Even without CISPA on the books, the federal government can still use antiquated legislation to leer into the personal communications of Americans. One judge, in fact, says that thousands are approved each year.
It’s been more than a quarter of a century since the US Congress authorized the Electronic Communications Privacy Act (ECPA) of 1986, but the incredibly outdated legislation is still used each and every day to let federal agents find out personal and private information by combing through emails, texts and any other form of online correspondence. Kade Crockford is a privacy rights coordinator with the American Civil Liberties Union and is fighting to make sure that ECPA is laid to rest.
Crockford says she was only three years old in 1986 and tells RT, “If you were my age at the time, cell phones didn’t really exist.” What was a reality, however, was ECPA. Unlike cell phones and the troves of technological updates that mobile devices have seen over the last few decades, though, ECPA remains more or less identical to its original incarnation.
When ECPA was first approved by Congress, critics couldn’t find all that much to worry about as “email” was still a subject impossible for most Americans to grasp. Down the road, however, Crockford says that advances with the Internet are creating all news reasons for computer users to be concerned.
“People didn’t use email in the way that we do now. Web chat didn’t exist. Storing our information in the digital cloud was completely unheard of. These are things that we all do now every day. We live most of our lives in the digital realm. Our banking information is all online. Increasingly out health records out online. We communicate very, very important information via email, via direct message on services like twitter, via web chat, via Skype,” says Crockford. “Congress needs to update ECPA.”
Crockford’s calls to end ECPA comes after US Magistrate Judge Stephen Smith examined the surveillance orders that have been authorized since the birth of the legislation and learned that unassuming eyes are allowed to access private information tens of thousands of times a year. In his report, "Gagged, Sealed and Delivered," Judge Smith adds that it's "reasonable to infer that far more law-abiding citizens than criminals have been tracked" under a certain subsection of ECPA.
“What the judge magistrate’s report shows is that the rules that ECPA put in place over 25 years ago are willfully inadequate, primarily because they don’t allow even Congress, let alone the general public, to know how many of these orders are being issued,” says Crockford, “because there are gag, sealed and blindfold provisions which prevent people from even knowing how many of these orders are out there.”
Essentially, says Crockford, the government can already be spying on Americans without unsuspecting citizens completely in the dark.
“A key piece that we need to realize here is that, my emails, the emails that I send to my friends…I don’t actually possess them,” she says, “If I use Google or Gmail to send emails, its Google or Gmail that possess my emails, so the government doesn’t even have to go to me. It can completely ignore me if it wants information about what I’m talking about or who I’m talking to and go to Google instead.”
Currently the US Congress is considered the Cyber Intelligence Sharing and Protection Act, or CISPA, which would allow the government to go into information collected by third-party companies without any repercussions. Under EPCA, however, federal agencies are often already allowed that. Under ECPA, all investigators need is an official request that Crockford calls somewhere between a subpoena and a warrant.
“A subpoena is simply a form that a prosecutor fills out and submits to a holder,” says Crockford, while, “…a warrant is a much stricter standard. There is probable clause.” The orders filed under ECPA, she says, “sits somewhere in the middle.”
Unlike CISPA, though, Crockford says that many of Silicon Valley’s biggest companies are supporting a chance to ECPA. Although her work with the ACLU situated her alongside other civil liberties organization in the Digital Due Process Coalition — a group that is fighting for ECPA reform — she says she isn’t alone. “It’s also companies like Microsoft and AOL and apple, because these companies want people to trust the digital cloud,” she says. “They want people to trust that when they put information online, that when they store it with third part content holders like them, that it’s going to be safe from government interference.”
“There’s a huge range of corporations and government advocacy groups that are calling on Congress to reform ECPA, and this report is just a very timely reminder and should shock Congress into action to do this,” she says.