Three bipartisan Senate bills are up for consideration in Congress that would attempt to modernize the legal standards under which the U.S. government can access communications electronically stored by email service providers and cloud computing companies.
The proposed bills, introduced July 27, 2017, each provide a different scheme in updating the Electronic Communications Privacy Act (ECPA), which has been criticized for being woefully outdated, given the rise of the Internet of Things and how people currently share, store, and use information. Accordingly, many have publicly called for Congress to completely overhaul the Reagan-era statute.
Current Framework: The ECPA
Although ECPA has undergone amendment since its passage in 1986, the most scrutinized aspects of the law, such as those related to email retention, remain unchanged from when it was passed more than 30 years ago.
ECPA currently requires law enforcement officials to obtain a warrant in order to access data less than 180 days old. A warrant requirement is a strict legal standard, requiring that any request be supported by probable cause – a reasonable suspicion of criminal activity based on articulable facts.
However, if the data is more than 180 days old, ECPA considers those older communications to be abandoned, and therefore not subject to a reasonable expectation of privacy. Thus, law enforcement officials are entitled to access those emails and other electronic communications without a warrant. Instead, government officials need only issue a subpoena for the information or obtain a court order.
Continue Reading ECPA Reform Legislation on the Horizon (Again)