US bill to toughen cloud data protection

Powered by SC Magazine
 

But the FBI will keep authority to obtain data under terrorism and intelligence clauses.

A bill introduced in the US Senate would require authorities to obtain a court-issued search warrant before retrieving a person's email and other content stored in cloud services.

The proposed legislation would update a 25-year-old digital privacy law called the Electronic Communications Privacy Act (ECPA) which set standards for government wiretapping of telephone and electronic communications.

US Senator Patrick Leahy, who authored both the 1986 law and the amendment bill, said the legislation was "outpaced by rapid changes in technology”.

The newly introduced ECPA Amendments Act would require authorities to obtain a search warrant based on probable cause before obtaining customer information from electronics communications, cloud computing or other technology service providers.

Under current law, law enforcement does not need to acquire a search warrant to obtain email communications that have been stored for longer than 180 days.

The proposed legislation would eliminate this rule and require a search warrant regardless of the age of an email.

It would also implement new protections for geolocation information that is collected, used or stored by smartphones or other mobile technologies.

If enacted, the bill would mandate a warrant to access or use an individual's smartphone or other electronic communications device to obtain geolocation information.

A coalition of privacy groups and technology companies, called Digital Due Process, has been pushing since last year for the reform of ECPA.

The group includes AOL, the American Civil Liberties Union, Google and Microsoft and argues that the ECPA is a “patchwork of confusing standards” that no longer adequately protects the vast amount of personal data generated by the latest digital communication devices and services.

“The reforms take an important step toward updating antiquated protections for consumers utilising modern-day cloud and mobile services," said Kelly William Cobb, executive director of consumer choice group Americans for Tax Reform's DigitalLiberty.Net.

Leahy's measure, however, does not do away with the FBI's authority, under the national security letters, to obtain digital information about a person, without a court order, if authorities consider it relevant to a terrorism or national intelligence case.

This article originally appeared at scmagazineus.com

Copyright © SC Magazine, US edition


US bill to toughen cloud data protection
 
 
 
Top Stories
Beyond ACORN: Cracking the infosec skills nut
[Blog post] Could the Government's cybercrime focus be a catalyst for change?
 
The iTnews Benchmark Awards
Meet the best of the best.
 
Telstra hands over copper, HFC in new $11bn NBN deal
Value of 2011 deal remains intact.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  4%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  3%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 1827

Vote
Do you support the abolition of the Office of the Information Commissioner?