• September 8, 2015
    Guest Post

    by Susan Freiwald, Professor of Law, University of San Francisco School of Law

    *This post is part of ACSblog’s symposium examining proposed reforms to the Electronic Communications Privacy Act (ECPA).

    As eyes focus on the Microsoft appeal, people are asking why the Electronic Communications Privacy Act (ECPA) fails to resolve more clearly the questions presented. Anyone with a passing familiarity with ECPA could guess the answer: ECPA’s provisions, most of which are nearly 30 years old, are incomplete, ambiguous, and in dire need of amendment. Hence the calls to Congress to pass the LEADS Act (S. 512H.R. 1174). But those bills, and other ECPA reform bills getting traction in Congress, leave uncovered gaping holes in the law. Only the California Electronic Communications Privacy Act (CalECPA, SB 178), which is up for its final vote in California today, would bring the needed coverage and clarity to protect modern electronic privacy rights. CalECPA applies in California to state and local entities, but it provides a blueprint for comprehensive federal reform.

    At the federal level, ECPA fails adequately to protect our most personal information: the communications, movements, documents and online activities that we store on our cell phones and share with our service providers. Though it should, ECPA does not clearly require a warrant for the location data generated when we use our cell phones to make and receive calls or texts and access the internet, even though, in one recent Fourth Circuit case, United States v. Graham, agents obtained well over 100 location data points per day from the subject’s provider.  Other recent cases have been all over the map on whether and when a warrant is required. CalECPA takes its cue from the Supreme Court, which recently recognized the intrusiveness of location data acquisition in Riley v. California and United States v. Jones. CalECPA requires a warrant for access to any location data (with appropriate exceptions for emergencies in any case where it requires a warrant).

  • September 8, 2015
    Guest Post

    by Jennifer Daskal, Assistant Professor of Law, American University Washington College of Law; former counsel to the Assistant Attorney General for National Security at the Department of Justice

    *This post is part of ACSblog’s symposium examining proposed reforms to the Electronic Communications Privacy Act (ECPA). Daskal’s piece is also cross-posted at Just Security. 

    Tomorrow, the Second Circuit will hear arguments in the almost two-year old dispute between Microsoft and the government over emails stored extraterritorially. Earlier,  I opined (in discussion with Orin Kerr) on the statutory questions raised by the case. The purpose of this post is to focus on the policy issues.  And viewed solely from a policy perspective, neither position—Microsoft’s nor the government’s—is satisfying. 

    For those unfamiliar with the case, the dispute started in December 2013, when the government served a warrant on Microsoft, compelling the production of certain emails. Microsoft refused to comply, arguing that the emails were stored in Ireland, that the government’s warrant authority does not extend extraterritorially, and that therefore the warrant was invalid.  But so far its fight has been unsuccessful.  Both the magistrate and district court judge sided with the government: Because the data could be accessed and controlled from Microsoft employees operating within the United States, the warrant was territorial, not extraterritorial; it is therefore valid.

    While often described as a “privacy case,” that’s not really what the case is about.  The government is, after all, proceeding by a warrant based on a finding of probable cause.  No one suggests that compelled production would be a privacy violation if the data were stored in the United States.  It does not become a privacy violation simply because the data is stored in Ireland.  That said, the case has major privacy implications.  The case raises fundamental questions about sovereignty and jurisdiction in an increasingly interconnected world, with key privacy rights—and related free speech and associational rights—turning on the answer to those sovereignty and jurisdictional questions.  It reflects a new world order in which State A can compel the production of data located in State B, with neither the government agent or the company employee querying the data ever leaving State A.  And the case poses key questions about who does—and should—control access to the data in such a situation—State A or State B?

  • September 8, 2015

    by Jim Thompson

    In The American Prospect, ACS President Caroline Fredrickson details the harsh realities of contingent employment as the number of contract workers in the U.S.  rapidly increases.

    Steven Greenhouse at The New York Times discusses work site committees as a potential alternative to unions for the purpose of strengthening and securing workers’ protections.

    On the Ford Foundation Equals Change Blog, ACLU’s Anthony Romero remembers the life and work of civil rights champion Lynn Walker Huntley, an early member of the ACS Board of Directors.

    The Editorial Board of The New York Times argues that weak enforcement of the Fair Housing Act has left too many in economic isolation and unable to escape the social problems that flow from poverty.

  • September 4, 2015

    by Nanya Springer

    On The Huffington Post BlogJudith E. Schaeffer of the Constitutional Accountability Center weighs in on the controversy in Rowan County, Kentucky, arguing that obtaining a marriage license should be hassle-free for everyone.

    In a press release, Demos announced that the U.S. Court of Appeals for the Ninth Circuit on Thursday reinstated a case challenging Nevada’s failure to provide voter registration services to its low-income citizens. The decision comes after the case was thrown out by the U.S. District Court for the District of Nevada.

    Sam Ross-Brown and Amanda Teuscher report in The American Prospect that the Department of Labor’s new rules allowing workers at higher income levels to qualify for overtime pay will not only result in an effective raise for millions of people, but will also give workers more control over their work hours and personal lives.

    The Center for Reproductive Rights announced in a press release yesterday that it has petitioned the U.S. Supreme Court for review of a decision by the U.S. Court of Appeals for the Fifth Circuit. In June, the Fifth Circuit upheld onerous restrictions on abortion clinic access in Texas which, if allowed to stand, would close more than 75 percent of clinics in the state.

  • September 4, 2015
    Guest Post

    by Anupam Chander, Director of the California International Law Center and Professor of Law at the University of California, Davis. He is the author of The Electronic Silk Road: How the Web Binds the World Together in Commerce, published by Yale University Press.

    *This post is part of ACSblog’s symposium examining proposed reforms to the Electronic Communications Privacy Act (ECPA).

    My parents grew up in a pen and paper world, where most of their writings and records were kept at home, in their offices, or with close confidantes. I grew up in a world of computers, but even my writings were mostly kept at home on hard drives and floppy disks (for today’s students, many of whom have never seen a floppy disk, a history of the floppy disk). My first writings were kept, astonishingly, on a cassette recorder, which stored what I typed on my TRS-80, a computer made by Radio Shack. That computer had a total memory of 16K, roughly 16,000 characters (not even words) of text.

    My children are growing up in the cloud, where their writings and their records are being stored in remote computers. Because those computers are managed by Dropbox, Google, Microsoft, and their peers, their writings are far more secure than I ever managed when I stored my files on a floppy or a hard drive, both of which failed with remarkable regularity and maximally devastating timing.

    But even if our kids never know the pain of losing a week’s work to faulty computing or an accidental deletion, they face a world where their writings are far more subject to government scrutiny than mine ever were. Not only are their writings subject to government searches, but also their whereabouts, through the tracking of smartphones. This is because while the Fourth Amendment clearly protects homes from searches and seizures without a warrant, it is not so clear that it protects writings and the records about us stored on a remote computer.

    Do our children deserve less protection from government snooping because they are relying on cloud services? Right now, the law says that if the government wants to read what’s on my home computer, it has to get a warrant to do so. But if the government wants to read what our kids are storing privately online, they may not. (For a more detailed account of when the government can access information online without a warrant, see this ProPublica summary, updated as of June 2014, but not including Riley v. California, described below.)