Originally published in the Baltimore Sun on January 31, 2013.
This week, the United States, Canada, and the 27 countries in the European Union “celebrated” Internet Privacy Day. However, it seems there is little to really celebrate; the past few years have given rise to the largest increase in electronic wiretapping our nation has seen. To be sure, access to information is important for fighting crime and terrorism. However, because the major laws that govern Internet privacy were written in 1986, they fail to protect the modern-day security needs of American citizens. And despite Barack Obama’s campaign promises in 2008 to repeal policies that violate civil liberties, his administration is now not only supporting them but also quickly expanding their presence within the digital world.
The 1986 Electronic Communications Privacy Act (EPCA) was enacted before social networking sites were invented, and before the everyday use of email, Internet and cellphones. Thus, there are many unsettling constitutional quandaries that Congress simply could not have anticipated 27 years ago. For example, the bill says that the Fourth Amendment, which guards against unreasonable searches and seizures, applies to digital files — but only if they are not given to a third party. Yet third-party entities such as Google, Facebook and Dropbox hold some of our most private communications on their servers. The structure of the law as it is written gives more privacy protection to a yellow memo pad on your nightstand than emails on your Yahoo account.
In September, 2012 the ACLU released a report that stated the number of authorizations the Justice Department received to use “pen register” and “trap and trace” techniques on individuals’ email and network data increased 361 percent between 2009 and 2011. A “pen register” intercepts outgoing data from a phone or email account, while “trap and trace” intercepts incoming data. The ACLU also reports that the Justice Department used these measures to spy on phones 23,535 times in 2009 and 37,616 times in 2011, an increase of 60 percent.
Additionally, Google just released a report stating its company saw requests for information from the federal government increase by 70 percent over the past three years. In more than two-thirds of those cases, Google complied and released some amount of personal data. Sixty-eight percent of the requests Google received were through subpoenas, which typically do not require a judge’s approval. According to Google’s public statements, “Government agencies make requests … seeking information about Google users’ accounts or products. In [our] report, we are generally revealing statistics about demands in criminal investigations.”
To be sure, not all information requests are controversial, since these numbers reflect not only requests for “content” emails but also for basic subscriber information, which is not protected under the Fourth Amendment to begin with. Yet, while big companies like Google, Yahoo and Microsoft demand warrants for content requests, it is likely that smaller companies with less money for legal battles do not.
Google is not the only company facing a surge of government information requests. Verizon told Congress in 2007 that it received at least 90,000 such requests each year. And Facebook told Newsweek in 2009 that orders were arriving at the company at a rate of 10 to 20 a day. The number of requests and subpoenas has surely increased since then, but ultimately there exists no clear public mechanism to monitor exactly what information the government requests and receives from Internet companies. This is problematic.
The Obama administration has been too quiet on matters regarding digital security, and in situations where officials have spoken out, they’ve advocated for a greater ability to collect information, rather than less. In December, the administration reauthorized an extension of the Foreign Intelligence Surveillance Act, which allows the government to monitor overseas phone calls and emails without obtaining a court order for each intercept. While the law excludes Americans, there remains a lot of troubling obscurity as to the nature and execution of these powers. Additionally, the FBI has said that revising surveillance laws to make it easier to wiretap people who communicate online rather than by telephone is a top and urgent priority.
The FBI contends it is not seeking new, invasive powers but rather looking to keep its existing powers relevant in the modern age. However, the Obama administration, Congress and even the FBI have to work vigorously to protect the civil liberties and privacy of American citizens. As Internet Freedom Day (Jan. 18) and now Internet Privacy Day (Jan. 28) come and go, it is imperative that we actively seek to establish a clear and constitutional legal framework for the digital era.