The Justice Department has issued new guidelines aimed at providing more transparency around prosecutors’ secret demands for customer data stored on tech firms’ servers. The guidance approved by Deputy Attorney General Rod Rosenstein ends the routine imposition of gag orders barring companies from telling customers their email or other records have been turned over in response to legal demands, the Washington Post reports. It also bans — in most cases — indefinite gag orders that forbid a company from ever telling users their data have been searched.
The move was made a year and a half after Microsoft sued the department, asking a federal judge in Seattle to strike down portions of a major privacy law that govern the secrecy orders. The tech giant argued that the Electronic Communications Privacy Act violated customers’ Fourth Amendment right that a search be reasonable because it did not require the government to notify them when their records were obtained. The company argued that the law’s gag-order provision violated the company’s First Amendment right to talk to its customers. The new guidance requires prosecutors to tailor applications for secrecy orders to ensure that they are necessary, and explain why. For instance, a prosecutor might fear that the target will destroy data if he or she learns of the probe. Or the target might try to flee. The assessment must be “individualized and meaningful.” The Post says the change “is a recognition that privacy laws passed in the 1980s have not kept up with the advent of cloud computing in which people, at the press of a button, create and store data in servers that they do not control.”