WASHINGTON — Less than four months after it convened, the 115th Congress has taken action to both strengthen and weaken Americans' online privacy, sending mixed signals as lawmakers prepare to decide whether federal agents can seize your smartphone at the border or read your personal emails when they're supposed to be spying on foreign terrorists.
"There are opportunities to really improve Americans' privacy in this Congress, especially around reforms to (government) surveillance," said Chris Calabrese, vice president for policy at the Center for Democracy and Technology. "But opportunities can also turn into threats."
Privacy advocates see reasons for both hope and fear in what Congress has done so far.
In February, the House voted unanimously to approve the Email Privacy Act, which would bar federal agents from reading Americans' old emails without a search warrant. The bill, which still must be passed by the Senate, overturns a 30-year-old law known as the Electronic Communications Privacy Act that allows agents to read email at will if it is at least six months old.
However, just a month later, the House and Senate narrowly overturned an Obama administration rule that would have barred Internet service providers from selling their customers' personal data — including email contents, financial information and browsing histories — without their permission.
The stakes for online privacy will be even higher as Congress debates whether to renew a sweeping anti-terrorism law that allows U.S. intelligence agencies to spy on the electronic communications of foreigners living outside the United States but also results in the collection of a huge amount of email, texts and other personal data from Americans.
That law, Section 702 of the Foreign Intelligence Surveillance Act Amendments of 2008, has been credited with foiling terrorist plots — including schemes to bomb the New York City subway system and the New York Stock Exchange. But critics say it also gathers an unknown amount of electronic data from Americans. The FBI is then free to search that data without having to get a warrant as would normally be required under the Fourth Amendment of the U.S. Constitution.
The law is set to expire at the end of this year unless Congress acts to renew it. Privacy advocates are pushing Congress to at least rewrite the law to limit federal agents' power to collect data on Americans or to use that data against citizens in criminal cases with no ties to terrorism.
"We think the program is unconstitutional, and we think it should end," said Lee Tien, a senior staff attorney and Internet rights advocate at the Electronic Frontier Foundation. "Obviously, that's politically unlikely. We do think there is a significant possibility of reform."
One of the reasons that privacy advocates are hopeful is that there is bipartisan concern about government surveillance, said Neema Singh Guliani, a legislative counsel with the American Civil Liberties Union. Liberal Democrats and libertarian-leaning Republicans often join forces on legislation to protect privacy, she said.
"There is an opportunity for privacy and surveillance bills to avoid the partisan gridlock that has plagued a lot of other issues," Guliani said.
Case in point: Sens. Ron Wyden, D-Ore., and Rand Paul, R-Ky., joined this month with Reps. Jared Polis, D-Col., and Blake Farenthold, R-Texas, to introduce a bill to protect Americans from indiscriminate searches of their cellphones, laptops and other electronic devices when they cross the border back into the U.S. after visiting Mexico or Canada or fly back into a U.S. airport after a trip abroad.
The legislation requires federal law enforcement agents to get a warrant before they can search an American's electronic device. It also prohibits government officials from delaying or denying citizens' re-entry into the U.S. if they refuse to hand over their passwords, PINs, or social media account information, as Americans are increasingly being asked to do. The bill allows for "emergency exceptions" if federal agents think there is an imminent threat.
Wyden has written to Homeland Security Secretary John Kelly asking him to explain what legal authority Customs and Border Protection agents have to demand that an American citizen or legal U.S. resident disclose their passwords or PINs as a condition of entry into the U.S.
"Americans’ constitutional rights shouldn’t disappear at the border," Wyden said. "This bill makes sure that border agents are focused on criminals and terrorists instead of wasting their time thumbing through innocent Americans’ personal photos and other data."
Wyden and House Oversight Chairman Rep. Jason Chaffetz, R-Utah, also have introduced the GPS Act to rein in the ability of government agencies to use electronic tracking devices known as "stingrays" to monitor someone's location through their cellphones or fitness bracelets. Police use the devices to keep track of suspected criminals but sweep up data from scores of innocent people in the process.
"Congress has an obligation to act quickly to protect Americans from violations of their privacy made possible by emerging technologies," said Chaffetz, who also held a recent hearing on the FBI's widespread use of facial recognition technology.
Nearly 80% of the faces in the FBI's facial recognition network are of people who have never been convicted of a crime, Chaffetz said.
"Privacy is going to continue to be a big issue for people," Tien said. "There is a lot of uncertainty about what's happening to our data. Does that lead to change from Congress? We'll see."
© 2017 USA TODAY