House Votes to Give Privacy Rights to Foreigners

The House unanimously passed legislation Tuesday that would let people in other countries sue the U.S. government for certain kinds of privacy violations.

The bill, the Judicial Redress Act, is an attempt to rebuild international trust in the wake of leaks by Edward Snowden that revealed the scope of U.S. surveillance operations.

“In recent years, several broad and highly publicized leaks of classified U.S. intelligence information have eroded the global public’s trust in the United States government and our technology sector. As a result, both the federal government and U.S. businesses that operate overseas are facing growing challenges from proposals to limit the international flow of data,” House Judiciary Committee Chairman Bob Goodlatte, a Virginia Republican, said in a speech on the House floor. “The Judicial Redress Act can go a long way toward restoring our allies’ faith in U.S. data privacy protection.”

The bill would extend protections under the Privacy Act of 1974 to citizens of European nations and other U.S. allies. That change would limit who could access information about non-Americans and would allow non-Americans to demand to review information that a U.S. agency collects about them. The non-Americans could also sue the U.S. government if it discloses their private information without their consent. But the law includes broad exceptions for national security and other purposes.

The Senate has yet to take up counterpart legislation.

As part of a preliminary agreement with the European Union on sharing law enforcement information, the Obama administration already promised that Congress would pass the Judicial Redress Act. Supporters argue that failing to pass the bill could sink that agreement and leave U.S. police officers without access to critical information in international cases.

“In many ways, the Judicial Redress Act is a privacy bill—it is backed and supported by many of our country’s top privacy advocates—but make no mistake, the bill is crucial to U.S. law enforcement,” Rep. Jim Sensenbrenner, a Wisconsin Republican who sponsored the bill, said on the House floor. “At the heart of the Judicial Redress Act is the pressing need for continued sharing of law enforcement data.”

Technology companies, who have seen declining business overseas due to suspicions that they collaborate with the NSA, have also been lobbying Congress to pass the bill. Earlier this month, Europe’s top court threw out a “safe harbor” agreement that allowed companies to freely store Europeans’ data on U.S. servers. The court held that, because of the NSA’s “mass and undifferentiated” surveillance, U.S. companies lack the adequate privacy protections required by EU law.

U.S. and EU negotiators are now trying to reach a new safe-harbor deal to avoid squelching trans-Atlantic digital business. The Judicial Redress Act doesn’t directly address the concerns of the EU court, but supporters argue that it is a helpful symbolic gesture.

“Now more than ever, passage of H.R. 1428 [the Judicial Redress Act] is crucial to restoring public trust in our government and the U.S. technology sector,” wrote Google, Facebook, Microsoft, the U.S. Chamber of Commerce, and other businesses in a letter to House leaders last week. “Restoring that trust is essential to continued cross-border data flows, which is vital for the continued competitiveness across all American industries.”

Privacy advocates celebrated Tuesday’s vote, although they also argued that Congress still needs to pass more significant legislation to limit U.S. surveillance of people overseas.

“You have to call it a victory for privacy,” said Drew Mitnick, a policy counsel for the privacy group Access Now. “But the Judicial Redress Act is just one step.”