The following op-ed was authored and contributed to Breitbart Texas by Rebecca Powers.
Today, if law enforcement wants to read our physical mail or search our safe deposit box, they need a search warrant. This fundamental right to privacy is established in the Fourth Amendment of the U.S. Constitution. But currently, national and international privacy protection is not adequately applied to email and data stored on cloud computing servers. This needs to change—and a solution is at hand, if Congress will only move forward.
Texas became a national leader in electronic privacy in 2013 after passing HB 2268 during the 83rd Legislative Session. This law requires Texas law enforcement to obtain a warrant to access email and communication content held in electronic storage in this state, and other states, by providers of electronic communications services and remote computing services. Amid the 84th legislative session, a number of Texas based activist groups, such as the Texas Electronic Privacy Coalition (TXEPC), Texans for Accountable Government (TAG), and EFF-Austin, aimed to achieve even more expansive electronic privacy protections pertaining to cell phone location data. As Texans continue to lead the way with digital privacy reform on a state level, both Texas Senators John Cornyn and Ted Cruz are in a position to continue this trend on a national level.
With bipartisan support, the Law Enforcement Access to Data Stored Abroad Act (LEADS Act; S. 512/H.R. 1174) was introduced in both the U.S. Senate and House. This legislation will require law enforcement agencies to obtain a search warrant to access an American’s or resident alien’s email—or other personal data—when it is stored on overseas computer servers. The LEADS Act also codifies and improves how U.S. law enforcement accesses the email of foreign targets of investigation.
The need for the LEADS Act arises from the emergence of innovations that have fundamentally changed how we communicate and store information. . Individuals and businesses use a wide range of cloud computing services—including email, productivity tools, social media and more. In years past, email and data was stored on companies’ onsite computer servers, or on an individual’s PC. Data and email is now stored, backed-up and transmitted by third-party technology providers. The large data centers (aka server farms) that provide the backbone of these services are located not just in the U.S., but around the world. Many U.S. cloud computing providers maintain numerous server facilities for marketplace and technical reasons—including the need for data back-ups, redundancies, scale, and other requirements.
Texas-based Rackspace, for instance, provides leading cloud computing services by operating a state-of-the-art global infrastructure with data centers not only distributed across the U.S., but also in London, Hong Kong and Sydney. The global nature of the Internet and cloud computing is the key reason that we need the LEADS Act. Rackspace and other American companies should not be put in a position where they have to violate the privacy of their U.S. customers to comply with a warrantless search request for data stored abroad. Similarly, American companies should not be forced by U.S. law enforcement action here to breach privacy laws and the rights of customers in other nations. The LEADS Act addresses both of these issues by requiring warrants when appropriate and reforming and strengthening the Mutual Legal Assistance Treaty (MLAT) process for cross-border law enforcement.
Digital privacy is insufficiently protected under existing legislation, the Electronic Communications Privacy Act (ECPA), which shockingly dates back to the year 1986. ECPA was enacted before the invention of the World Wide Web, the widespread use of email, and the development of cloud computing. Although ECPA has been updated and is again being reviewed by Congress, it simply does not address the borderless, global nature of today’s cloud computing. While ECPA provides some measure of privacy protection for data stored on computers located within the U.S., it leaves a vacuum when it comes to servers located in other countries.
Passage of the LEADS Act would not only provide appropriate privacy protections, it would establish a model for international law enforcement, respect, and data protection. We do not want foreign governments examining Americans’ email and data stored within our borders without due legal process. The troubling ability to make such encroachments—via the Internet—has already been asserted by foreign governments. The LEADS Act will strengthen our ability to negotiate privacy protections and mutual legal respect as part of trade agreements. In addition, by codifying respect for the borders and laws of other nations, LEADS strengthens the ability of American companies to grow their businesses with overseas customers.
Fortunately, both Texas Senators John Cornyn and Ted Cruz sit on the Senate Judiciary Committee, which will be considering the LEADS Act as a first step toward passage. Given Texas’s robust technology sector and our state’s commitment to individual rights, I hope Senators Cornyn and Cruz will both be champions in the speedy enactment of this much-needed bill.
Rebecca Powers is an Austin-based political activist and a member of Texans for Accountable Government (TAG).