Google, Facebook, Yahoo [corporate websites] and various rights groups expressed opposition [letter, PDF] Monday to legislation that extends categories of Internet records that the government can collect without court approval through the National Security Letters [ACLU backgrounder]. These expanded powers would allow the FBI [official website] to get a variety of new information [PCWorld report] such as IP addresses, routing and transmission information, session data, browsing history, e-mail metadata, location information, and log in times and dates. The first piece of legislation opposed is the Intelligence Authorization Act [bill, PDF]. This bill is supposed to expand warrant less government surveillance. The bill would allow any FBI field office to demand e-mail records without a court order. The other piece of legislation is a proposed amendment [amendment, PDF] to the Electronic Communications Privacy Act [DOJ report], which would extend the list of available information the government can seek to include information such as account numbers, login history and bank account information.
Technology continues to raise important privacy questions. In April Microsoft sued [JURIST report] the Department of Justice regarding the privacy of their customers’ e-mails. Also that month the US Court of Appeals for the Sixth Circuit ruled [JURIST report] that obtaining phone location records without a warrant was not a violation of the Fourth Amendment. Last November the US Supreme Court rejected a case [JURIST report] to determine whether it is necessary to obtain a search warrant when law enforcement requests access to cell phone location data. In October California Governor Jerry Brown signed into law [JURIST report] the California Electronic Communications Act (CECA), a law that many are touting as a substantial step forward for digital privacy and protecting users’ rights. The law, which was approved alongside more than 10 other bills, bars any state’s law enforcement agency or other investigative entity from requesting sensitive metadata from persons or businesses without a warrant. Also in October the European Court of Justice ruled [JURIST report] that EU user data transferred to the US by various technology companies is not sufficiently protected.