Congress must update our outdated privacy laws
Today I appeared as a witness before the U.S. House Judiciary Committee Hearing on “International Conflicts of Law and their Implications for Cross Border Data Requests by Law Enforcement.”
You can see my opening statement to the Committee below, and read my written testimony on the Judiciary Committee website.
In my testimony I made the case that the increasing use by governments of unilateral legal process – rather than international process – to obtain digital data is creating real problems and these problems are quickly getting worse.
While we talked at length with the committee about the problems, we also talked about concrete steps that can move us forward. These include modernization of Mutual Legal Assistance Treaties and creating new international legal frameworks that are built for the 21st century.
But at the heart of this discussion is the need for Congress to update outdated privacy laws.
The Electronic Communications Privacy Act (ECPA) is one of the critical laws governing digital privacy. As I pointed out, when the U.S. House of Representatives passed that bill by voice vote on June 23, 1986, Ronald Reagan was president, Tip O’Neill was Speaker of the House, and Mark Zuckerberg was 2 years old. Obviously technology has come a long way in the last 30 years. To illustrate that point, I showed the committee a 1986 IBM PC that represented the state of the art in technology when ECPA was passed, and contrasted that with the capability of a modern device like the Microsoft Surface Pro.
It’s clear that a law written 30 years ago wasn’t designed for the technology of today and undermines both privacy and public safety. Technology has moved forward. Now the law needs to catch up.