Rep. Boucher, D-Va., is vowing to bring up privacy legislation in the House next year – regardless of which party ends up in control after the elections. Last week, CCIA submitted a statement for the Senate Judiciary Committee’s hearing on how to update the Electronic Communications Privacy Act for the digital age. CCIA’s statement focuses on how and why ECPA must be updated to accommodate new and increasingly prevalent technologies such as geolocational information and cloud computing. These new technologies offer great opportunities for users, but also subject their personal information to uncertain and unclear privacy protections.
CCIA’s concern is Internet users won’t fully adopt and implement new and valuable technologies, unless privacy rights get more clarity than ECPA currently provides.
As mobile devices become more engrained in people’s everyday lives, information concerning their real-time location, movement and patterns becomes readily available for tracking. Service providers understand that such information is especially attractive to government agencies in relation to criminal investigations and prosecutions.
However, CCIA noted that ECPA currently lacks a clear standard of when service providers must hand over subscribers’ geolocational information to law enforcement. Instead, companies are left without clear guidance as to how to balance law enforcement needs with the privacy needs and expectations of its customers.
CCIA also emphasized that the need for clarity in ECPA is accentuated by the judiciary’s reluctance to apply the Fourth Amendment to electronic communications. This is because, without Fourth Amendment protections, electronic communications are left only with the statutory protections of ECPA.
The statement also points to the problems created by consumer and enterprise users’ uncertainty and resulting skepticism. Broadband adoption will be hindered if consumers lack confidence in the privacy protections afforded to their online communications and information because they will remain wary of adopting broadband and valuable Internet-based resources.
Also, the skepticism of enterprise users can harm overall Internet innovation and growth because enterprise users require a high privacy and security threshold that will remain a barrier to their full adoption of the resources offered by cloud computing — unless the application of ECPA to cloud computing services is clarified with adequate and clear protections.
ECPA has become woefully out-of-synch with current technologies and business practices as it has not been updated in nearly 25 years – eons in the continually changing telecommunications and information technology sectors. As such, it is refreshing to see ECPA on the mind of legislators on the Hill. At the same time the Senate Judiciary Committee was holding its hearing on ECPA’s application to the digital age, the House Judiciary Committee also held a hearing on ECPA’s specific application to cloud computing.
CCIA hopes to see the recent Congressional interest in ECPA culminate in revisions to the statute, bringing it into the 21st Century.