Microsoft has long supported reforming the Electronic Communications Privacy Act (ECPA) to better reflect the widespread use of new technologies in every aspect of life. To that end, we have joined with other companies, advocates and stakeholders in the Digital Due Process Coalition in the effort to codify what the courts have said and what is already in practice – require law enforcement to obtain a warrant before demanding access to the contents of customer communications stored in the cloud. We commend Senators Lee and Leahy and Congressmen Yoder and Polis for their recent introduction of ECPA reform bills.
As we’ve said before, people and organizations increasingly store personal information in the cloud – and rely on the free flow and exchange of information online – so protecting their privacy in the cloud is critical to enabling trust in technology and advancing the benefits of the Internet. Our goal is simple: the law should, at a minimum, ensure that data stored in the cloud receives the same legal protections as data stored in our homes or in our offices. The fact that we use new technological means to communicate or store that information should not diminish the legal protections afforded to it. Therefore, law enforcement should be required to get a warrant before demanding disclosure of emails or other documents stored in the cloud.
Microsoft already demands a warrant before it will disclose any customer data to law enforcement, and many others across the technology industry do the same. ECPA reform is a common-sense, long-overdue effort to solidify existing legal protections for our online privacy rights. We are taking a similar stand in our support for the LEADS Act – which seeks to modernize the same outdated law in other important ways.