· As the world’s information technology leader and home to the vast majority of the world’s major information technology providers, the United States has a unique opportunity to provide leadership in the establishment of a legal framework that recognizes the legitimate rights and needs of consumers, businesses, governments, and the American economy.
· To ensure the appropriate balance between personal liberty and public safety in a free and democratic society, it is important to have a frank discussion on the government’s surveillance authority. The discussion should include assurances that law enforcement and national security surveillance authority is subject to meaningful judicial and legislative oversight and follows the rule of law. It is also important that the United States works with its allies to ensure there are proper global legal frameworks within and among other countries.
· The U.S. faces real and significant national and economic security threats. These threats heighten the need for domestic and international trust in U.S.-based technology companies, which play a central role in building and operating an open, global internet.
· To the extent that customer communications do not compromise legitimate government needs in ongoing government operations or investigations, U.S. technology companies need the ability to communicate with their customers about the nature, number, and scope of government requests for data.
· Strong encryption is a commercial necessity that underpins millions of daily transactions and allows companies to safely store and move personal consumer information.
· The establishment of interoperability standards, open to all companies, which would allow network operators the ability to transition away from suppliers and systems with significantly less disruption.
Electronic Communications Privacy Act Reform Principles
· Reform of the Electronic Communications Privacy Act (ECPA) should create a clear set of rules for law enforcement access that are in line with users’ expectations of digital privacy in the 21st century. These rules should safeguard end-user privacy, provide clarity for service providers, and enable law enforcement to conduct effective and efficient investigations.
· The ECPA statute needs to be updated to reflect how information is managed, stored, and shared today.
· ECPA reform should provide a document stored in the cloud with the same protections the document would be subject to if it were stored under user control.
· ECPA reform should require a warrant for content regardless of how old that stored content is or where it is stored.
International Online Privacy Reform Principles
· U.S. online privacy and government access laws have failed to keep up with modern electronic communications in the digital age. The administration and Congress should work together to effectively implement the Clarifying Lawful Overseas Use of Data Act of 2018, or CLOUD Act, to provide law enforcement, U.S. companies, and consumers with much-needed clarity about the appropriate way to access data held abroad, while setting standards for foreign governments seeking access to information held by U.S. technology companies.
· Reforming and modernizing ECPA and implementing the CLOUD Act are critical steps needed to safeguard our citizens’ privacy rights, ensure law enforcement has the tools they need to protect us, and to boost confidence in the technologies we use to communicate with each other.