Unless Congress updates privacy laws, media organizations will be reluctant to capitalize on cloud storage because of outdated rules that allow government access to that content in relatively short order and without a warrant.
That is according to a new paper by Kurt Wimmer, chair of the Privacy and Data Security practice of Covington & Burling. The paper was issued by The Media Institute Friday.
"Although there are substantial advantages for media companies in adopting cloud-based technologies," he writes, "there also are risks. Newsgathering operations routinely handle highly sensitive information, and they rely on a foundation of trust between reporters and their confidential sources. If a media organization concludes that entrusting its data with a cloud service provider will result in that data being less private or secure, then the organization is less likely to embrace cloud technologies."
Currently, the government can access stored data with only a subpoena after only six months, and with a warrant before that. Unlike a warrant, a subpoena does not require probably cause.
He says that dates from when email documents could be considered abandoned if not downloaded to local storage within six months. But that was 1986. Today, the cloud is routinely used for long-term storage of sensitive documents, he points out.
Wimmer says it is important to clarify how the government can obtain information from the cloud and calls for updating the Electronic Communications Privacy Act of 1986 along the lines of the LEADs Act, which would require a warrant before any communications in the cloud can be accessed.
Communications oversight committees in Congress are currently wrestling with how laws can keep pace with technology. There is bipartisan agreement both that that is a tall order and that communications laws need updating.