New Bill Pushes For Warrants To Access Cloud Data

mask.of.sanity writes "A bill introduced by Sen. Patrick Leahy in the US Senate would require authorities to obtain a court-issued search warrant before retrieving a person's email and other content stored in cloud services. The law would update a 28 year old law, which Leahy also introduced, that does not require warrants for data access. The Bill will not prevent the FBI from accessing data without a warrant under terrorism and intellgence clauses."

Sudden oubreak of common sense?

[I'm not really here]

I know this doesn't eliminate the issues with the patriot act, etc., but at least it's a step in the right direction of treating digital 'property' the same as physical property when dealing with "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures. . ." (emphasis mine).

Outpaced by other legislation you mean

[memyselfandeye]

I'd like to point out, that it's laws such as Sarbanes–Oxley that say you have to store e-mail for 5 years (well if you're a public company). There are a slew of other laws too that have obfuscated the situation so bad my former employer is archiving 100% of Mail, including mail normally rejected to a user's inbox, for over a year. Perhaps that's not such a bad thing, however my point is the problems with all these privacy acts is that they need not exist in the first place had the original laws never been written. I mean, if I keep a wallet for more than 180 days does that subject it to a warrantless search? If do not shred my journal after 180 days does that subject it to a warrantless search? Why would electronic communications ever be subject to a warrantless search after 180 days, whether it is here in 2011 or even back in 1986?

Re:Outpaced by other legislation you mean

[fuzzyfuzzyfungus]

While publicly traded corporations, and their friends, love to cry about sarbox and similar, to say that those created the situation is so misleading as to constitute a lie. The concern for natural persons is the fact that things like Gmail are socially pretty much the same as personal mail; but have none of the 4th amendment jurisprudence protecting them.

Work email, and records, since those are already widely understood to be an open book as far as the employer is concerned, are already not usefully private, even if the state didn't exist. The fact that your boss can read them any time he pleases, with even less oversight than the most sinister three-letter-intelligence agency, basically ensures that.

(now, as the IT department, having to do document retention annoys me as much as anybody; but conflating requirements that corporations voluntarily bring upon themselves as a condition of being publicly traded, limited liability entities(a very valuable status...) with the novel privacy problems encountered by services that are treated as "personal" but run as outsourced hosted services is either confused or dishonest.)

Well

[ShooterNeo]

What stops the Feds from simply claiming anyone they want to investigate is a "suspected terrorist" and doing all the snooping they want. Suppose the Feds simply declare that due to "secret" information, they believe that someone is a "suspected terrorist". They tap his phone, bug his car, break into his email accounts...and discover that John Doe buys personal use quantities of prescription pain meds without a prescription. (but is not a terrorist). Or some other low-end crime.

Can the Feds put John Doe into prison based on this information?

Re:Border Backup/Restore

[AHuxley]

If you live within 100 miles of the US land and coastal borders (along with ~70% of the US), your data is going to be gone for many of the people you may want to interact with.
http://www.aclu.org/national-security_technology-and-liberty/are-you-living-constitution-free-zone [aclu.org]
and the map http://www.aclu.org/constitution-free-zone-map [aclu.org] of where inland Border Patrol checkpoints can be used.