A group of bipartisan lawmakers reintroduced the Email Privacy Act, a bill that would require law enforcement to get a warrant before searching email, Facebook messages and files stored on cloud services no matter how old the archives.
The Email Privacy Act is an attempt to reform the decade-old Electronic Communications Privacy Act, which allows warrantless searches of email or other stored digital media that is more than 180 days old.
An identical version of the bill (H.R. 699) passed in a vote of 419-0 in April of 2016. But in June a version of that bill, called The ECPA Amendments Act, never made it to the Senate Judiciary Committee for a vote. That’s because co-sponsors withdrew the bill after it was weighed down with controversial amendments. One of those amendments would have expanded the types of data law enforcement could collect without a warrant via National Security Letters.
On Monday, Rep. Kevin Yoder (R-Kan.) and Rep. Jared Polis (D-Colo.) reintroduced the Email Privacy Act and said they hoped to close a loophole that allows the government to search any email older than 180 days. “After the unanimous passage of our bill last year, I see no reason why we can’t get this done right away,” Yoder said in a prepared statement. “More than 30 years has been long enough for Congress to wait on this. It’s simple, in 2017 if the federal government wants to access Americans’ digital content, it must get a warrant.”
The bill has received support from digital rights groups such as the Electronic Frontier Foundation and the Center for Democracy and Technology. The original bill also received support from a wide range of U.S. technology firms including Apple, Facebook, Google, Microsoft and Yahoo.
According to Yoder, this new version of the Email Privacy Act has identical language to the one that passed last year. He said the bill, however, does nothing to alter warrant requirements under the Wiretap Act and the Foreign Intelligence Surveillance Act.
“While we had hoped last year’s bill would go further—including requiring the government to notify individuals when it searches for their data, and requiring the government to obtain a warrant for geolocation information—the House vote was a historic win for privacy,” wrote Kate Tummarello, with the Electronic Frontier Foundation, regarding last year’s passage of the Email Privacy Act.
The reintroduction of the bill follows a tumultuous year of debate regarding government access to private digital communications among privacy advocates, businesses and consumers.
Last year, Microsoft filed a lawsuit against the U.S. government for the right to tell its customers when a federal agency is looking at their email. Recently tech firms and privacy advocates banded together to voice opposition to the passage of Rule 41 – a law that gives law enforcement the ability to hack millions of computers or smartphones at once with a single search warrant. Messaging apps such as WhatsApp and Viber have also stoked the debate adding end-to-end encryption to communications over their platforms.
The original Email Privacy Act did face Senate scrutiny from a handful of critics such as Sen. Charles Grassley (R-IA), the chairman of the Senate Judiciary Committee. In April of 2016 Sen. Grassley said, “Members of this committee on both sides of the aisle have expressed concerns about the details of this reform, and whether it’s balanced to reflect issues raised by law enforcement.”
As with the 2016 Email Privacy Act, the 2017 version is expected to be referred to the House Judiciary Committee.