Privacy Issues and Legislation

Cybersecurity and Information Sharing (CISA/CISPA)

Electronic Communications Privacy Act (ECPA)


Cybersecurity Act of 2015 / Cybersecurity Information Sharing Act (CISA)

ALA supports in principle effective communication between the private sector and law enforcement in the interest of cybersecurity. However, ALA and scores of other companies, security experts and civil liberties organizations strongly oppose the Cybersecurity Act of 2015 (formerly CISA, S.754), and take strong issue with the claim that the bill will significantly enhance cybersecurity. With adoption of the FY 2016 omnibus spending bill (H.R.2029; P.L. 114-113) by both chambers of Congress, and the President’s signature, on December 18, 2015, the Cybersecurity Act of 2015 became law notwithstanding strenuous public efforts by Past President Sari Feldman, ALA’s Washington Office and our many coalition partners in the private and public sectors to yet again derail action on the measure.  

Prior to the bill's passage, Past President Sari Feldman issued the following statement:
“Librarians are again proud to stand with groups from every part of the political spectrum to expose and oppose the latest legislative attempt to advance a new mass surveillance law. Shoehorning a new version of ‘CISA’ hostile to personal privacy into a massive omnibus spending bill is troubling as a matter of substance and process. ALA calls on all Members of Congress to reject this latest assault on privacy and democracy.”
As negotiated in the back room and stealthily included in the omnibus, the bill would effectively create significant new mass surveillance capabilities for the NSA, FBI and many other agencies and levels of government while weakening government watchdogs charged with protecting Americans' personal information and privacy."
  • H.R.2029: Consolidated Appropriations Act, 2016 (12/18/2015: Became Public Law No.114-113)
  • S.754: Cybersecurity Information Sharing Act of 2015 (10/27/2015: Passed Senate)
  • See also: CISA on District Dispatch

Electronic Communications Privacy Act (ECPA)

ALA strongly supports legislation pending in the House (H.R.699) and Senate (S.356), both cosponsored by unusually large numbers of Members, that finally would bring ECPA into the internet age by clearly requiring authorities to obtain a judicial warrant to compel access to Americans’ electronic communications of any kind immediately upon their creation.  Currently, and anachronistically, no such warrant is now required for access to emails, texts, cloud-stored documents or data, tweets and other key elements of our digital lives after such communications are more than six months old. 

  • S.356: Electronic Communications Privacy Act Amendments Act of 2015 (Introduced 02/04/2015)
  • H.R.699: Email Privacy Act (Introduced 02/04/2015)

FISA “Back Door” Search Preclusion

ALA is committed, at the first possible legislative opportunity, to reforming  Section 702 of the Foreign Intelligence Surveillance Act (and any other applicable legal authorities) to preclude the warrantless “back door” search of US citizens’ phone and internet communications facilitated by the targeting of non-US citizens domestically or abroad, and to meaningful and regular disclosure of the true scope of the government’s reliance on this practice after such a warrant requirement becomes law.  Previously, ALA strongly supported the successful “Massie-Lofgren Amendment” to H.R. 2685, which – had it not later been stripped from that legislation – would have precluded the NSA from using appropriated funds either to conduct Section 702 “backdoor” searches, or to work toward engineering “trapdoors” into digital standards, networks or products to circumvent or defeat encryption protocols.

National Security Letter Controls

ALA, together with its many coalition partners, will continue to fight to require a judicial warrant, based on probable cause, for the issuance of “national security letters” requiring the disclosure to authorities of any person’s private information, (including particularly library borrowing and internet usage records) and for the imposition of any associated “gag” orders.