LEADS Act Extends Important Privacy Protections, Raises Concerns
Today, Senators Orrin Hatch (R-UT), Chris Coons (D-DE), and Dean Heller (R-NV) introduced the Law Enforcement Access to Data Stored Abroad Act (LEADS Act). The LEADS Act would make it clear that U.S. law enforcement agents can require companies in the U.S. to turn over their users’ email and other communications only with a warrant issued by a judge. It would preclude the use of U.S. warrants to obtain communications content stored outside the U.S. unless it was in the account of an American.
The Center for Democracy & Technology (CDT) applauds the Senators for taking on one of the most important and difficult questions facing the Internet today: What privacy protections should apply when a government demands disclosure of private communications stored by companies offering services and storing data on a global basis?
“Government agencies should have to get a warrant before reading our email. The Hatch-Coons-Heller bill includes that long-overdue reform. It would also make it clear that U.S. warrants should not be sufficient to compel disclosure of content that a U.S. server provider stores aboard. The U.S. government should respect the law of the country where the data is stored,” said Greg Nojeim, Senior Counsel and Director of CDT’s Freedom, Security, and Technology Project.
“The process for trans-border access to communications content is currently very slow. The LEADS Act would promote reforms on the U.S. side and set an example for other countries to improve their procedures as well,” Nojeim added.
Nojeim expressed concern with a provision in the bill that would allow the U.S. government to use warrants to compel U.S.-based service providers to disclose data stored abroad if the account at issue was owned by a U.S. citizen, permanent resident alien, or a U.S. corporation.
“Despite the bill’s strong elements, we can’t support the LEADS Act because we are concerned about how the provision authorizing long-arm warrants for the accounts of U.S. persons would be administered, and whether we could reasonably expect reciprocity from other nations on such an approach. Also, the bill may propel some countries to consider mandating local data storage,” Nojeim added.
CDT has raised concerns about the use of U.S. warrants to access content stored abroad, particularly in our analysis supporting Microsoft’s challenge to a warrant issued by a U.S. court seeking to compel the company to disclose customer emails stored at a data center in Ireland.
“CDT looks forward to working with Senators Hatch, Coons, and Heller to enhance their legislation, and we will also work to advance the broader global dialogue on the issue of law enforcement access to communications,” Nojeim concluded.