Privacy Legislation

Recently, I have received a number of emails in the form below.

I share these concerns and I am pleased to cosponsor the Electronic Privacy Act. I will also cosponsor the following related privacy bills:

  • the Free Speech Protection Act (sponsored by Senator Chandler and Representative Lewis);
  • the Act relative to Social Media Privacy Protection (sponsored by Senator Creem);
  • the Act to Regulate the Use of Automatic License Plate Reader Systems (sponsored by Senator Creem and Representative Hecht).

Finally, I am sponsoring an Act to Protect Job Applicants’ Identity and Privacy, which would protect social security numbers and driver license numbers in the job application process.

========================

I’m writing to ask you to sponsor the Electronic Privacy Act (“An Act to update privacy protections for personal electronic information,” filed by Sen. Spilka and Rep. Walz). This bill addresses a serious gap in Massachusetts privacy laws. It will require law enforcement officers to have a warrant in order to obtain our personal information from a phone or internet provider.

You and I–all of us, now–use cell phones, personal computers, and other electronic devices for everyday communication and internet access. Our phones and laptops record and store some of our most private thoughts, and map our movements, relationships, habits, interests and activities.

Unfortunately, laws that should protect our privacy have not kept pace with technology. Telephone and internet service providers keep records of our calls, texts and emails, who we communicate with, and where we go, when our phones and laptops are on. If law enforcement asks for this information, companies can–and do–simply give it to them, without a warrant and without telling us, their customers. Because of a huge gap in federal law, they’ll even turn over the contents of “stored” emails–unsent email in draft form or email that we’ve sent or received more than 180 days ago.

That’s not right. My private information–and yours–should stay private unless police have probable cause to believe we’re involved in criminal activity. The warrant requirement is good for public safety because it focuses law enforcement on actual crimes, and it protects the privacy of law abiding people like you and me.

We must renew protections for our fundamental freedoms. Now is the time to pass legislation with sensible, basic protections for our personal
electronic information. Please protect privacy rights and sign on to the Electronic Privacy Act today.

 

Senator Brownsberger:

Please sponsor three critical privacy bills:

1) The Electronic Privacy Act (SD1028, Sen. Spilka)

Would protect our personal electronic records held by phone and internet service providers–including emails and texts, documents stored online, GPS records, and data about our phone and internet use–from being accessed without a warrant.

2) The Social Media Privacy Act (HD2207, Rep. Gordon & SD315, Sen. Creem)

Would prohibit employers and educational institutions from demanding access to private social media accounts as a condition of employment or learning opportunities. Private communications deserve the same protections online and offline.

3) License Plate Privacy Act (HD1587, Rep. Hecht & SD342, Sen. Creem)

License Plate Readers (LPRs) scan thousands of license plates daily and LPR systems store information indefinitely about where and when you drive.
This legislation would protect innocent people from having their movements tracked.

Â

Published by Will Brownsberger

Will Brownsberger is State Senator from the Second Suffolk and Middlesex District.

7 replies on “Privacy Legislation”

  1. I’ve received a number of additional emails asking me to cosponsor the bills referenced above and also to cosponsor one further bill, identified below, which I will also cosponsor:

    THE DRONE PRIVACY ACT: regulating the use of unmanned aerial vehicles

    Sen. Hedlund & Rep. Garry – SD 1679; HD 2460

    The word “drone” conjures images of conflicts across the globe, but remote controlled aerial technology is increasingly of interest to local law enforcement too. While the FAA will regulate drones’ use of airspace, it is up to state lawmakers to ensure that this emerging technology is used responsibly in Massachusetts–without weapons, of course, and not for warrantless surveillance of residents.

  2. In the wake of the recent revelations about the activites of the NSA, concerns about privacy have been greatly hightened and I have received a number of emails in the form below.

    I agree that the legislature needs to take a close look at these issues and move forward to develop a package based on the bills discussed in this original topic above and on other bills that have more recently been brought to my attention related to administrative subpoenas — Senate 708 and House 1648.

    I was shocked and angered to learn last week that our federal government
    has been tracking the communications of every American — without
    suspicion, without warrants, and in secret.

    Under Section 215 of the Patriot Act, the NSA has been tracking every call
    of every Verizon Business Network Services customer — to whom they spoke,
    from where, and for how long — for seven years. In all likelihood, given
    the sweeping nature of the surveillance, Verizon is far from the only
    network subject to wholesale warrantless monitoring. What’s more, the
    government has tapped into the servers at Google, Yahoo, Facebook, Apple,
    Microsoft and other giant tech firms to suck up our emails and other
    private data in real time.

    Whatever the feds are doing, we can do better in Massachusetts. We can —
    and must — take action to prevent similar abuses by local law enforcement
    in our state.

    Our communications records are records of our entire lives — even without
    the so-called “contents” of our emails and phone calls. Just the basic
    facts about who we’re in touch with, when, and from where, reveal enormous
    amounts about our relationships, our interests, our actions, and our
    movements.

    Alarmingly, state law is ripe for abuse just like the Patriot Act. It
    doesn’t require probable cause search warrants for law enforcement to
    monitor phone and internet records from companies like Verizon, Google, or
    Facebook. And it allows prosecutors to get such records with a simple
    demand letter — no judicial oversight whatsoever. Surveillance by local
    law enforcement is particularly invasive, as these are police departments
    and prosecutors whose actions directly touch our lives.

    I urge you to make changes to bring long-standing privacy principles and
    practices governing search warrants into the 21st century. We must update
    our laws to keep pace with our technology.

    PLEASE PASS THESE BILLS:

    THE ELECTRONIC PRIVACY ACT – S.796 (Spilka); H.1684 (Walz): This bill
    would require police to get a warrant to access our personal electronic
    information — details of our phone use, contacts, location, and email and
    other communication — from the telecommunications companies we pay to
    provide our phone and internet services.

