The record this week for privacy online: one win, one potential loss, and a hazy tie. In a remarkably busy week for online regulation, important legal and international negotiation developments emerged, and one trend is clear: internet companies are going to be playing an increasing large role in the law enforcement of citizens.
WIN: In a potential broader win for privacy advocates and for those internet companies that do not want to be in the business of policing their customers, Yahoo prevailed against Department of Justice demands to obtain e-mails without first gaining a search warrant as the government agreed to back down and not continue the case in federal court. As the Electronic Frontier Foundation has opined, the government’s decision to back down rather than see the case through has postponed an important decision on the legal protections afforded consumer data. Still, the ability of a diverse set of internet companies and data privacy advocates to force the government to back down was an important development.
POTENTIAL LOSS: Today, the draft Anti-Counterfeiting Trade Agreement (ACTA) was released to the public, largely to help squelch rumors regarding its content. Technology companies are afraid that certain provisions may hold them accountable for the copyright violations of their users. The concerns are largely over “hazy” language that could be interpreted broadly to include “secondary liability” so it’s a bit too early to tell if this is a real loss. However, the Motion Picture Association of America is thrilled with the draft, and that alone is reason to be suspicious that the agreement is overly draconian and stifling of creativity. Likely in response to the increasing number of request from foreign governments to remove content from their services (presumably for both copyright infringement and other reasons such as indecency) Google this week released a great tool to track the number of takedown requests orginating from countries around the world. (Biggest surprise? Brazil is #1)
TIE: Wired magazine this weekend reported on the fascinating story of the spammer busted with the help of the incriminating files he stored as Google Docs. I personally was especially interested because the culprit is the guy behind Acai Pure, the number one spammer of this site and I am thrilled to see that nuisance eliminated. Along that line, I’m happy that the FBI’s job was made easier by the ability to pull down the files (such as his 8,000 email addresses used for spamming and the 3M addresses that he managed to spam in 5 hours) directly from the cloud without even the hassle of confiscating his hard drive – the first case of cloud data being used directly in a criminal investigation. It’s also positive that the government opted to get a full search warrant to retrieve this data. However, this extra step by the government was actually unnecessary and in future cases, they could choose not to pursue a warrant should that be too difficult. As Wired reports: “the 1986 Stored Communications Act allows the government to access a customer’s data whenever there are “reasonable grounds” to believe the information would be relevant in a criminal investigation — a much lower legal standard than the “probable cause” required for a search warrant.” More troubling, while I have no sympathy for spammers, the accused in this case was never notified that his documents were pulled without his consent. Even if the government has a right to see the files thanks to the warrant, doesn’t he as a citizen have the right to know that his own data was shared?
In all these cases, internet companies are being asked to step beyond their core role of providing services to customers and into the role of helping the government to monitor these customers. Technology companies do have a responsibility to consider when the services they provide become platforms for illegal activity, but when internet companies become cops by proxy, it is privacy and innovation that will suffer.