The House passed the Email Privacy Act in a voice vote yesterday, effectively sending the bill to the Senate for consideration. The law would require law enforcement to obtain a search warrant before requesting access to old emails and digital communications stored on tech companies' remote servers.
This isn’t the first time the House has passed the Email Privacy Act. In fact, the bill made it through the House less than a year ago, only to fail in the Senate. At the time, senators attempted to tack on additional controversial surveillance amendments to the bill, which led it to expire. Alabama senator Jeff Sessions (currently awaiting confirmation as the next US attorney general) wanted law enforcement to be able to demand data from tech companies without a warrant in “emergency cases.” Now, however, with Sessions possibly moving to the Justice Department and with the support of privacy advocacy groups, the bill is being reintroduced with the hope that it’ll gain bipartisan support.
The legislation would overhaul a decades-old requirement from the Electronic Communications Privacy Act, which passed in 1986. Under that law, agencies only need a subpoena to request access to emails and other digital communications that are at least 180 days old and stored on remote servers. A subpoena requires far less legal scrutiny than a warrant, which is still necessary for many other requests.
Multiple tech companies support the Email Privacy Act. Google has testified before Congress four times since 2010 in support of the legislation while other companies, like Microsoft, have also argued against ECPA, which they say is often used to prevent companies from notifying users of law enforcement requests. A Trump administration might be the push the legislation needs to make it through Congress and into law.