The ECPA Modernization Act: reforming data privacy laws for the modern web
The Electronic Communications Privacy Act was passed in 1986 — long before smartphones and cloud computing would take off — but our private data continues to be governed by it. The proliferation of offsite storage has made it easy for law enforcement to access data without a warrant. Now, recent legislation aims to overhaul the ECPA, for better or for worse. Follow along here to see the latest updates on the ECPA Modernization Act.
FBI maintains it can access emails without a warrant, internal document reveals
The FBI still holds that it can access private emails without a warrant, according to a 2012 internal document released today by the American Civil Liberties Union. The practice has been in question since a 2010 federal court ruling found that Fourth Amendment rights extend to emails stored in the cloud. But while the ruling offers legal guidance on how to obtain digital communications during an investigation, it only applies to four states because of the court's jurisdiction.
Senate committee passes ECPA bill to increase email privacy, full floor vote next
A bipartisan Senate committee just voted unanimously to advance a privacy reform bill that would tighten the restrictions on how the government and law enforcement can access user email and other electronic messages in investigations. Called the ECPA Amendments Act, the bill would modify the 1986 Electronic Communications Privacy Act (ECPA) to require government and law enforcement agencies to get a warrant for all types of electronic communications regardless of whether or not they had been...
Internal Revenue Service denies searching email without a warrant
Internal IRS employee manuals and memos released by the American Civil Liberties Union last week suggested that the Internal Revenue Service may be reading private email without a warrant, but the tax agency today denied the claims in a Congressional hearing. As The Hill reports, IRS Commissioner Steven Miller told senators that the agency "is not taking that position," and that the IRS obtains a search warrant before requesting emails from an ISP in criminal investigations.
The ACLU's...
Justice Department changes stance, now supports search warrants to access user email
The US Justice Department says it's now willing to consider getting search warrants to access almost all types of user emails, a stark change from its previous arguments that it could use a less-strict subpoena for reading emails that users had already opened or that were older than 180 days. "We agree [...] that there is no principled basis to treat email less than 180 days old differently than email more than 180 days old," said Justice Department attorney Elana Tyrangiel in her testimony...
Google testifies to Congress calling for more email privacy, says current law 'fails'
Google's legal director Richard Salgado is due to testify before a committee at the House of Representatives this morning on reforming email privacy law to help both users and Google. In prepared remarks published on Google's Public Policy Blog today, Salgado says the 1986 Electronic Communications Privacy Act (ECPA) was good when it was enacted, but that times have changed and so much user content is now cloud-based that the law has created "inconsistent, confusing, and uncertain standards"...
Privacy bill would ban police from getting email and location data without a warrant
Privacy advocates in Congress have introduced another bi-partisan bill attempting to amend decades-old legislation that has allowed police and government to search private data without a warrant. The bill, called the Online Communications and Geolocation Privacy Act, looks to fix the severely outdated Electronic Communications Privacy Act of 1986 so that email and location data stored by third parties like Google or AT&T receive the same warrant protections as data stored on a personal...
Google begins offering vague estimates on secret FBI surveillance
Google's bi-annual Transparency Reports have sought to provide users with detailed information on how frequently governments request and gain access to their private data through search warrants and court subpoenas. But there's one highly secretive, often misused, and increasingly common method that members of law enforcement use to get data which has never been included in the reports: the National Security Letter, or NSL.
Senate Judiciary Committee approves bill requiring authorities to obtain warrants for email records
The US Senate Judiciary Committee today approved a bill that would require authorities to produce warrants illustrating probable cause before retrieving email records and other data stored on the web. Though the committee voted overwhelmingly in favor of the measure, which would amend the Electronic Communications Privacy Act, the changes face a rocky road to becoming law as they'll need to gain passage among the full Senate and House of Representatives. Sponsoring the bill is Senator Patrick...
Important federal privacy law set for Senate committee vote on Thursday
On Thursday, the Senate Judiciary Committee will vote on HR 2471: a bill that will update a 1986 law called the Electronic Communications Privacy Act (ECPA). The original law was written years before the World Wide Web became a real thing that millions of people around the world use, and its authors didn't anticipate the explosion of mobile technologies or consumer data giants like Google and Facebook. As our own Joshua Kopstein pointed out, the sole reference point for our government's...
Privacy bill reportedly rewritten to allow federal agencies to access your data without a warrant (updated)
CNET reports that an update to the Electronic Communications Privacy Act (ECPA) re-authorization bill would completley reverse the intended protections of the original bill by allowing more than 22 federal agencies, including law enforcement agencies and the FCC, to read email and access other electronic files without a search warrant. The original ECPA, passed in 1986, is the only source of current federal guidelines on data privacy in the US and is in need of an update — and the ECPA...
Policy & Law
It's time to reformat data privacy for the 21st century, but does Congress want the upgrade?
In 1986, years before the emergence of the World Wide Web, few people expected that the whole "internet" thing would take off. Nor did they anticipate the widespread use of cellphones, or that a good deal of our day-to-day activities would be mediated by monolithic info-vacuums like Google and Facebook, thus placing troves of our most sensitive information into private third party databanks.
And yet it was during this time that the Electronic Communications Privacy Act (ECPA), the sole...
