Skip to Content

The U.K. Pleads with Congress to Change an Outdated Privacy Law to Help Fight Terrorism

Updating the Electronic Communications Privacy Act, which governs law enforcement access to data, would also help U.S. investigators.
Senators Lindsey Graham (left foreground) and Mike Lee (center) confer with staffers during a break in a meeting of the Senate Judiciary Committee.

As law enforcement officials scrambled this week to connect the dots after a deadly terrorist attack in Manchester, U.K., the country’s deputy national security advisor traveled to the United States to urge Congress to change a 30-year-old law he says routinely hinders criminal investigations.

Paddy McGuinness—the first sitting U.K. government official ever to testify in Congress—told members of the Senate Judiciary Committee on Wednesday that he came to Washington because Prime Minister Theresa May has “assured the British people that we will take every measure available to us to provide every additional resource we can to the police and security services as they work to protect the public” against future attacks.

McGuinness pleaded with Congress to make a “technical adjustment” to the Electronic Communications Privacy Act (ECPA), which among other things prohibits U.S. technology companies from disclosing stored communications to foreign governments. Instead, foreign law enforcement officials must request that data via the time-consuming Mutual Legal Assistance Treaty process, which can take months.

McGuinness said that since many criminals in the U.K. communicate using products and services made by U.S. companies, this “arbitrary” legal hurdle is causing crimes to go unsolved and criminals unpunished (see “Why Congress Can’t Seem to Fix This 30-Year-Old Law Governing Your Electronic Data”).

Changing ECPA would open the door for a bilateral law-enforcement data-sharing agreement between the U.S. and U.K, said McGuinness, appealing to the special relationship between the two countries. He assured lawmakers that such an agreement would not allow the U.K. to target U.S. citizens or anyone in the U.S.

American companies dominate the global marketplace for social media and cloud services, and a number of countries in addition to Britain are growing frustrated at their inability to access data during investigations.

Last year, Brazilian law enforcement arrested Facebook’s regional vice president after the company refused to turn over WhatsApp messages during a criminal investigation. Some countries are responding by passing laws that force companies to keep a copy of their citizens’ communications within their borders. If Congress doesn’t change ECPA, governments may also resort to surreptitious methods to access data, like hacking, Jennifer Daskal, a professor at American University Washington College of Law, warned the committee.

U.S. investigators could also benefit from revising the law. Last summer, a federal appeals court ruled that a search warrant issued under ECPA did not extend to data stored outside the U.S.—in that case, Ireland. New legislation could extend that warrant authority beyond U.S. borders. Congress “should resist the false promise of any simplistic or quick fix, however, argued Microsoft president and chief legal officer Brad Smith in his own testimony. “Our laws can no longer ignore the technological progress made over the past three decades,” and failure to enact a comprehensive new framework “will ultimately undermine U.S. interests,” Smith said.

Keep Reading

Most Popular

wet market selling fish
wet market selling fish

This scientist now believes covid started in Wuhan’s wet market. Here’s why.

How a veteran virologist found fresh evidence to back up the theory that covid jumped from animals to humans in a notorious Chinese market—rather than emerged from a lab leak.

light and shadow on floor
light and shadow on floor

How Facebook and Google fund global misinformation

The tech giants are paying millions of dollars to the operators of clickbait pages, bankrolling the deterioration of information ecosystems around the world.

masked travellers at Heathrow airport
masked travellers at Heathrow airport

We still don’t know enough about the omicron variant to panic

The variant has caused alarm and immediate border shutdowns—but we still don't know how it will respond to vaccines.

This new startup has built a record-breaking 256-qubit quantum computer

QuEra Computing, launched by physicists at Harvard and MIT, is trying a different quantum approach to tackle impossibly hard computational tasks.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.