Lawmakers propose change to "outdated" email privacy law

Share this article:

Two senators have introduced legislation to amend what they say is an outdated privacy bill by requiring law enforcement to obtain a warrant before they peruse citizens' emails and other electronic communications.

Lawmakers on Tuesday discussed making overdue changes to the Electronic Communications Privacy Act (ECPA), first drafted in 1986.

Currently, ECPA gives police the authority to obtain emails that are older than 180 days with only a subpoena, which is easier to obtain than a search warrant. Changes under the proposal, introduced Tuesday by Sens. Patrick Leahy, D-Vt., and Mike Lee, R-Utah, would require law enforcement to obtain a warrant for all emails, no matter how old they are.

At a House Judiciary Subcommittee on Crime, Terrorism, Homeland Security and Investigations hearing, Rep. James Sensenbrenner, R-Wis., called ECPA in its current state “complicated, outdated and largely unconstitutional.”

“Americans should not have to choose between privacy and the internet,” he said.

While the updated bill seeks to eliminate the 180-day email rule, there remains a provision that still allows authorities to retrieve internal corporate email with only a subpoena, according to an analysis of the proposed ECPA changes, posted on Leahy's website.

At the hearing, Richard Salgado, Google's director of law enforcement and information security, also spoke on the need to reform the privacy law, saying it does not contain adequate privacy safeguards.Google compiles a semi-annual "Transparency Report" that chronicles, by country, the requests it receives for user account information. More than a third of the requests come from U.S. law enforcement agencies.

“As the benefits of internet computing become more obvious and widespread, its growth shouldn't be artificially slowed by the outdated technology assumptions that are currently baked into parts of ECPA,” Salgado wrote on Google's Public Policy blog. “Nor should the progression of innovation and technology be hobbled by pre-internet ECPA provisions that no longer reflect the way people use the services or the reasonable expectations they have about government access to information they store on internet services.”

Share this article:

Sign up to our newsletters

More in News

In Cisco probe, misuse or compromise spotted on all firms' networks

In Cisco probe, misuse or compromise spotted on ...

Cisco analyzed the business networks of 30 multinational companies last year, and revealed the findings in its 2014 Annual Security Report.

Fareit trojan observed spreading Necurs, Zbot and CryptoLocker

The Necurs and Zbot trojans, as well as CryptoLocker ransomware, has been observed by researchers as being spread through another trojan, known as Fareit.

Post Heartbleed, tech giants join initiative to bolster open source

Post Heartbleed, tech giants join initiative to bolster ...

The newly formed Core Infrastructure Initiative, created to boost under-funded open source projects, will tackle OpenSSL first.