Meet the serial failures in charge of protecting America's online privacy

By Mark Ames , written on February 15, 2015

From The News Desk

Earlier this week, McClatchey published an article reminding readers of something that can’t be repeated enough: Thanks to the 1986 Electronic Communications Privacy Act, the government can read all your emails over 180 days old without a warrant. That’s what the law says — and yet it remains obscure enough that every time some national media reminds us, it still shocks the senses.

McClatchy writes:

Little known to most Americans, ambiguous language in a communications law passed in 1986 extends Fourth Amendment protections against unreasonable search and seizure only to electronic communications sent or received fewer than 180 days ago.

The language, known as the “180-day rule,” allows government officials to treat any emails, text messages or documents stored on remote servers – popularly known as the cloud – as “abandoned” and therefore accessible using administrative subpoena power, a tactic that critics say circumvents due process.

As you rush to purge your Gmail and Dropbox accounts, however, be forewarned that even deleted files still could be fair game as long as copies exist on a third-party server somewhere. Unsurprisingly, there have been attempts over the years to reform the law, but so far they've all ended in failure.  And it's when we start to dig into the reason for those failures that things do get surprising.

As it turns out, many of the “privacy activists” who are supposed to protect us from laws like this, and who are today leading the crusade against the 1986 ECPA law, are the same people and organizations who colluded with the government to put that law on the books in the first place.

Today there’s a big push for a bill called, somewhat confusingly, the Electronic Communications Privacy Act Amendments Act that’s supposed to remedy this giant hole in online privacy. The bill is co-authored by progressive Democrat (and occasional Batman cameo) Sen. Patrick Leahy of Vermont, and Tea Party Republican Sen. Mike Lee of Utah. Perhaps more importantly, the ECPA Amendment Act — and its House version, the "Email Privacy Act" — has the support of both the Silicon Valley Establishment—Google, Apple, Facebook, Amazon et al—and the civil libertarian establishment: the ACLU, the Electronic Frontier Foundation, the Center for Democracy and Technology, and others.

But as McClatchy notes, this “solution” to the earlier law’s problem turns out to create a brand new privacy problem: Under both Leahy's Senate bill and the House "Email Privacy Act," the same government snoops will still be able to access all email user metadata:

In other words, the Email Privacy Act would not extend Fourth Amendment protections to “non-content” data. Even if the bill becomes law, customers’ names, locations, addresses, routing information and subscriber network addresses still could be subpoenaed without a warrant and without notice, although accessing the content of their conversations would require the authorization of a judicial magistrate or judge.
As we learned from the Snowden secrets, government intelligence agencies like the NSA are at least as interested in collecting user metadata as they are in collecting content. Yet the wonderful solution, the Leahy-Lee bill, allows warrantless government surveillance of our email metadata:
"the government may use an administrative or grand jury subpoena in order to obtain certain kinds of electronic communication records from a 1service provider, including customer name, address, session time records, length of service information, subscriber number and temporarily assigned network address, and means and source of payment information."
So that raises the question: Why are these leading civil libertarian/privacy advocates lobbying for a law that doesn’t protect our privacy or extend Fourth Amendment protections to our email metadata?

To begin understanding that, you first have to look at the names of the folks pushing the Electronic Communications Privacy Act Amendment Act “fix” to the 1986 Electronic Communications Privacy Act, and then compare them to those involved in the 1986 law. Wouldn't you know it: The 1986 law was co-sponsored by a younger Sen. Patrick Leahy, and came into being thanks to the lobbying efforts of the ACLU and its chief legislative counsel, Jerry Berman.

In my last depressing story about how the ACLU colluded with the CIA to write the Reagan-era law that jailed CIA whistleblower John Kiriakou, I wrote about how Jerry Berman was one of the key ACLU collaborators in crafting that anti-whistleblower law with CIA director Bill Casey’s people. I also revealed Berman’s controversial role—as executive director of the Electronic Frontier Foundation— in collaborating with the FBI in passing the 1994 Digital Telephony Bill, which expanded FBI surveillance of the Internet.

In 1986, Berman served as the ACLU’s chief legislative counsel in Washington DC, and he also led a new ACLU project focused on privacy and the new fast-growing technology sector: The ACLU Project on Privacy and Technology. In these capacities, Berman and the ACLU provided the necessary liberal cover to bring together industry and government surveillance interests to craft the new bill.

