New Microsoft President Brad Smith calls for Privacy Act reform

Microsoft President and Chief Legal Officer Brad Smith has only had his new title a few days, but he’s already making waves. In a Microsoft Blog post this morning, Smith opined on the importance of privacy in technology and the need for significant reform. However, his position is likely a little narrower than many Windows 10 users might like to see.
Specifically, Smith speaks to the inadequacy of the Electronic Communications Privacy Act (ECPA), which was passed in 1986 and which he considers archaic and completely behind the times.

The principal law that protects the online privacy rights of Americans today was passed in 1986. In technological terms, it was a bit like the Stone Age.
I remember, because by coincidence I was a young lawyer moving to Washington that fall. People still remind me that I was a bit of a trailblazer at the time by insisting that I have a PC on my desk at a law firm. Yet what’s most striking is that any activity online at that time required connecting to a modem to access a service such as CompuServe. Viewed in hindsight, it was pretty primitive. So much so that it never even occurred to me to ask the law firm for a PC and a modem.

Certainly, anyone who uses the Internet today–which of course includes a few billion people–would agree that privacy is a serious issue. Setting aside illegal hacks like the Ashley Madison fiasco, concerns abound regarding how companies legally utilize the scads of personal information shared inadvertently and deliberately on the Internet.
However, Smith is speaking here specifically about email protection, not coincidentally because Microsoft is embroiled in a legal battle with the U.S. government over access to emails stored outside the country. He cites a 2014 survey in which a sample of U.S. voters overwhelmingly supported the application of the same protections afforded paper documents to their digital equivalents.

The country has figured this out. A survey of U.S. voters we conducted last summer found that 86 percent believe in the same protections for digital information as information on paper. Similar sentiment in other countries has led to a series of new laws across Europe, Asia and South America while Americans continue to receive weaker protections as technology advances. Many of these updates center on laws to protect email, which has increasingly become our system for storing legal documents, remembering the milestones in the lives of our friends and family, and communicating our deepest held views.

Simply put, Smith supports significant changes to current law that would severely restrict law enforcement’s access to information stored in cloud services that reside outside of U.S. borders. To that end, he’s pushing a recently introduced bill, the Law Enforcement Access to Data Abroad Act (LEADS), that would explicitly define how law enforcement agencies can gain access to such electronic information.
Smith’s blog post is tightly focused on an issue that’s near and dear to the company’s heart, and which has likely cost them significant dollars in legal fees. He says nothing about other privacy concerns, which have also surface for Microsoft since the introduction of Windows 10, but those are surely on his mind as well.
Hopefully, Smith will devote some time soon to answering questions about how Microsoft is using the various information gathered by Windows 10, and perhaps prompt some other companies–Google and Facebook, we’re looking at you–to do the same.