Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...
Debates beginning in Congress over reauthorization of a surveillance data collection law may have implications for the corporate bottom line, privacy advisers told Bloomberg BNA March 2.
Section 702 of the Foreign Intelligence Surveillance Act (FISA) authorizes the National Security Agency to collect digital communications of foreign citizens outside the U.S. from internet service and other communications providers. It is set to expire Dec. 31 but will likely be renewed. For U.S. communications companies, how much customer information they are compelled to surrender to the government may affect whether consumers are willing to keep using their services. Maintaining limits on the law is also important to sustaining European Union trust in cross border data transfers.
Under Section 702, the U.S. government can examine the email, internet activity and phone calls of foreign citizens believed to be outside the U.S. Warrants aren’t required—even if the communications of U.S. citizens are involved in the targeted communication.
Internet communications services, such as Apple Inc. and Alphabet Inc.’s Google, are subject to Section 702 requests. The consumer-facing giants are the largest technology companies in the world, with $718.7 billion and $576.2 billion market capitalization, respectively, Bloomberg data show.
Companies need to closely watch the Section 702 debate, Edward R. McNicholas, privacy and data security partner at Sidley Austin LLP in Washington, told Bloomberg BNA March 2. If Congress or President Donald Trump seek to alter changes to FISA that banned bulk collection of communications of U.S. citizens, “companies that depend on the frictionless global flow of data may pay a heavy price,” he said. McNicholas, who is the co-leader of Sidley’s privacy, data security and information law practice, said his comments weren’t directed toward any specific company.
In the first of what may be many hearings on the matter, the House Judiciary Committee heard from private- and public-sector stakeholders at a March 1 hearing that followed a classified closed session with national intelligence officials. The witnesses were supportive of reauthorization of Section 702, but some sought increased transparency regarding requests for communications data and warned against misuse of the law to target U.S. citizens’ communications.
The White House didn’t immediately respond to Bloomberg BNA email requests for comment.
FISA reauthorization without expansion is also important for the EU-U.S. Privacy Shield cross-border data transfer program, McNicholas said. The Trump administration and Congress should avoid enacting “measures that ignore the civil liberties of persons outside the U.S.” if it doesn’t want to “endanger the Privacy Shield and other related agreements,” he said.
The Privacy Shield allows U.S. companies that self-certify with the U.S. Department of Commerce their compliance with EU-approved privacy and security principles to legally transfer personal data from the EU to the U.S. It provides critical support for the more than $260 billion in trade in services between the U.S. and EU, Commerce has estimated. Over 1,000 U.S. companies and tens of thousands of EU companies rely on the Privacy Shield to transmit data to the U.S.
The Privacy Shield replaced the Safe Harbor framework, which was invalidated, in part, due to fears that it was inadequate to protect EU personal data sent to the U.S. from widespread government access.
Bijan Madhani, senior policy counsel at open access advocacy group Computer & Communications Industry Association in Washington, told Bloomberg BNA March 2 that the Privacy Shield review slated for this summer will likely be unaffected by FISA reauthorization developments. The review should be “limited to the four corners” of the agreement as the European Commission, the EU’s executive arm, assesses whether the program adequately protects EU citizens’ privacy interests.
But not everyone thinks FISA Section 702 won’t harm the Privacy Shield. Alan Butler, senior counsel at advocacy group Electronic Privacy Information Center (EPIC) in Washington, told Bloomberg BNA that reauthorization may “very well be the basis of invalidation of the Privacy Shield agreement.” Section 702 was the basis for invalidating the Safe Harbor agreement and could very well be the reason why the Privacy Shield runs into problems, he said.
The system isn’t perfect, but uprooting the NSA’s intelligence programs isn’t in companies’ best interests, at least with respect to national security, Madhani said. “As long the program is deemed constitutional and there are sufficient oversight protections,” then the private sector would support the surveillance programs, he said.
However, private sector support should be met with an open mind on surveillance reform, Madhani said. The biggest area for reform would be the “backdoor search loophole,” which allows “incidentally collection information” on U.S. citizens to be searched “on the back end by government agencies” even for non-national security interests, he said. U.S. companies would like for the government to limit the scope of requests and to protect consumer privacy interests, Madhani said.
Butler agreed that the backdoor search loophole is concerning to U.S. privacy interests. Without reform, the U.S. is able to target individuals with only “minimal restrictions,” he said.
To contact the reporter on this story: Daniel R. Stoller in Washington at dStoller@bna.com
To contact the editor responsible for this story: Donald Aplin at firstname.lastname@example.org
Further information on the House Judiciary Committee hearing is available at https://judiciary.house.gov/hearing/section-702-fisa-amendments-act/.
Copyright © 2017 The Bureau of National Affairs, Inc. All Rights Reserved.
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to email@example.com.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to firstname.lastname@example.org.
Put me on standing order
Notify me when new releases are available (no standing order will be created)