Today, TechFreedom joined with a coalition of civil society groups in calling on Congress to refrain from mandating that any company retain user data for any length of time.

The letter states:

“Indiscriminate data retention mandates intrude upon privacy, chill freedom of expression and association, needlessly expose users to risks of data theft or misuse, and significantly increase operating costs for small and large businesses.”

Such retention mandates constitute a clear violation of basic privacy rights, while failing to offer any meaningful contribution to security. Bulk surveillance has not been proven to prevent terrorist attacks or assist in solving crimes.

Not only do data retention mandates fail to make Americans safer, they may make them more vulnerable. Major data breaches have become a growing problem for many large companies, and forcing them to hoard customer information will only compound the damage done by such breaches.

Instead, the letter urges Congress to look for guidance from the International Principles on the Application of Human Rights Law to Communications Surveillance. According to the International Principles, privacy can only be interfered with when such action is supported by legal authority, triggered by necessity and tailored to a specific, legitimate aim.