As the New York Times reported in late 1986, in an article headlined “Tactical Alliances and the A.C.L.U.”:

Michael F. Cavanagh, executive director of the Electronic Mail Association, a trade group, said the A.C.L.U. had “played a central role” in assembling the coalition that won approval for the Electronic Communications Privacy Act of 1986. The law updates Federal wiretap statutes to protect the privacy of cellular telephone calls, computer data communications and satellite television transmissions.
In another article about the bill, the Times quotes Berman selling it on “philosophical” grounds rather than merely economic, deftly leveraging the ACLU’s progressive credibility:
For the American Civil Liberties Union, a major force behind the bill, the commitment is philosophical rather than economic. “This is a very good bill,” said Jerry Berman, the head of the union's Privacy Technology Project, who worked to bring the business groups together. “It demonstrates that you can put together a privacy coalition and make it work.”
Until recently, Berman’s bios and “about” page have boasted of his central role in passing the terrible 1986 ECPA law. That, and Berman’s role as founder of the ACLU’s “Projects on Privacy and Technology” established his credibility in Washington as the premiere hi-tech lobbyist, particularly on the broad field of privacy and speech.

In 1992, Berman left the ACLU for the Electronic Frontier Foundation to take the Silicon Valley techno-libertarian revolution to Washington... bringing the EFF’s dual-purpose function as online privacy advocate, and lobby front for its Big Tech funders’ interests, into the lair of the federal leviathan. In 1994, Berman brought other key people from the ACLU’s Projects on Privacy and Technology into the Electronic Frontier Foundation with him—Janlori Goldman and Daniel Weitzner. Berman’s former ACLU team, now at the EFF, went to work in collaboration with the FBI and with—who else?—Sen. Patrick Leahy to draft the Digital Telephony Law that expanded FBI surveillance of the Internet, and nearly destroyed the EFF.

The subtitle to an old Wired magazine article from 1994 shows just how silly (and stagnant) the EFF’s cyber-revolutionary expectations were—and how badly, in a familiar old-economy way, everything turned out when this same crowd led that reform bill:

The Electronic Frontier Foundation went to Washington to “reverse-engineer government, hack politics down to its component parts, and fix it." Then it helped pass the FBI's loathsome "let's-just-wiretap-everyone" Digital Telephony Bill. And discovered it was Washington that had reverse-engineered the EFF, driving it into dissension, debt, disgrace - and right out of town
After that fiasco, Berman and his former ACLU Project on Privacy and Technology team left the EFF to found the Center for Democracy and Technology (CDT), which has remained a top DC lobby group for Big Tech ever since. (Meanwhile back at the ACLU, the Berman “privacy and technology” project reappeared under the similarly-named “ACLU Projects on Speech, Privacy and Technology” — led today by the ACLU’s Ben Wizner, Edward Snowden’s lawyer, along with online privacy celebrity-activist Chris Soghoian.)

Which brings us to today, in which we find ourselves dealing with the appalling consequences of the 1986 bill cobbled together by the ACLU, led by Jerry Berman, and co-sponsored by Patrick Leahy. First of all, why didn’t the ACLU, the EFF, the CDT or their crowd warn us all these decades? Why did it take them so goddamn long to tell us, “Oops! We screwed up! The bill we wrote to protect you actually allows the government total access to all your 180-plus-old email correspondences, we just forgot to scare you about it all these decades!”

Well, in fact they still haven't done that, because that would mean admitting they’re part of the problem. Instead, these same outfits are shaking their fists in righteous outrage over the law they helped pass. On the ACLU’s webpage attacking the 1986 ECTA, there’s not a single mention of the “central role” that the organization played in getting it passed.

The same goes with the website for Digital Due Process the main lobby coalition fighting to replace bad ECPA with good, new & improved EPCA-Amendment Act. Digital Due Process was founded in 2010 by none other than Jerry Berman; it brings together all the big names in Silicon Valley—Google, Apple, Facebook—with all the big civil libertarian groups like the ACLU, EFF, CDT and so on: funders and funded, all working selflessly on our behalf to protect us, or so they tell us. And their lead man writing the badly flawed "amendment" law that's supposed to solve the problem: Sen. Patrick Leahy.

The same people and same civil libertarian groups that have failed us over and over are about to fail us all over again. Aren't we lucky to have them on our side?