Google, Microsoft, ACLU & Others Push For “Digital Due Process” – No Personal Data Without A Warrant

A broad coalition of interest groups, non-profits and private companies, including Microsoft, Google, AOL, the ACLU, EFF and others, have come together to set forth four principles that would update Electronic Communications Privacy Act (ECPA). That statute was enacted in 1986 and, in the words of Jim Dempsey, Vice President for Public Policy at the Center for Democracy and Technology, hasn’t kept pace with technology and the way that people use the internet today. The point was made repeatedly that the “internet didn’t even really exist” in 1986.

The principles aim to upgrade and enhance privacy protection for individuals using the internet, sending email and storing data in the cloud. Basically these principles seek to apply the probable cause standard and require a judge-issued warrant before law enforcement officials can gain access to private information or data online. This would include search query logs.

Here are the principles laid out on the new Digital Due Process site:

  1. A governmental entity may require an entity covered by ECPA (a provider of wire or electronic communication service or a provider of remote computing service) to disclose communications that are not readily accessible to the public only with a search warrant issued based on a showing of probable cause, regardless of the age of the communications, the means or status of their storage or the provider’s access to or use of the communications in its normal business operations.
  2. A governmental entity may access, or may require a covered entity to provide, prospectively or retrospectively, location information regarding a mobile communications device only with a warrant issued based on a showing of probable cause.
  3. A governmental entity may access, or may require a covered entity to provide, prospectively or in real time, dialed number information, email to and from information or other data currently covered by the authority for pen registers and trap and trace devices only after judicial review and a court finding that the governmental entity has made a showing at least as strong as the showing under 2703(d).
  4. Where the Stored Communications Act authorizes a subpoena to acquire information, a governmental entity may use such subpoenas only for information related to a specified account(s) or individual(s). All non-particularized requests must be subject to judicial approval.

Essentially these proposed rules seek to protect all user data that is not “readily accessible to the public.”

These principles will be sent to Congress, which would then need to incorporate them into ECPA or separately enact them in order to become law. However, it was pointed out that these rules are not intended to affect “national security” issues or related enforcement. That represents something of a “loophole” potentially for aggressive law enforcement officials, who might seek to circumvent these rules, if enacted, by using the justification of national security to conduct domestic surveillance.

In general however these proposed rules are very welcome. We should hope they’re enacted to require law enforcement to gain warrants and meet traditional probable cause standards before private online data or activities and history can be accessed.

Related Topics: Channel: Industry | Legal: General | Legal: Privacy | Legal: Security | Top News


About The Author: is a Contributing Editor at Search Engine Land. He writes a personal blog Screenwerk, about SoLoMo issues and connecting the dots between online and offline. He also posts at Internet2Go, which is focused on the mobile Internet. Follow him @gsterling.

Connect with the author via: Email | Twitter | Google+ | LinkedIn


Get all the top search stories emailed daily!  


Other ways to share:

Read before commenting! We welcome constructive comments and allow any that meet our common sense criteria. This means being respectful and polite to others. It means providing helpful information that contributes to a story or discussion. It means leaving links only that substantially add further to a discussion. Comments using foul language, being disrespectful to others or otherwise violating what we believe are common sense standards of discussion will be deleted. Comments may also be removed if they are posted from anonymous accounts. You can read more about our comments policy here.
  • Stupidscript

    It’s about time! I, for one, am glad to see any attempt to drag these issues into the 21st Century. It has been a stone in my craw for a long time to know that a simple subpoena, without notification to me, can be used to secretly gain access to any email stored by a 3rd party .. like Gmail or Yahoo. We need consistency, and this is an excellent attempt to address the lack of it n current law. I hope for the best for this effort, if for nothing else then for publishing these recommendations to Congress … even if that’s where they are likely to die.

Get Our News, Everywhere!

Daily Email:

Follow Search Engine Land on Twitter @sengineland Like Search Engine Land on Facebook Follow Search Engine Land on Google+ Get the Search Engine Land Feed Connect with Search Engine Land on LinkedIn Check out our Tumblr! See us on Pinterest


Click to watch SMX conference video

Join us at one of our SMX or MarTech events:

United States


Australia & China

Learn more about: SMX | MarTech

Free Daily Search News Recap!

SearchCap is a once-per-day newsletter update - sign up below and get the news delivered to you!



Search Engine Land Periodic Table of SEO Success Factors

Get Your Copy
Read The Full SEO Guide