When people are at risk, law enforcement agencies can often move quickly to obtain certain information from online service providers. In the United States this can involve issuing Emergency Data Requests (EDRs) absent a court order.1
While the full extent of the threat remains unknown, of Verizon’s total 127,000 requests for data in Q2 of 2023, 36,000 were EDRs. And Kodex, a company that is often the intermediary between law enforcement and online providers, found that over the past year it had suspended 4,000 law enforcement users and approximately 30% of EDRs did not pass secondary verification. Taken together this may indicate a concerning cyber policy issue that may seriously endanger affected individuals.
These are just some of the broader policy and cybersecurity challenges that are key to keep in mind, both as new laws are passed and as new cybersecurity requirements are contemplated. It is imperative that lawful government capabilities are not transformed into significant and powerful tools for criminals and adversaries alike.
- There are similar kinds of provisions in the Canadian Criminal Code. ↩︎
Excited Pixels 