THE WHITE HOUSE
Office of the Press Secretary
(Camp David, Maryland)
_______________________________________________________________
For Immediate Release July 18, 2000
As prepared for delivery
REMARKS BY THE PRESIDENT?S CHIEF OF STAFF JOHN D. PODESTA
ON ELECTRONIC PRIVACY TO NATIONAL PRESS CLUB
WASHINGTON, DC
July 17, 2000
White House aides have been known to write kiss and tell books. I?m
slightly embarrassed to say that the only book I?ve ever written was
Protecting Electronic Messaging, not exactly up there with All Too Human.
But today I want to return to some of the topics from that not-quite
best-selling book - particularly the issue of how to protect privacy and
civil liberties, while also protecting public safety in an electronic age.
To understand what these themes mean today, I need to give you a
little bit of history. More than a hundred and fifty years ago, not too
far from here, Samuel Morse sent the first telegraph message. With the
touch of a finger, he shattered barriers of time and space, opening up a
world of possibility that wasn?t even imagined just a few years before.
Morse?s invention set in motion a technological revolution that would
forever change the way man would communicate.
In the 21st Century, this great revolution in communication technology
continues. From small towns to big cities, the Internet is bringing
millions of people closer together, giving them new ways to find
information and to stay in touch. When it was invented thirty years ago,
there were just two computers exchanging very simple messages. Now there
are almost 50 million households online, all with the same access to a
remarkable reservoir of information from Shakespeare?s first sonnet to
medical research to the photos just taken of Mars.
The Internet, like Morse?s telegraph, brings with it new
possibilities. It also brings new challenges to our most fundamental
values and the need for new laws and new protections to maintain them.
Because we are so interconnected, more people now have easier access to our
most personal information -- from bank statements to our medical history.
International narcotics traffickers can communicate with each other via
computer messages. Hackers can destroy cyber-property by defacing
homepages and maliciously manipulating private information. That?s why we
have to make sure the Internet is used to the benefit of people not to
their detriment.
Over the last seven and a half years, our Administration has worked to
build a framework for trust and security in this new world of electronic
networks. We?ve taken action to ensure that what should be private stays
private, including the medical and financial records of our citizens. And
to combat cyber-terrorism, we?ve introduced new legislation, increased law
enforcement efforts, and coordinated public-private partnerships to build
security and trust in online activities.
This February, in his Cyber Security Summit, the President emphasized
the primary role and responsibility of the private sector in ensuring
computer and network security. As you know, most computers and networks
that we rely on every day are owned and operated by the private sector.
It?s only right that they, not the government -- take a leading role in
making security a standard part of the Internet.
The private sector is also taking a leading role in electronic
messages and commerce. Our Administration has already moved to liberalize
export controls on encryption, allowing more companies to export the
technology to more end users. And we?ve done so while maintaining a
framework necessary to protect our national security.
Today we are announcing significant new updates to our export
controls. Under our new policy, American companies can export any
encryption product to any end user in the European Union and eight other
trading partners. We?re also speeding up the time-to-market, by
eliminating the thirty-day waiting period when exporting encryption goods
to these countries.
While the private sector has a key role the government also needs to
protect its own systems from security risks, such as hacker attacks and
computer viruses. Our Administration has already taken action to ensure
that cyber security measures are included as part of all government
computer systems. But good security needs to be updated constantly and it
costs money. We?ve proposed $90 million to help detect computer attacks,
to conduct research on security technology, to hire and train more security
experts, and to create an internal expert review team for non-defense
agencies. Unfortunately, the Congress still refuses to appropriate one
dime to put these initiatives in place. It?s time they picked up the pace
and provided the protections that are essential to America?s cyber
security.
Implementing strong encryption is only one step in building a
framework of cyber-security and trust. We also need to keep our laws
consistent with the latest advances by updating our existing communications
privacy laws for the Internet age. At the heart of the issue is the Fourth
Amendment, which protects the right of the people to be secure in their
persons, houses, papers, and effects, against unreasonable searches and
seizures.
In 1787, a person?s most important papers and effects -- like diaries
and letters -- were almost undoubtedly in their home or place of business.
These papers were protected by the requirement of a warrant before the
state could enter and search. But over time, with advances in technology,
people no longer relied solely on paper and pen to communicate with one
another. By the turn of the 20th Century, people started using the
telephone for personal calls and business transactions. By the 1980s,
Americans began using e-mail. Looking ahead, even more of our papers and
effects, like word processing software and files, will be kept outside of
the home. These advances in technology have forced an ongoing debate in
Congress and in the Courts over the application of the Fourth Amendment.
This debate is not a new one. In the 1928 Olmstead case, the Supreme
Court found that warrantless wiretaps were not protected by Fourth
Amendment. Louis Brandeis in his fiery dissent in defense of privacy
rights argued that, there is, in essence, no difference between the sealed
letter and private telephone message. Wiretaps of phones, Brandeis argued,
invaded the privacy of people on both ends of the line -- the same privacy
the framers intended to protect with the Fourth Amendment.
Forty years later the Court embraced Brandeis and ruled in Katz vs.
the United States that an individual?s phone conversation was protected by
the Fourth Amendment. Later that year, Congress responded to the Court?s
decision by passing new legislation with strict standards for all wiretaps.
Title III of the 1968 Crime Control and Safe Streets Act required a
court order and high-level Justice Department approval for all phone
wiretaps. It only allowed wiretaps in the most serious crimes, such as
espionage, treason, and crimes of violence.
Title III remained relatively untouched until the 1980s, when cellular
telephone service, e-mail, and other computer-to-computer communication
began to put new demands on the 1968 law. By 1984, Title III simply did
not protect the conversations of the 7,000 Americans who were using
cellular phones, and the 400,000 who were logging onto electronic mail.
