Arbitrary and Outdated: Reforming the Stored Communications Act

Abstract

In 2018, the Supreme Court of the United States had the opportunity to revisit the Stored Communications Act and decide the question of whether the Act could be applied extraterritorially. Instead of answering the question directly, the Court left the question for Congress to decide. Congress took this opportunity and passed the CLOUD Act, legislation that acts more as a temporary fix instead of addressing the real issue: the Stored Communications Act no longer properly accommodates modern technology. This article begins with a reading of the Stored Communications Act, describing the limits of law enforcement’s ability to obtain a warrant, including the seemingly arbitrary decisions that Congress made with respect to certain kinds of data. The article then analyzes the issue that Congress addressed through the CLOUD Act and how the paradigm shifted for extraterritorial data before turning to a different example of where the Stored Communications Act falls short: distributed storage technology. The article provides a detailed examination of how this technology works and why it does not fit within the CLOUD Act paradigm. Finally, the article concludes that the Stored Communications Act cannot be fixed through patchwork legislation; instead, the entire Act needs to be reformed to accommodate current and emerging technology. The article recognizes that although there are two diametrically opposed approaches that Congress can take, a privacy-first approach is preferable and better supported both historically and when examining society’s utilization of the internet.