The bipartisan Electronic Communications Privacy Act Amendments Act of 2015 would offer protection from warrantless digital searches.
The bipartisan Electronic Communications Privacy Act Amendments Act of 2015 would offer protection from warrantless digital searches.

A bicameral, bipartisan bill presented to Senate Wednesday would modernize U.S. electronic privacy laws and offer protection from warrantless searches.

The Electronic Communications Privacy Act Amendments Act of 2015 (ECPA), was introduced  by Patrick Leahy, D-Vt., Sen. Mike Lee, R-Utah, Rep. Kevin Yoder, R-Kan., and Rep. Jared  Polis, D-Colo., would update the 1986 law to keep pace with advances in technology and the internet. 

Leahy, ranking member of the Senate Judiciary Committee and the senator who penned the 1986 law, has been trying to push an amended, updated version through the last Congress, said the reforms to the act “would protect Americans' digital privacy – in their emails, and all the other files and photographs they store in the cloud.”  It would, he said, build consumer trust and provide “law enforcement agencies with the proper tools they need to ensure public safety.”

Calling digital privacy a “bipartisan issue,” Leahy urged for swift action.

His sentiments were echoed by Lee, who along with Leahy tried to get the 113th Congress on board to give the ECPA a much needed facelift. 

“In the nearly three decades since ECPA became law, technology has advanced rapidly and beyond the imagination of anyone living in 1986,” Lee said. “The prevalence of email and the low cost of electronic data storage have made what were once robust protections insufficient to ensure that citizens' Fourth Amendment rights are adequately protected.”

David LeDuc, senior director of public policy at the Software & Information Industry Association (SIIA), noted in a blog post that current law “is failing to provide a legal framework for the 21st Century.” The privacy protection standards differ for digital communications stored at a target's house versus in a provider's servers. 

“If government entities want to access your email and communications on your computer in your house, they need to get a warrant,” he wrote, “but if they want to access the same information stored remotely "in the cloud," by a company like Google, Facebook or others, the standard is much lower.”  

The amended act, "would level the playing field for cloud computing by establishing a warrant requirement" for law enforcement to obtain content from service providers that hold "private electronic messages, photos and other personal records, like Gmail or Facebook," LeDuc said.

If passed into law, the legislation would indeed protect the confidentiality of electronic communications described by section 2703(a) of the act and prohibit government from seeking or forcing disclosure of digital communication content without a warrant issued by “a court of competent jurisdiction directing the disclosure.”  

In other words, law enforcement and government would have to "show the court there is probable cause to believe that the sought-after records may reveal evidence of wronging," wrote LeDuc.

The amended bill also clarifies the terms under which a carrier is to disclose information regarding customer communications as well as specifies when law enforcement can delay notification of a search warrant beyond the 90-day or 180-day period (notification requirements vary depending on the law enforcement agency or government entity involved).

The amended ECPA bill comes on the heels of a bipartisan effort in the House sponsored by Rep. Zoe Lofgren, D-Calif., Rep. Suzan DelBene, D-Wash., and Rep. Ted Poe, R-Texas, that resurrected a bill that would require government agencies to obtain a search warrant — after showing probable cause — before intercepting electronic communications such as email and geolocation information or compelling disclosure of that data.