FBI wants email privacy act to allow warrantless access to browsing histories

FBI

Fixing a “typo” in a law governing domestic surveillance is the top priority for the bureau this year, FBI Director James B. Comey has said.

A “typo?” Tech companies and privacy advocates are strenuously disagreeing with his characterization of the proposed amendment, which would give the FBI explicit authority to access a person’s internet browser history and other electronic data without a warrant in terrorism and spy cases.

At the FBI’s request, lawmakers have put forth legislation that would amend the Electronic Communications Privacy Act (ECPA), which Comey claims now lets some tech companies refuse to hand over data that, the government claims, Congress had intended for them to provide.

The proposed legislation would do away with the necessity to get a warrant for such data and would let the government get a national security letter (NSL) instead: a subpoena that doesn’t require a judge’s approval.

The Senate Intelligence Committee panel recently voted out an authorization bill with the NSL amendment, but it’s since crept back, reintroduced in an amendment to the ECPA floated last week by  Sen. John Cornyn (R-Texas).

Cornyn’s on-message with the FBI. As reported by The Washington Post, he referred to Comey’s “typo” in the law as a “scrivener’s error” that’s “needlessly hamstringing our counterintelligence and counterterrorism efforts.”

If the amendment passes, it would allow the FBI to access internet browsing records without a warrant in terrorism and spy cases. That doesn’t mean they’d get at the content of email: rather, with an NSL, the Feds could access a host of online information, including IP addresses, routing and transmission information, session data, and more.

The bureau told The Washington Post that there’s a limit to how specific the browsing history would be. For example, somebody could visit any part of the newspaper’s website, but law enforcement would only see that they’d visited washingtonpost.com.

Privacy advocates say that’s bunk.

A letter signed by the American Civil Liberties Union (ACLU), Amnesty International USA, the Computer & Communications Industry Association, the Electronic Frontier Foundation (EFF), Google, Facebook and Yahoo, among others, pointed out that a 2007 audit found that the FBI illegally used NSLs to collect information that wasn’t permitted by NSL statutes.

This history of abusing NSLs compounds the civil liberties and human rights concerns brought up by expanding the use of the subpoenas, the letter said.

As it is, even without email content, the Electronic Communication Transactional Records (ECTRs) the Feds are after would paint “an incredibly intimate picture of an individual’s life,” the letter signers said.

ECTRs could include a person’s browsing history, email metadata, location information, and the exact date and time a person signs in or out of a particular online account.

This information could reveal details about a person’s political affiliation, medical conditions, religion, substance abuse history, sexual orientation, and, in spite of the exclusion of cell tower information in the Cornyn amendment, even his or her movements throughout the day.

According to The Hill, Cornyn’s amendment was one of a few that delayed the Senate Judiciary Committee’s consideration of the Email Privacy Act last week.

That bill, which the House of Representatives unanimously passed in April, would require investigators to get a warrant before they can force technology companies to hand over customers’ email or other electronic communications, no matter how old.

The Senate committee’s slated to mark the bill up on Thursday.