"The Government Can (Still) Read Most Of Your Emails Without A Warrant"
Senator Patrick Leahy (D-VT) and Senator Mike Lee (R-UT) introduced a bipartisan bill Tuesday to reform the Electronic Communications Privacy Act (ECPA) that would grant new privacy protections for email and other cloud stored data. Under current ECPA standards the government doesn’t need a warrant to access the content of emails that are more than 180 days old — instead all it requires is an administrative subpoena — although some companies including Google, Microsoft, Yahoo and Facebook have challenged that assertion on Fourth Amendment grounds.
Sen. Leahy, the author of the original 1986 law, commented on how much times have changed since then:
“No one could have imagined just how the Internet and mobile technologies would transform how we communicate and exchange information today[...] Privacy laws written in an analog era are no longer suited for privacy threats we face in a digital world. Three decades later, we must update this law to reflect new privacy concerns and new technological realities, so that our Federal privacy laws keep pace with American innovation and the changing mission of our law enforcement agencies.”
A similar proposal was introduced by Reps. Zoe Lofgren (D-San Jose), Ted Poe (R-TX) and Suzan DelBene (D-WA) earlier this month, and the House Judiciary committee heard testimony on reforming ECPA this morning. In written testimony submitted before that hearing by acting assistant attorney general and former White House lawyer Elana Tyrangiel, the Obama administration dropped its claim that police should be able to look at Americans’ email content without warrants for the first time, but promoted a number of other expanded government surveillance powers.
These expansions include giving federal agency’s civil attorneys warrantless access to American’s electronic communications and eliminating some of the privacy protections currently applying to company records in order to reveal who is sending or receiving email, Facebook, Twitter, and other similar types of messages.
When the ECPA legislation was first passed in 1986, most people couldn’t imagine that online data storage would approach the point where it was so inexpensive people would leave their data online, so it was assumed that email left in networked storage over 180 days could be considered abandoned — like garbage on the curb. But with the rise of cheap, or in many cases free, storage in the cloud the 180 days rule has essentially become a way for law enforcement to access most archived email without the same level of due process expected for personal communications. Civil liberties advocates advocated for ECPA reform for years due to these technological and social changes and came very close to succeeding last year when it was almost passed as an amendment to a video-sharing bill backed by Netflix, but the amendment was inexplicably dropped over the Christmas break.
Just earlier this week, the American Civil Liberties Union, Americans for Tax Reform, and Center for Democracy & Technology announced a new coalition called the Digital 4th that, along with other broader groups including the Digital Due Process coalition, will advocate for privacy-driven ECPA reform, among other Fourth Amendment based privacy protections for current generation tech.