Biden Heads to a DNC Fundraiser as Chinese Balloon Prowls American Skies
So, We Can’t Even Handle a Chinese Spy Balloon?
Wait...That's When Biden's People Will Brief the 'Gang of Eight' About the Chinese...
We Now Know How Much Money Biden Took Out Last December
Pentagon Gets Snarky When Asked Whether Americans Have a Right to Know More...
Florida Takes Action Against Venue That Hosted Provocative 'All Ages' Drag Show
Whoopi Goldberg Upset Because Fox News 'Loves' to Come After 'The View'
Elon Musk Wins Big Victory In Lawsuit Regarding 2018 Tweets
Sen. Hawley Demands Investigation Into Biden's Troubling Response to Chinese Spy Balloon
Joe Manchin Looking to Work With Republican Senate Colleagues, Will It Save Him...
Hakeem Jeffries Claims Socialism Would 'Undermine' the Democrat Agenda
Trump Promises to Punish Doctors, Hospitals Who Provide Irreversible Gender Transition Car...
Athletics Governing Body Wants to Change Legislation to Preserve Fairness in Women's Sport...
Yet Another Poll Shows Good News for Glenn Youngkin's Governorship
GOP Rep. Announces She Won’t Run for Reelection in 2024

Congress Can't Count on the Other Branches to Protect Digital Privacy Rights

The opinions expressed by columnists are their own and do not necessarily represent the views of

The 2nd U.S. Circuit Court of Appeals recently shot down the latest effort by the Justice Department to compel Microsoft to hand over the data of a foreigner stored overseas. Amazingly, the government asserted that a U.S. search warrant should carry jurisdiction over the data of an Irish citizen being stored on a server in Ireland, simply because it is owned by Microsoft, an American corporation.

Thank goodness the federal appeals court has now rejected the government's attempt to have the case reheard, after a lower court ruling in the government's favor -- which held Microsoft in contempt for failing to turn over the data -- was overturned last July.

The outcome affirms a landmark defense of privacy rights against law enforcement overreach and clearly establishes that the U.S. government does not have jurisdiction over the entire world. It also removes a major threat to the competitiveness of U.S.-based multinational companies, which must operate under the privacy rules of the countries in which they operate. Many of those countries unsurprisingly take a dim view of U.S. government efforts to pry into the lives of their citizens. To comply with the U.S. government warrant, Microsoft would have had to violate Ireland's privacy laws.

The decision to reject the government's appeal for a rehearing was decided by a 4-4 split, much closer than it should have been. Justice Department officials pledged to try to take the issue to the Supreme Court.

The new administration could insist that Justice Department lawyers drop the matter. Members of Congress, however, shouldn't count on either the courts or the Trump administration. Instead, they could address the fundamental issue.

The root of the problem is a common one. A law -- the Electronic Communications Privacy Act -- was enacted in 1986 to address issues raised by the technology at the time, and Congress never bothered to update it despite significant advancements in the decades since. Because of this political shortsightedness, courts are left trying to navigate trade-offs between the needs of law enforcement and digital privacy rights using a law drafted in the era of floppy disks.

This has also resulted in massive privacy blind spots -- such as the ECPA's considering emails held by a third party for over 180 days to be abandoned, allowing them to be accessed with a simple subpoena instead of a judge-issued warrant.

Also of concern is that the process for working with foreign governments when investigations cross jurisdictions -- through mutual legal assistance treaties, or MLATs -- has been seen by officials as too cumbersome to pursue. Excessive bureaucratic red tape, in other words, has encouraged investigators to engage in a troubling power grab.

The previous Congress featured a bill, the International Communications Privacy Act, that sought to resolve both of these issues. It would have updated privacy rules to acknowledge modern technological reality by doing away with such silly provisions as the 180-day rule. It also would have streamlined MLAT procedures to make international cooperation more practical.

Another bill, the Email Privacy Act, was just reintroduced in the current Congress and would also update the ECPA. Regardless of the vehicle Congress decides upon, these issues involving the intersection of privacy rights, modern technology and the rights of businesses that operate under conflicting international rules must be resolved by legislators instead of left to bureaucrats and the courts to untangle.

Join the conversation as a VIP Member


Trending on Townhall Video