    It shouldn’t matter whether we store our “papers and effects” in a desk
    drawer or online. To get at them, police should have to show probable
    cause that they will yield evidence of a crime.

    LEGISLATION TO REIN IN “ADMINISTRATIVE SUBPOENAS”: In 2008, Massachusetts
    gave far-reaching new powers to prosecutors to obtain individuals’ cell
    phone and internet records by issuing demand letters called
    “administrative subpoenas.” Such letters are now issued secretly,
    extensively, and without any judicial oversight or accountability. No
    judge evaluates or approves them and they commonly impose gag requests on
    the companies they are directed to.

    – AN ACT RELATIVE TO LAW-ENFORCEMENT ACCESS TO COMMUNICATIONS RECORDS,
    S.708 (Creem) would restrict use of the administrative subpoena law to
    child sex abuse investigations, limit the type of subscriber information
    ISPs could turn over, and establish basic accountability mechanisms.

    – AN ACT TO PROTECT PRIVACY, H.1648 (Swan) would repeal the administrative
    subpoena statute.

    ***

    In the wake of the revelations of massive federal surveillance, we need to
    get our own house in order here in Massachusetts. We need to update state
    laws to respect important constitutional privacy principles and our rights
    to be free of unwarranted government surveillance.

    Please make this a priority for the current legislative session.
    Fundamental freedoms cannot wait.

  3. It is good to hear about your bill to protect job seekers’ social security and driver’s license numbers. While employers certainly need to research information relevant to a potential employee’s fit for a position, this has to be balanced with the right to privacy and the potential for identity theft whenever such information is stored in a database. Many times job seekers are told by recruiters that they must supply a social security or driver’s license number before they can even be considered. It is often difficult or impossible to know if the recruiter is legitimate or if the call or email is part of a scam. Employers’ needs can still be met if background checks are put off until later in the process, after a written offer (contingent on the results of the check) has been made.

    Having suitable legislation in place will make it easier for people to say no to such upfront requests. There will still be substantial pressure to go along with recruiter requests for identification information, no matter the legality. I hope your bill includes suitable provision to deter such behavior, whether the recruiter is a direct employee of the hiring company or a third party.

  4. I was a bit dismay by Will answer to Jim Braude regarding the NSA surveillance program: http://www.necn.com/07/08/13/Broadside-Will-Brownsberger-for-Mass-5th/landing_broadside.html?blockID=845939&feedID=11122

    But I realized I signed the letter he mentioned and did not really followed up putting more meat behind the concerns – so a few recent and short point of view bringing some perspectives:

    Going beyond the simplistic “I have nothing to hide:” http://www.theatlantic.com/politics/archive/2013/07/if-prism-is-good-policy-why-stop-with-terrorism/277531/

    Thoughts about the il/legal character of the NSA PRISM program: http://www.nytimes.com/2013/06/28/opinion/the-criminal-nsa.html?ref=opinion&_r=1&

    But mainly about a little discussed aspect of having such a repository of information with an unclear access control at a time when no big company nor government agency is immune to hacking and illegal access every month passing. Laurence Lessig in the first half (
    ~30 mn) of his interview with Bill Moyers (http://billmoyers.com/episode/full-show-big-brother%E2%80%99s-prying-eyes/) coined the candy jar aspect and the reality of a surveillance mainly outsourced to private companies and contractors.

    I can picture investigators making available to you confidential information of your opponent in a law suite, your prospective job inquiry available to your current employer … as easily as you can check the price your new neighbour paid its property.

    And also the dream for any foreign country with mean to plunge in this candy jar. I simply can not trust a digital repository designed for remote access to be only reachable by those intended… The proposition itself goes against all the hacking history.

  5. Will, thank you for your support for the ALPR bill (S1648)

    I have sent the following letter on this topic to the co-chairs of the Joint Committee on Transportation:

    I am writing in support of S1648, An Act to regulate the use of automatic license plate reader systems. I am a long-time Massachusetts resident, a professional engineer and scientist, and a citizen with a keen interest in issues that combine technical and social concerns.

    Relatively inexpensive automatic license plate readers (ALPRs) commonly available to law enforcement agencies can capture and record all license plates that come into view, either of a fixed camera or a camera mounted in a patrol car, along with timestamps identifying when and where a plate was scanned. Operators and owners of most vehicles about which information is obtained in this way will have violated no laws.

    ALPR records (“captured plate data” in the words of the Act) are typically entered into local databases (e.g. a database maintained by a municipality), and from there find their way into regional and national databases. In most cases, local agencies and governments lose practical control of the use and retention of ALPR records once their records are merged into larger databases. Therefore it seems reasonable that Massachusetts should set limits on the flow of ALPR records “upstream” from local to regional or national databases. It is not entirely clear to me that the current proposed text prevents all such transfers. I suggest that the wording of Section 2 (e) be expanded as follows:

    (e) Entities authorized to use ALPR systems under subsection (b) shall not sell, trade, exchange, or transfer captured plate data for any purpose.

    Likewise, if the records of local ALPR databases are openly accessible to external inquiries, it may be difficult for local governments to set meaningful limits on the purposes and legal grounds for external searches of their own databases. It would be wise for Massachusetts to ensure that limits and constraints they establish on the use of records in ALPR databases apply to external as well as local agencies and entities. I am pleased to see that the proposed Act establishes such limits.

  6. Rich, thanks your for speaking out on this and for your work on the issue. Hopefully we can make some progress on this. I’m as troubled by the private accumulation of ALPR data, which the Globe recently reported on, than I am by the police accumulation of this data.

Comments are closed.