California Is Winning The Digital Privacy Fight

Starting in 2016, tech companies can tell law enforcement in California to get a warrant if they want access to digital data.

That’s because California Gov. Jerry Brown signed into law the California Electronic Communications Privacy Act (CalECPA), a landmark digital privacy law that requires California police to obtain a warrant from a judge before they can access electronic information about people’s identities, where they go, who they know and what they do.

CalECPA protects digital information held by companies, including the content of emails and cloud documents, location information and metadata. The state’s electronic privacy law also means that data on consumers’ computers and mobile devices have the same protection from government snooping as paper files.

The protections provided by CalECPA were badly needed. While technology has advanced, digital privacy laws remain stuck in the digital Dark Ages. This has meant that emails, text messages, location information and all of our digital data have been open to warrantless police surveillance.

Outdated Federal Laws

Antiquated laws on both the state and federal level have created a maze of confusing rules. The federal Electronic Communications Privacy Act was first enacted in 1986 – long before the Internet as we know it today existed. But even modest efforts to update the federal law have yet to get through Congress.

The result of outdated laws is that sensitive personal information is at risk, consumer trust is eroded and tech companies large and small have to waste valuable time and resources to meet the growing demand of warrantless requests from law enforcement.

The result of outdated laws is that sensitive personal information is at risk, consumer trust is eroded and tech companies large and small have to waste valuable time and resources…

The numbers are startling. Google has reported a 180 percent jump in law enforcement demands for consumer data in just the past five years. Last year AT&T received more than 263,000 demands, Verizon reported that only one-third of its requests had a warrant, and Twitter and Tumblr received more demands from agencies in California than any other state.

As a result, public concern about privacy has grown while confidence in technology has eroded. A recent California poll conducted this summer found that 82 percent of Californians wanted warrant protection for their digital information. A 2014 study from the Pew Research Center found that 75 percent of adults believe that their emails, text messages, and location information are sensitive, and that 80 percent of adults feel that Americans are rightly concerned about government monitoring of Internet communications.

Government And Tech

While other states, such as Colorado, Maine, Texas and Utah, provide updated protections for electronic information, California’s law has the biggest impact not only because of its size but because of the prevalence of tech companies based in the state. And those companies had enough: The Internet Association along with Facebook, Google, Twitter, Apple, Dropbox, Adobe and others supported CalECPA.

Apple CEO Tim Cook recently said in an NPR interview that “people want us to help them keep their lives private. We see that privacy is a fundamental human right… We are going to do everything that we can to help maintain that trust.”

In its letter of support for the California electronic privacy law, Facebook said “people deserve to connect with friends and loved ones knowing that their personal photos and messages are well-protected.”

Google noted that “law enforcement needs a search warrant to enter your house or seize letters from your filing cabinet — the same sorts of protections should apply to electronic data stored with Internet companies.”

According to the Internet Association, “California’s Internet users expect their inbox to have the same kinds of safeguards that exist for their mailbox, and we look forward to working with policymakers in pursuit of this goal. It is time to update these laws for the digital age.”

The diverse tech industry and civil rights coalition in support of CalECPA should serve as a model for collaboration in other states.

After Gov. Brown signed the electronic privacy law, Adobe wrote in a blog post that it “believes that customer data stored online deserves the same protections as data stored at home or at work, and that full Fourth Amendment protections are essential to consumers trusting that their information is safe. Without trust, cloud computing can never realize its full potential.”

California continues to be an incubator for ideas, and the California Electronic Privacy Act is certainly an idea whose time has come.

The diverse tech industry and civil rights coalition in support of CalECPA should serve as a model for collaboration in other states. The new law will hopefully help jumpstart privacy reform on the federal level that has been stalled for too long.

It should be a clarion call for leaders in Washington and across the country who are long overdue in updating privacy laws to protect both consumers and the tech industry by preventing warrantless searches of digital information.

All tech companies and all Americans deserve updated laws that match the modern digital world.