Engaged Learning

Electronic Communications Privacy Explored in Law Review Symposium

University of Colorado Law School Professor Paul Ohm speaks at the symposium.

“This important symposium puts in sharp relief the wonders of the technological revolution and the challenges and threats it poses to our fundamental rights,” Dean Jeffrey Brand said in a written statement prepared for the event. “All one has to do is peruse the titles of the panels—‘Regulating the Cloud,’ ‘Mapping our Privacy,’ and ‘In the Name of Safety'—to understand the importance of the work upon which you embark today.”

The symposium began with a primer on electronic communications privacy by USF School of Law Professor Susan Freiwald, faculty advisor of the symposium, and University of Colorado Law School Professor Paul Ohm.

Freiwald and Ohm outlined legislation governing prospective or real-time electronic communications surveillance and the court cases that spurred this legislation.

The Wiretap Act, passed in 1968, regulates bugging of wire and telephone communications. Amended in 1986 with the Electronic Communications Privacy Act (ECPA), the act also covers electronic surveillance of computer networks and cell phones. The Pen Register/Trap-and-Trace Act covers non-content communication information such as phone numbers and information in the “To:” and “From:” fields of emails.

The Stored Communications Act, passed with the ECPA in 1986, regulates stored electronic communications services data relating to email, phones, instant messaging, text messages, and computer storage. Arguably not covered by the act are search engine queries, YouTube video selections, and Amazon, Ohm said.

Some symposium speakers noted the limitations of the ECPA in the rapidly evolving world of electronic communications that has seen significant transformations since the bill passed in 1986.

“It’s not just how do you comply with the law but how do you strike the correct balance with the civil liberties and freedoms of the people who want to use the internet and the very desperate need for law enforcement to make sure they can find and bring to justice people who commit crimes,” Ohm said.

Jim Dempsey, vice president for public policy at the Center for Democracy and Technology, delivers the keynote address.
Jim Dempsey delivers keynote address

Panels explored topics such as accessing and protecting content stored in the cloud and law enforcement needs for electronic communication data. Speakers included Google, Inc. Senior Counsel for Law Enforcement and Information Security Richard Salgado, U.S. Magistrate Judge for the Southern District of Texas Stephen Smith, Federal Bureau of Investigation General Counsel Andrew Weissman, and Stephanie Pell, an author consultant, and former federal prosecutor.

During a panel on the use and misuse of cell site location data, Freiwald said that the detail of information stored by cell phone providers is unclear.

“The question is how much information is collected by the service provider and what does that information reveal about where you are in physical space and the answer is that we don’t know,” Freiwald said. “If you make a call and information is generated just at the beginning of the call then that is one data point for the entire call but if information is generated every few seconds that you are on the call then that is going to give much more of a rich picture of where you are throughout the whole time you are on the call.”

The keynote address was delivered by Jim Dempsey, vice president for public policy at the Center for Democracy and Technology. He coordinates the Digital Due Process Coalition, which involves companies, advocacy groups, and think tanks in an effort to update the ECPA.