In response, under the leadership of Senator Leahy and Representative
Kastenmeier, Congress once again updated its laws to keep pace with
changing technology. ECPA, the Electronic Communications Privacy Act, put
in place many of the protections the courts had given to phone
conversations two decades earlier.
Today, ECPA like its predecessors has, in many ways, become outdated
by new advances in computer technology and electronic communication. Since
its passage in 1986, we?ve seen a communications revolution with the
explosion of the cell phone and the development and use of the World Wide
Web. Today there are more 95 million cell phone users, and more than 50
million households online in the United States. More than 1.4 billion
e-mails change hands each and every day. Computer users today send e-mail
from their home phone lines through Internet Service Providers, and they
download files and e-mails onto shared servers at work. A growing number of
Americans B 2.2 million today log on to the Internet and send e-mail
through cable modems -- a means of connection that wasn?t even considered
when ECPA was written.
ECPA was not devised to address many of the issues related to these
newer, faster means of electronic communication. It doesn?t extend the
stringent Title III protections to the capture of e-mail that you send to
your friends or business partners. It doesn?t include other important
protections for electronic communications like the scope of the crimes
covered ... the need for Justice Department approval, and a statutory
suppression rule for government violations.
What does all this mean? It means that data transmitted over networks
is not afforded the full privacy protection we give to traditional phone
calls.
Basically, the same communication, if sent different ways through a
phone call, or a dial-up modem -- is subject to different and inconsistent
privacy standards. Considering the extent to which our electronic
correspondence contains our most sensitive thoughts and information --
shouldn?t they count, as Louis Brandeis foreshadowed more than seventy
years ago, as the papers and effects mentioned in the Fourth Amendment?
It?s time to adopt legislative protections that map these important
privacy principles onto the latest technology. It?s time to update and
harmonize our existing laws to give all forms of technology the same
legislative protections as our telephone conversations. I would like to
discuss several legislative proposals that the Administration is forwarding
to the Hill today that would make this happen. Congress is already
considering proposals in this area, and I believe together we can work to
get them done this year.
First, current statutes set standards that only apply to wiretaps
traditional hardware devices not to software programs that can conduct the
same surveillance. Such telephone-era laws should be clearly updated to
apply to the Internet era where hardware and software can be
interchangeable. Our proposed legislation does that: It would amend
statutes using outmoded language and that are hardware-specific, so that
they are technologically neutral. In other words, the legislation would
apply equal standards to both hardware and software surveillance.
Second, we need to achieve parity in the way the laws apply to
different forms of communication. The current law sets stricter standards
for law enforcement access to wire communications such as telephone calls,
than for electronic communications such as e-mail. The market should play
the central role in picking technological winners and losers, not Congress
or the regulators.
Our proposed legislation would harmonize the legal standards that
apply to law enforcement?s access to e-mails, telephone calls, and cable
services. For more than 30 years, federal law under Title III has set a
tough, but workable standard for when law enforcement officers can listen
to the contents of phone calls. Today, the same legal protections should
apply equally to electronic communication.
At the same time, we propose to change the standards that apply to
cable services. Under the current Cable Act, even where there is clear
proof of serious crimes, law enforcement cannot gain access to subscriber
records, unless the customer can first contest the issue in court. With
our proposal, we would retain the underlying purpose of the Cable Act to
keep confidential the list of shows that a customer has watched. But, when
cable systems are used to access the Internet, we believe the rules should
be the tough, but sensible standard we also support for e-mails and
telephone calls.
Third, we need to seek a better balance amongst the sometimes
competing goals of the protection of public safety the achievement of
economic growth and digital opportunity and the preservation of privacy and
civil liberties. That?s a challenge that our forefathers grappled with when
they wrote the Constitution, and one that our government and courts have
struggled with ever since. Our aim should be to enhance law enforcement?s
ability to address unlawful conduct, but also to enhance privacy and civil
liberties on the Internet.
For example, we need to update current law governs when law
enforcement can track the identity of those with whom we communicate. Our
trap and trace rules come from the era of the traditional telephone
network, when one company offered nationwide phone service.
Today, we are proposing ways to make these "trap and trace" rules more
effective for law enforcement, while also assuring privacy and civil
liberties. We believe that a state or federal court should be able to
issue an order to trace a communication to its source irrespective of
whether that communication has been channeled through various telephone or
Internet providers. We also believe that there should be greater judicial
oversight of trap and trace authorities.
Federal law should make clear that such orders should only be issued
after a judicial officer has determined that the proper factual showing has
been made. These are steps that will protect our public safety while
preserving our civil liberties.
Fourth, and finally, in response to what we have learned about hacking
attacks, we must update the Computer Fraud and Abuse Act. The Act should
be strengthened to take account of the full range of damages caused by
computer attacks. Small attacks -- with under $5,000 damage -- should be
treated as a misdemeanor and not as a felony as proposed by some in
Congress. However, multiple small attacks should be treated as one large
attack and punished accordingly. And we should match punishments to the
crime, by eliminating mandatory jail time for less serious attacks.
Let me conclude by quoting Thomas Jefferson, who said, ?America?s
institutions must move forward hand-in-hand with the progress of the human
mind.? Today, the progress of the human mind is racing forward at an
extraordinary pace. Technological discoveries are opening up new worlds of
possibility -- but they are also challenging our privacy in ways we never
imagined. As in any era of great progress, we must work to ensure that our
democracy and our laws keep pace with our advances -- and that we protect
our privacy and civil liberties, and not just the law enforcement
mechanisms that we?ve instituted to preserve them.
Thank you.
# # #
President and First Lady | Vice President and Mrs. Gore
Record of Progress | The Briefing Room
Gateway to Government | Contacting the White House | White House for Kids
White House History | White House Tours | Help
Privacy Statement