Coalition wants US privacy law revamped for Internet Age

"Technology has changed dramatically in the last 20 years, but the law has not," said Center for Democracy and Technology (CDT) public policy vice president Jim Dempsey.

CDT was part of a freshly announced Digital Due Process Coalition that petitioned federal law makers in Washington to give personal information stored online privacy guards on par with letters or pictures kept in homes.

"The traditional standard for the government to search your home or office and read your mail or seize your personal papers is a judicial warrant," Dempsey said Tuesday in a conference call with reporters.

"The law needs to be clear that the same standard applies to email and documents stored with a service provider."

Coalition members took aim at an Electronics Communications Privacy Act (ECPA) enacted in the United States in 1986, before many of the Internet technologies woven into today's lifestyles.

"1986 was light years ago in Internet terms and it is time to update ECPA," Dempsey said during a Tuesday conference call with reporters.

"Technology has changed dramatically, particularly with the emergence of location-based services and the transfer of massive amounts of data into the cloud."

The popularity of smartphones with global satellite positioning features has led to a hot trend of companies offering services that play off of where people are at any given moment.

The recent economic meltdown added momentum to a shift toward people using software programs hosted as services in the Internet "cloud" instead of buying and installing applications on machines.

People are also increasingly storing personal information, pictures, and videos at online social-networking or data storage websites.

US laws about what access police or governments can get to personal data stored online needs to be clarified in ECPA, according to coalition members.

Police should need warrants signed by judges to get email, pictures, location information or other personal data stored online for people at Internet firms, the group contended.

Outdated ECPA contains illogical, unclear or inconsistent references that create confusion or friction between Internet firms, customers, and law enforcement, said Microsoft senior attorney Michael Hintze.

"As people start moving documents from file draws to computers and into the cloud we don't believe the balance between privacy and law enforcement should be turned on its head," Hintze said during the conference call.

"The law protects files in your home and we don't think files should be any less protected in the cloud."

Recommendations sent to US lawmakers on Tuesday included modifying ECPA to ensure that court-issued warrants are needed to get hold of email or other communications people store with Internet service providers.

The law currently eliminates need for warrants in cases of messages left in Web-based email accounts for more than 180 days, according to Dempsey.

The coalition wants EPCA to require court warrants to compel Internet services to reveal location information or for blanket requests regarding identities of large numbers of subscribers.

"We have a statute that addresses a bygone era," said Richard Salgado, senior counsel for law enforcement and information security at Google.

"We want to adjust it to what users expect of their privacy."

The coalition includes online auction pioneer eBay, telecom colossus AT&T and computer chip titan Intel.

(c) 2010 AFP