New bill attempts to curb Big Brother's ability to snoop and squelch free speech online

Congresswoman Zoe Lofgren, a California Democrat, has introduced two new bills to the U.S. House of Representatives. These bills, introduced last Friday, are designed to protect innovation, user privacy, and free speech on the Internet.

"We need proactive laws designed to preserve an open and truly global Internet from SOPA-like legislation, unduly restrictive treaties and trade agreements, and overbroad government surveillance," Rep. Lofgren said in a statement.

The first bill, H.R. 6529, is called the ECPA 2.0 Act of 2012. This act seeks to reform the Electronic Communications Privacy Act (ECPA), which was enacted in 1986. The ECPA hasn't been significantly updated since it was enacted -- way back before the Internet even really existed -- and so it's way overdue for an update. Other lawmakers, including Senator Patrick Leahy of Vermont, are also seeking updates to the ECPA.

An update to ECPA is also supported by the Digital Due Process, a coalition of tech firms including companies Amazon, Apple, AT&T, eBay, Google, Intel, Microsoft, and Twitter. "The vast amount of personal information generated by today's digital communication services may no longer be adequately protected," wrote the Digital Due Process in a post. The group has not publicly endorsed H.R. 6529.

The ECPA 2.0 Act of 2012 proposes the implementation of four basic principles, which are outlined in a fact sheet released by Rep. Lofgren's office:

1. The government should obtain a warrant before compelling a service provider to disclose an individual's private online communications.

2. The government should obtain a warrant before it can track the location of an individual's wireless communication device.

3. Before it can install a pen register or tap and trace device to capture real time transactional data about when and with whom an individual communicates using digital services (such as email or mobile phone calls), the government should demonstrate to a court that such data is relevant to criminal investigation.

4. The government should not use an administrative subpoena to compel service providers to disclose transactional data about multiple unidentified users of digital services (such as bulk requests for the names and addresses of everyone that visited a particular website during a specified time frame). The government may compel this information through a warrant or court order, but subpoenas should specify the individuals about whom the government seeks information.

Basically, the ECPA 2.0 Act seeks to apply Fourth Amendment protection to online communications. Under the current ECPA, emails and other forms of private online communication are treated as little more than business records -- and, after they're 180 days old, they're treated as "discarded," and therefore afforded very little privacy protection.

At the moment, private online communications that are more than 180 days old can be revealed with a government subpoena. This new act, if passed, would require government officials to first obtain a probable-cause warrant before snooping through individuals' emails and chat logs.

The fourth principle of the ECPA 2.0 Act -- that subpoenas cannot be used to disclose transactional data about multiple unidentified users -- will likely affect piracy lawsuits brought about by copyright trolls. Copyright trolls often request courts subpoena Internet Service Providers (ISPs) for information regarding anonymous alleged downloaders -- see the case of Voltage Pictures, who keeps trying to sue John and Jane Does over the acclaimed film, "The Hurt Locker."

Global Free Internet Act of 2012

The second bill introduced Friday, H.R. 6530, or the "Global Free Internet Act of 2012," is also important, and long overdue, Lofgren says. This bill seeks to establish a formal process for the U.S. government to evaluate policies that "pose threats to Internet users and online services." The bill proposes the creation of a special task force comprised of the heads of several executive branch agencies, four Americans nominated by Congress, and four Americans (who are not government employees) nominated by "the Internet itself."

The goal of the Global Free Internet Act of 2012 is to have an already-set-up response team to controversial Internet-related acts, such as the Stop Online Piracy Act (SOPA) that was killed in the U.S House of Representatives earlier this year. The special Global Free Internet Task Force (that's what I'm going to call it) will look at how acts such as SOPA propose a threat to the "global free flow of information, international trade in Internet-related goods and services, and the technical standards that underpin the Internet."

In other words, the task force will be set up specifically so that there will be people in Washington D.C. who understand the Internet and who can stop bills like SOPA early on.

Rep. Lofgren, who represents the 16th district of California (which houses most of Silicon Valley), was a prominent voice of dissent in the discussions about SOPA earlier this year, noting that the bill could mean "the end of the Internet as we know it." SOPA was a controversial bipartisan anti-piracy bill designed to help the U.S. government fight online copyright fraud outside of the United States. The bill, had it passed, would have allowed the U.S. government to effectively censor non-U.S. websites accused of copyright infringement.

Join the CSO newsletter!

Error: Please check your email address.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Sarah Jacobsson Purewal

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts