chopra. “We opened up the regulatory regime so you could certify each and every regulatory module.”
In aggregate, Chopra associated that R&D investment, work to convene conversations, open up data and create more flexible regulatory regimes with a better outcomes: venture capital investment in HIT going up by 39%, citing a statistic from the National Venture Capital Association.
How did Chopra respond? He asked for more criticism, responding that you “must listen to people who are frustrated” and consider that much of the tech platform is in the space “where the plane is yet to land.” If you go through campaign promises, and look at executive ability to move the needle on different areas, Chopra asserted that the
biggest part of that – open government – has gone ahead. “It’s not ‘mom and apple pie perfect’,” he said, but they’re proud of delivering on 90 day deliverables like standards, or websites.
Part of the challenge of delivering on campaign promises is that budgetary or legislative action requires different stakeholders, observed Chopra, a reality that will become even more sharply defined in the next Congress. “The Recovery Act is a unique moment in time,” which, as he argued is “overwhelmingly the vehicle for campaign promises” in health IT and clean tech.
What’s next in United States technology policy?
First, it’s clear that Chopra and the Obama administration is thinking about online privacy, with the recently announced Internet privacy committee. There are open questions about how much portfolio, budget, subpoena power or other authority any new position would hold, but it’s an area to watch. Chopra said that he had met with Representative Bob Goodlatte (R-VA) and had found him supportive of privacy policy.
Chopra also met with Representative Darrell Issa (R-CA), who is very supportive of increased government transparency through technology. Issa, a successful technology entrepreneur, is one of the most knowledgeable members of Congress when it comes to technology. Whatever comes out of his his legislative staff, or the new House Oversight committee, which he will chair, could represent a step forward for open government after the 2010 election.
Chopra also emphasized “modest but significant actions” that could improve the conditions for tech entrepreneurs in the United Stats, from open government data to regulatory action to smart grid or support for new learning technologies. On that count, Chopra offered up a “scoop” to Kim Hart, observing that the next area where he will focus on driving innovation will be into learning technologies, with more news coming at a Brookings Institute event in December.
The top opportunities that Chopra sees for entrepreneurs are in healthcare and energy, the former of which is already becoming hot with more healthcare apps provisioned with open healthcare data
“One policy lever is the role of public-private partnerships,” observed Chopra, highlighting the growth in STEM education, with over half a billion dollars in investment. “It’s not the money, it’s the platforms,” he said.
Chopra fielded a question Congressman Wu (D-OR), the current chairman of the House technology and innovation committee. After a discursion into what went wrong for the Democratic Party in the midterm, Wu asked what the next priority will be for Congress and Chopra to work together upon. His answer was simple: spectrum policy, emphasizing voluntary processes for formulating solution. The priority, he said, was to get a broadband network for public safety that’s interoperable for first responders.
Finally, Chopra talked about the story of the Alfred brothers, who founded Brightscope in California in 2008. The story of Brightscope is important: data driving the innovation economy. They knew about key data on 401(k) plan fees at the Department of Labor, worked hard to liberate it and now have a successful, growing startup as a result.
Yesterday, the U.S. Navy publicly released its new social media handbook. The updated guide, embedded, below provides sailors with a guide secure use of Facebook, Twitter and the rest of the networked world.
“The rapid growth of social media platforms and technologies have flattened and democratized the communications environment in ways we are just beginning to comprehend,” says D. J. Moynihan, Navy chief of information, in the introduction. “Social media is an effective channel to communicate relevant, aligned and targeted information to the stakeholders that we want to reach, including some we have had a hard time reaching before. As with the advent of other communication technologies – phone, fax, websites – we must exercise caution to use these tools safely and effectively, and we must educate our Soldiers and families to do the same.”
This handbook should make for good weekend reading. As I thought about what it means to have more sailors online, I couldn’t help but recall an apt mock WWII propaganda poster by Brian Lane Winfield Moore: “Loose tweets sink fleets.”
Steady as she goes, gentleman. You don’t have to sit in a crow’s nest to see the need to take care with the new media platforms.
UPDATED: The L.A. Times called the Navy’s new social media policy “required reading for political campaigners.” Craig Howie compared these new rules of engagement for a virtually enhanced battlefield to the campaign front. The metaphor is probably inevitable in this heated election season, and given the advice in the handbook, useful.
The statements of the witnesses before the Senate from the Commerce Department, Justice Department and witnesses are embedded in ths post. Below, find an exclusive interview with digital privacy and security researcher Chris Soghoian, who until recently was the resident geek at the Federal Trade Commission, and some context on “Digital Due Process,” the coalition of industry and privacy advocates advocating for an ECPA update.
“From the perspective of industry and definitely the public interest groups, people shouldn’t have to consider government access as one of the issues when they embrace cloud computing,” said Soghoian. “It should be about cost, about efficiency, about green energy, about reliability, about backups, but government access shouldn’t be an issue.”
