Electronic law for the 21st century

By | August 09, 2012

Posted in: Network Security Trends

Updating the electronic law for the 21st century is long overdue. Two Democratic Congressmen have submitted the Electronic Communications and Privacy Act Modernization Act of 2012 to try to rectify the issue. (I don’t quite understand the need for the word “act” twice when one would do nicely. Perhaps it’s because it’s an update, perhaps it’s a mistake.)

At any rate, the bill, introduced by Jerrold Nadler (D-NY) and John Conyers, Jr. (D-MI),  requires that law enforcement obtain a warrant from a court to obtain information contained  in an individual’s private communication, such as an email, or other online document. It also requires a warrant before an ISP can be forced to disclose someone’s geographic location.

The subject of a warrant must be notified within three days, but there are several exceptions that push it to 90 days, with the following stipulations, including risk of flight, safety of an individual, destruction of evidence, intimidating a witness or  “otherwise seriously jeopardizing an investigation or unduly delaying a trial.”

There are a hodge-podge of laws and guidance around email, which may or may not require a warrant under current law. An email, for example, may require a warrant if it is held on a PC, but not if it held on a server, and there have been numerous and often contradictory rulings in the last few years. The privacy group Digital Due Process Coalition, which includes Amazon, AT&T, Apple, eBay, Google, Facebook, Microsoft and Twitter has long advocated such legislation. However, its fate in election year, without Republican sponsorship seems to make it a moot point.

You May Also Be Interested In: