Feeds

Microsoft teams with Google in name of privacy

Strange bedfellows back US law overhaul

  • alert
  • submit to reddit

Build a business case: developing custom apps

Search rivals Microsoft and Google have joined a coalition to simplify and clarify US law to protect the online privacy of netizens from government snooping.

The companies have teamed with more than 20 other technology providers and lobby groups from the right and left of US politics to update a US privacy law that's being applied to peoples' internet communications, but was written in 1986 - the year of big hair, Chernobyl, and the Challenger space-shuttle disaster, but most certainly not the web, email, or mobile phones.

They've joined the Digital Due Process coalition, brainchild of Center for Democracy and Technology vice president Jim Dempsey, to force a change to the Electronic Communications Privacy Act (ECPA).

Microsoft, Google, and their colleagues have put their name to a set of four principles they hope will clean up EPCA and clarify the rules that govern things like the ability for the authorities to hover search queries, IP addresses, or users' mobile GPS locations.

While consumers might not be overly concerned about uploading skads of personal information to cloud-based services like Facebook or giving out their GPS location on the iPhone, the fear is they'll balk as concerns about what happens to their data find their way into the mainstream debate on privacy.

Microsoft general counsel Mike Hintz said here that ECPA has failed to keep pace with the times, and a lower standard is applied to online communications compared to things like snail mail when it comes to gathering information for on-going investigations.

Microsoft claimed 90 per cent of the population and business people are concerned about the security and privacy of their personal data in the cloud.

"Citizens need government action to ensure that as more information moves from the desktop to the cloud, the country retains the traditional balance of privacy vis-à-vis the state," Hintz said.

"It is vital we restore balance to American surveillance laws as the cloud computing era evolves. A balanced approach can help ensure that citizens' data will be protected, law enforcement will have the tools they need and America will continue to lead in technological innovation."

Ryan Radia, associate director of technology studies and the Competitive Enterprise Institute also behind the Coalition, told The Reg: "If the cloud is to realize its full potential government must be subject to meaningful limits on the data it can get its hands on."

Microsoft, Google, and the others have put their names to a set of four principles for changes to EPCA. The essence is to have the authorities go before a judge and seek a court order when getting information from service providers on people's emails, browsing activities, IP addresses, or GPS location.

Currently, the US authorities can secure a subpoena in some cases that's issued by a prosecutor in the name of the grand jury and handed to the FBI for completion and enforcement. A subpoena can be issued to check whether a law is not being violated rather than to see whether a law is actually being broken.

The group says that a government agency should require a court-issued warrant based on probably cause, not a subpoena, to access communications and location information regardless of its age and that an agency may access dialed information and emails only with a court order following judicial review and access stored information of specific accounts only with the approval of a judicial approval.

The proposals are designed to head off instances such as the US government's grab for archived searches on Microsoft, Google, and Yahoo! in 2005 or the case of Indymedia.us, issued with an FBI subpoena to hand over the IP addressees of its site users for one day in June 2008. The subpoena was fought by the Electronic Frontier Foundation - also a member of the Coalition - and the subpoena overturned in November 2009.

Radia said the changes to the ECPA would only apply to private communications and not to ongoing investigations, emergency cases, or national security. "The purpose is not to cripple law enforcement, the goal is to restore a better balance between privacy and law enforcement," he said. ®

The essential guide to IT transformation

More from The Register

next story
Rupert Murdoch says Google is worse than the NSA
Mr Burns vs. The Chocolate Factory, round three!
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Know what Ferguson city needs right now? It's not Anonymous doxing random people
U-turn on vow to identify killer cop after fingering wrong bloke
Germany 'accidentally' snooped on John Kerry and Hillary Clinton
Dragnet surveillance picks up EVERYTHING, USA, m'kay?
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
Who needs hackers? 'Password1' opens a third of all biz doors
GPU-powered pen test yields more bad news about defences and passwords
Think crypto hides you from spooks on Facebook? THINK AGAIN
Traffic fingerprints reveal all, say boffins
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.