While the tech blogosphere may be focused on Twitter, Facebook and inside baseball among the venture capitalists of Silicon Valley’s today, the matter before Congress should be earning more attention from citizens, media and technologists alike. Over at Forbes, Kashmir Hill made the case that industry will benefit from a clearer Electronic Communications Privacy Law. Take it one step further: updates to the ECPA have the potential to improve the privacy protections for every connected citizen, cloud computing provider or government employee. As she pointed out there:
One of the most egregious ECPA issues is how it treats the protection of email. “Why should email in someone’s inbox be treated different from something in someone’s sent folder?” asked Smith [Microsoft’s general counsel]. “Why is something unread in my junk folder subjected to greater privacy than something read in my inbox? Why does an email I sent in April have fewer privacy protections than one I sent in September?”
It’s important to be clear: Congress is unlikely to move on updating ECPA before the mid-term elections or in the lame duck session. That said, the hearing in the Senate today and the hearing on ECPA reform and the revolution in cloud computing in the House of Representatives tomorrow will inform any legislative action in the next Congress.
When Congress enacted ECPA in 1986, we wanted to ensure that all Americans would enjoy the same privacy protections in their online communications as they did in the offline world, while ensuring that law enforcement had access to information needed to combat crime. The result was a careful, bipartisan law designed in part to protect electronic communications from real-time monitoring or interception by the Government, as emails were being delivered and from searches when these communications were stored electronically. At the time, ECPA was a cutting-edge piece of legislation. But, the many advances in communication technologies since have outpaced the privacy protections that Congress put in place.
Today, ECPA is a law that is often hampered by conflicting privacy standards that create uncertainty and confusion for law enforcement, the business community and American consumers.
For example, the content of a single e-mail could be subject to as many as four different levels of privacy protections under ECPA, depending on where it is stored, and when it is sent. There are also no clear standards under that law for how and under what circumstances the Government can access cell phone, or other mobile location information when investigating crime or national security matters. In addition, the growing popularity of social networking sites, such as Facebook and MySpace, present new privacy challenges that were not envisioned when ECPA was passed.
Simply put, the times have changed, and so ECPA must be updated to keep up with the times. Today’s hearing is an opportunity for this Committee to begin to examine this important issue.
“There does seem to be wide agreement that current ECPA standards are a muddled mess,” said Julian Sanchez, a research fellow at the libertarian Cato Institute, and contributing editor for Reason Magazine. “The fear about “uncertainty” expressed by Baker is ridiculous when you consider the scholarly consensus and the evident confusion in the courts trying to apply it. In reality, DOJ finds the ambiguity convenient, since they can jurisidiction-shop for magistrates whose interpretations they find congenial.”
Justice Brandeis famously called privacy “the most comprehensive of rights, and the right most valued by a free people.” The Fourth Amendment embodies this right, requiring a judicial warrant for most searches or seizures, and Congress has enacted numerous laws affording privacy protections going beyond those mandated by the Constitution.
In setting rules for electronic surveillance, the courts and Congress have sought to balance two critical interests: the individual’s right to privacy and the government’s need to obtain evidence to prevent and investigate crimes, respond to emergency circumstances and protect the public. More recently, as technological developments have opened vast new opportunities for communication and commerce, Congress has added a third goal: providing a sound trust framework for communications technology and affording companies the clarity and certainty they need to invest in the development of innovative new services.
Today, it is clear that the balance among these three interests – the individual’s right to privacy, the government’s need for tools to conduct investigations, and the interest of service providers in clarity and customer trust – has been lost as powerful new technologies create and store more and more information about our daily lives. The protections provided by judicial precedent and statute have failed to keep pace, and important information is falling outside the traditional warrant standard.
The personal and economic benefits of technological development should not come at the price of privacy. In the absence of judicial protections, it is time for Congress to respond, as it has in the past, to afford adequate privacy protections, while preserving law enforcement tools and providing clarity to service providers.
The American Civil Liberties Union also had specific recommendations for Congress on ECPA reform. “The Electronic Communications Privacy Act was written in 1986 before the Web was even invented and is in desperate need of an upgrade,” said Laura W. Murphy, Director of the ACLU Washington Legislative Office. “While Americans have embraced technology as an essential part of everyday life, they have not surrendered their fundamental right to privacy. Congress must ensure that our privacy laws reflect the technology Americans use every day.”
The testimony of the ACLU on ECPA reform is embedded below:
Earlier this year, I reported on the launch of DigitalDueProcess.org, a coalition pushing for an ECPA update for online privacy in cloud computing age. A powerful collection of organizations has been pushing for an update to ECPA. Members of the coalition include Google, Microsoft, AT&T, AOL, Intel, the ACLU and the Electronic Frontier Foundation. The guidance from the coalition would enshrine principles for “digital due process,” online privacy and data protection in the age of cloud computing within an updated ECPA.
The coalition set up a website, DigitalDueProcess.org, containing its proposals for updating ECPA in the face of new cloud computing security and online privacy challenges. Google Public Policy released a video, embedded below, describing the concept of “digital due process,”
E Pluribus Unum 