Law enforcement could be forced to get a probable-cause warrant to access people’s email, thanks to a new bill set to be introduced today.
Senate Judiciary chairman Patrick Leahy wants warrants mandated for all non-public internet communications, so that remotely stored communications have the same privacy as those stored at home.
The existing law is an anomaly, says the American Civil Liberties Union, thanks to the fact that the Electronic Communications Privacy Act (ECPA) has hardly been changed since it was first introduced in 1986.
“In 1986 email was a novelty. Congress was so unsure of how to handle it that they treated it like a combination of phone call and letter. Lawmakers assumed that email would be largely transient and that companies providing email services wouldn’t hold onto messages for long periods,” says ACLU legislative counsel Chris Calabrese.
“As a result they structured ECPA so that email older than 180 days would be treated as discarded and receive a very low level of privacy protection.”
Equally, few private individuals communicated much online at the time, and Congress decided that shared digital information was simply a type of business record, and thus could be accessed without a warrant.
As a result, email saved in Gmail, Yahoo and other email systems for longer than six months — along with information shared with third parties like Google and Facebook – can be accessed by police without a warrant.
Law enforcement bodies have resisted any change, with James Baker, associate deputy attorney general, telling a Senate committee last year: “These laws serve two functions. They are critical tools for law enforcement, national security, and cyber security activities, and they are essential for protecting the privacy interests of all Americans.”
“Of course no one is disputing that electronic evidence can be necessary to convict criminals,” says Calabrese. “The question is, what standard should police have to meet to gather that evidence?”