Congress Urged to Update ECPA with Email Privacy Protection

Email Privacy Law

A coalition of groups covering a wide swath of interests and political affiliations is banding together to call on Congress to address email privacy law.

A coalition of digital rights groups and electronic privacy advocates are urging both houses of Congress to consider updating the Electronic Privacy Act of 1986 (ECPA), which they claim is an archaic law exploited by the government to obtain the contents of emails without first obtaining a probable cause warrant.

The coalition penned a pair of letters, one for each body of Congress, endorsing a pair of bills, the ECPA Amendments Act of 2013 in the Senate, and the Email Privacy Act in the House of Representatives. The bills are sponsored by a bipartisan array of lawmakers including Sens. Patrick Leahy, D-Verm., and Mike Lee, R-Utah, and Reps. Kevin Yoder, R-Kans., Tom Graves, R-Georg., and Jared Polis, D-Colo. The bills are said to be widely supported, with the House version having more than 260 co-sponsors and the Senate version already ready for a final vote.

The letters are cosigned by a number of parties, including the Electronic Frontier Foundation, The American Civil Liberties Union, and the Center for Democracy and Technology to name a few but there are some strange bedfellows in there as well such as Freedomworks, Less Government, the U.S. Chamber of Commerce and American’s for Tax Reform. The majority of signatories are tech firms; in all, the letters contain 76 cosigners.

Both letters pound essentially the same point, that the update “would eliminate outdated discrepancies between the legal process for government access to data stored locally in one’s home or office and the process for the same data stored with third parties in the Internet ‘cloud.'” Such updates are increasingly necessary as the distinction between cloud and local storage becomes less clear. Both types of storage, the signers claim, should receive equal protection.

This push is part of a broader effort under the Due Proccess Coalition.

“The Electronic Communications Privacy Act (ECPA) was a forward-looking statute when enacted in 1986,” the Due Process Coalition claims. “It specified standards for law enforcement access to electronic communications and associated data, affording important privacy protections to subscribers of emerging wireless and Internet technologies. Technology has advanced dramatically since 1986, and ECPA has been outpaced. The statute has not undergone a significant revision since it was enacted in 1986 – eons ago in Internet time.”

“Privacy advocates, trade associations, think tanks, legal scholars, start-ups, and major Internet and communications companies have developed consensus around the notion of a core set of principles intended to simplify, clarify, and unify the ECPA standards; provide clearer privacy protections for subscribers taking into account changes in technology and usage patterns; and preserve the legal tools necessary for government agencies to enforce the laws and protect the public.”

You can find links to each letter and each version of the bill within a blog post announcing the letters on the site of the EFF.

Suggested articles

Discussion

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.