Intending to provide privacy protections to consumers’ data stored on tech companies’ servers overseas or in cloud computing services, a bipartisan group of senators late today introduced legislation to amend the Electronic Communications Privacy Act (EPCA).
Sens. Chris Coons (D-Del.), Orrin Hatch (R-Utah) and Dean Heller (R-Nev.) announced introduction of the Law Enforcement Access to Data Stored Abroad Act or the LEADS Act. A provision of the bill states that law enforcement offices must “obtain a warrant under the Electronic Communications Privacy Act (EPCA) to obtain the content of subscriber communications from an electronic communications or cloud computing service.”
The bill comes as Microsoft is fighting in court a warrant from federal prosecutors seeking access to data stored oversees. Microsoft is arguing that the federal government cannot compel disclosure of data it stores in Ireland. Microsoft Bradford L. Smith told The New York Times earlier this year, “What is at stake is the privacy protection of individuals’ email and the ability of American tech companies to sustain trust around the world.” The Times noted that Apple, AT&T and Verizon have all filed briefs supporting Microsoft.
In a press statement about the LEADS Act, Sen. Coons said, “Law enforcement agencies wishing to access Americans’ data in the cloud ought to get a warrant, and just like warrants for physical evidence, warrants for content under EPCA shouldn’t authorize seizure of communications that are located in a foreign country. The government’s position that ECPA warrants do apply abroad puts U.S. cloud providers in the position of having to break the privacy laws of foreign countries in which they do business in order to comply with U.S. law. This not only hurts our businesses’ competiveness and costs American jobs, but it also invites reciprocal treatment by our international trading partners.”
Hatch noted that electronic data storage has changed significantly since ECPA was enacted in 1986. More information about the LEADS Act is here.
In a post for ACSblog, former general counsel of the Commerce Department Cameron F. Kerry said the U.S. government should lead the way and “put reasonable limits on the application of its laws to electronic communications stored outside the United States or belonging to foreign citizens outside the United States.”