By: Elias J. Atienza
President-elect Donald Trump is not exactly a privacy warrior. On several occasions he has proved this. He has supported the Patriot Act, he sided with Marco Rubio over Ted Cruz on the USA Freedom Act, and he has even called for closing down the internet. Senator Jeff Sessions, Trump’s pick for Attorney General, is not great on privacy either. He has previously called for extending the Patriot Act and has even voted for it on several occasions.
Trump, however, can change his mind. After all he has changed his mind on everything from torture to immigration. For example, his tone on the proposed Muslim ban has changed, now calling it, “extreme vetting.”
But if there is something that Trump has been constant on, it is protectionism. Whether or not you agree with him, most people see that he has not been swayed on this issue since at least the 1980s. Protecting American companies from outside competition might not make the most economic sense, but at least he is consistent on it. The United States, in Trump’s view, should protect American companies and workers.
The question is, does that include private data of American companies and citizens overseas? The United States’s foreign policy has not changed much in the past thirty years when it comes to data privacy. Operating under the 1986 Electronic Communications Privacy Act, this act allows the government to access data, such as emails without a warrant, if the data is more than 180 days old. This means that the government can see years upon years of emails and other private data if it is older than six months.
Government surveillance should always be confined to the scope of the Fourth Amendment; after all one of the main reasons the Founders fought over the American Revolution was over the use of general warrants (called writs of assistance) by the British government to search colonial possessions. John Adams wrote:
When I look back to the Year 1761, and recollect the Argument concerning Writs of Assistance, in the Superiour Court, which I have hitherto considered as the Commencement of the Controversy, between Great Britain and America, and run through the whole Period from that Time to this, and recollect the series of political Events, the Chain of Causes and Effects, I am surprized at the Suddenness, as well as Greatness of this Revolution.”
This act is an egregious breach of the Fourth Amendment, but that’s not the worst part. It also allows for the Department of Justice to try and seize data overseas such as in Dublin, Ireland, even though it is not their jurisdiction.
The Department of Justice back in 2014 tried to seize private email data from an individual under investigation for drugs. However, the data center was in Dublin, Ireland and not part of the DOJ’s jurisdiction. Microsoft refused to hand over the data and was held in contempt of court for not doing so. Luckily for Microsoft, the Second Circuit Court of Appeals overturned the earlier ruling that would have forced Microsoft to give over the data without a warrant. It also established that the DOJ cannot use the ECPA to obtain data overseas; but this is just a temporary fix. The DOJ is continuing to look for ways to obtain the data not in their jurisdiction.
For those who ask why Microsoft cannot simply comply with the DOJ’s request and hand over data that is in another country, I ask you, what would happen if Russia wanted your data that is stored on a United States server? What if Ireland wanted to seize your private email data even though it was stored on a server outside their jurisdiction?
Fortunately, there is an effort underway to find the balance between privacy rights and the ability of law enforcement to get the data they want from overseas. The International Communications Privacy Act (ICPA) would “clarify U.S. law enforcement’s ability to obtain electronic communications around the world.” Introduced by Senators Orrin Hatch (R-UT) and Chris Coons (D-DE), it would define how law enforcement would be able to get the data through a warrant process and following the privacy laws of the countries involved. ICPA is not perfect, but like most things in life, is the best we can accomplish right now. ICPA finds a good balance between protecting Americans and others privacy and ensuring law enforcement they can obtain the data they need if they follow the warrant process.
Senator Sessions and the Trump Administration are by no means privacy warriors. But they are protectionists in the economic regard and seek to protect American workers and companies from foreign competition. That protection should extend to American private data held overseas and ensure that the government does not intrude on American privacy.
So this is my plea to the Trump Administration; please protect privacy rights in the United States and across the world.