New Transparency Report for the first half of 2017

By: Craig Silliman
Justice is blind statue

Verizon is pleased to release our Transparency Report for the first half of 2017. As in the past, this report describes the different types of demands we receive and the types of data that we disclose in response to those demands.

This is our eighth transparency report. The number of demands that we have received each year has been fairly stable since we made our first report over four years ago.

This is an interesting time for those who follow the types of issues addressed in our – indeed, the whole industry’s – transparency reports. Late last month, two important bills (described below) were introduced in the Senate. And, today, Verizon is joining with about a dozen leading companies to file an amicus, or “friend of the court,” brief to the Supreme Court in an important case about how law enforcement can obtain location information from providers.

The Electronic Communications Privacy Act (ECPA) is a law that controls government access to electronic communications records, but it was passed 31 years ago, just a couple of years after the first cell phones were invented and well before the Internet era. As a result, the law doesn’t reflect today’s technological reality. The ECPA Modernization Act of 2017 seeks to update the law. There are no easy answers when balancing law enforcement and privacy, and this bill makes a number of compromises, but we support the bill because technology has outpaced the stale laws on the books and a modern law is needed. Most importantly, this bill would confirm that law enforcement needs to use a probable cause warrant – as opposed to a subpoena or order, which require lessor showings of proof – to obtain customer content, such as emails or text messages, stored by a provider. Earlier this year, the House passed the Email Privacy Act to revamp ECPA; that bill also requires law enforcement to use a warrant to obtain stored content from a provider. The House and Senate bills are not the same and will need to be reconciled, but we need a current law for today’s technology and we urge Congress to pass an ECPA bill this year.

The other recently introduced bill in the Senate – referred to as ICPA (the International Communications Privacy Act) – aims to tackle the enormously complex issues when governments seek to obtain data stored in another country. Importantly, like the ECPA bills, this bill emphasizes that the U.S. government cannot obtain a customer’s stored communications or content without a warrant. In addition, the bill reasonably addresses our concerns about respecting both international law and the privacy needs of our customers outside the U.S. Although Verizon has not received a U.S. warrant for data stored overseas by our enterprise customers, Verizon has long taken the view that the U.S. government cannot unilaterally require a U.S. company to produce data entrusted to it by a non-U.S. customer for storage in one of its data centers outside the U.S. The ICPA bill takes a balanced approach: when the U.S. government seeks the communications of a person in a qualifying foreign country, the U.S. government would be required to provide notice to that country’s government to afford it an opportunity to object, thereby fairly respecting the sovereignty of that country, the privacy of its citizens and, at the same time, the needs of law enforcement. Thus, we urge Congress to pass this ICPA bill, or a similar one, this year.

Finally, this term, the Supreme Court will decide one of the most important Fourth Amendment cases in recent memory (I’ve been following the issue for some time and blogged about it last year). We are joining a brief with other leading technology companies to assist the Court as it determines whether a customer has a reasonable expectation of privacy in the cell site location information she conveys to her cellular provider and, in turn, whether law enforcement must obtain such data with a warrant based on the probable cause standard or if an order issued pursuant to a lesser showing is sufficient. Although the specific issue presented to the Court is about location information, the case presents a broader issue about a customer’s reasonable expectation of privacy for other types of sensitive data she shares with any third party. This key issue rests at the intersection between privacy (our desire to be free from government intrusion) and security (our need for law enforcement to investigate crime).

This case also will necessarily examine the tension between the past and the future: one important question presented by the case is how to apply a forty year-old rule from the 1970s to the technology of today and the future. Indeed, in my prior blog about the issue, I pointed out that since the beginning of this decade our networks have grown significantly and consumers are using their devices far more, resulting in the network collecting more voluminous and more precise information about the location of our customers’ phones.

During the same time, the other companies that we joined on this brief are also collecting a growing amount of more sensitive customer information. As the brief explains, to use their widely popular services, their customers entrust them with some of their most intimate information, including with whom they communicate, what they search, location information that is often more precise than cell site information, and the habits of their daily lives.

The brief suggests that the Fourth Amendment must recognize consumers’ changing expectations of privacy in the data they provide to a third-party – whether that data is location information conveyed to a wireless carrier or other sensitive information that customers share with our peers in this brief. Our hope is that when it decides this case, the Court will help us better apply old Fourth Amendment doctrines to an evolving digital era.

All three of these issues – ECPA, ICPA and the Supreme Court’s location information case -- are important issues and we will continue to stay involved. As evidenced by the ongoing public debate, there is a delicate balance between privacy on one hand and law enforcement and national security on the other. We hope that our latest Transparency Report, and this blog, can continue to add to the public discussion about the proper balance between privacy and security. 

View the Verizon Transparency Report

For related media inquiries, please contact story.inquiry@one.verizon.com

About the author(s): 

Craig Silliman is executive vice president, public policy and general counsel at Verizon.