Proposed Law Aims to Give More Privacy to e-Mail

Several of the largest technology and Internet companies have joined forces with conservative and liberal organizations in a show of solidarity for a proposed amendment to The Electronic Communications Privacy Act of 1986 (ECPA), 18 U.S.C. ”2510 et seq.'In a July 12 letter to the Senate, technology and Internet companies such as Microsoft, Oracle, Intel, Adobe, Facebook, Twitter, Google, and Yahoo urged passage of the amendment, which would modernize the ECPA and increase the level of protection given to emails and electronic communications from the government. See , http://bit.ly/14mhtXH.

Under the current law, government agencies wishing to seize e-mails from third-party servers (like Yahoo or Gmail) need a warrant only for e-mails less than 180 days old. After that, the e-mails are considered to be abandoned under the ECPA, and the government only needs a subpoena or court order to get them.

“Court orders and subpoenas are easier for law enforcement to obtain than a search warrant,” says Wiebke Lips, a spokesperson for Adobe, in an e-mail. “This may have made sense in 1986, long before the wide-spread adoption of cloud-based e-mail and storage solutions. It does not make sense today.”

Amendment: Get a'Warrant

The proposed amendment from Senators Patrick Leahy (D-VT) and Mike Lee (R-UT) would force government agencies to get a warrant before they could access any e-mails or electronic communications stored on third-party servers, regardless of when they were received.

“American consumers and businesses large and small are increasingly taking advantage of the efficiencies offered by Web-based e-mail servers and cloud-based storage and computing,” the letter states. “Removing uncertainty about the level of legal protection afforded such information will encourage consumers and companies, including those outside the U.S., to utilize these services.”

The letter also expresses opposition to a proposal from the Securities and Exchange Commission (SEC) granting the agency an exemption from the amendment. In an April 24 letter to Senate Judiciary Committee Chairman Leahy, SEC Commissioner Mary Jo White cautioned that the amendment would have a “significant negative impact” on the SEC's enforcement capabilities. See, http://bit.ly/13ptLfU. White argued that getting a subpoena or warrant for e-mails every single time was impractical and would encourage individuals or entities under investigation to delete incriminating e-mails. Instead, White proposed preserving the SEC's ability to get e-mails directly from third-party providers, “in appropriate circumstances.”

“The SEC wants special treatment and wants the law to clarify that they don't need a warrant,” says David LeDuc, senior director of public policy at the Software & Information Industry Association (SIIA; www.siia.net) ' a signatory of the letter. “It's shocking to us that they feel so emboldened to do that.” LeDuc says that he and members of the Center for Democracy & Technology are currently in discussions with the SEC to see if they come to a resolution.

Instead, the companies and organizations argue that the traditional system should be maintained. A regulatory agency serves a subpoena on the target of its investigation forcing the target to turn over documents relevant to the subpoena. “The SEC proposal would turn that process on its head,” the letter says. “If a civil regulatory agency could serve process on the target's communications service provider, the provider would be forced to turn over all of the information in the target's account, even if irrelevant to the subject of the investigation or legally privileged.”

Wide Support

The amendment has galvanized companies and organizations of all persuasions. Signatories to the July letter span the spectrum of right and left wing politics, big business and non-profit interest groups. Supporters of the amendment include the U.S. Chamber of Commerce, conservative political organization Americans for Tax Reform, Tea Party group FreedomWorks, and Internet civil liberties groups such as the Electronic Frontier Foundation and Demand Progress.

“At Adobe, we believe customer private communications should receive full constitutional protections,” says Adobe spokesperson Lips. Other groups cite additional consequences of leaving the ECPA unamended. The Chamber of Commerce, for instance, worries about losing jobs to overseas competitors. “EU companies are pitching customers, telling them they should store stuff in the EU because they have stronger privacy protections than the United States,” says Jason Goldman, senior telecommunications policy counsel for the Chamber, in an interview with e-Commerce Law & Strategy's ALM affiliate, Law Technology News. Meanwhile, Mason Clutter, national security and privacy counsel at the National Association of Criminal Defense Lawyers (NACDL; www.nacdl.org), says that many regulatory agencies have criminal components to them, meaning they could share information easily. “Regulatory agencies could obtain private information without a warrant and then hand it over to their criminal law counterparts to be used in prosecutions,” says Clutter.

The amendment was passed by the Senate Judiciary Committee in April. A vote before the full Senate has not yet been scheduled. On July 17, the House of Representatives Appropriations Committee unanimously passed a similar amendment giving e-mails the same protection as regular mail. “The IRS, SEC, and other government agencies have stated Americans don't have an expectation of privacy with their e-mail,” said Representative Kevin Yoder (R-KS), who co-sponsored the House amendment. “I completely disagree.”

Victor Li is a staff reporter with Law Technology News, an ALM affiliate of e-Commerce Law & Strategy. He can be reached at [email protected].

Several of the largest technology and Internet companies have joined forces with conservative and liberal organizations in a show of solidarity for a proposed amendment to The Electronic Communications Privacy Act of 1986 (ECPA), 18 U.S.C. ”2510 et seq.'In a July 12 letter to the Senate, technology and Internet companies such as Microsoft, Oracle, Intel, Adobe, Facebook, Twitter, Google, and Yahoo urged passage of the amendment, which would modernize the ECPA and increase the level of protection given to emails and electronic communications from the government. See , http://bit.ly/14mhtXH.

Under the current law, government agencies wishing to seize e-mails from third-party servers (like Yahoo or Gmail) need a warrant only for e-mails less than 180 days old. After that, the e-mails are considered to be abandoned under the ECPA, and the government only needs a subpoena or court order to get them.

“Court orders and subpoenas are easier for law enforcement to obtain than a search warrant,” says Wiebke Lips, a spokesperson for Adobe, in an e-mail. “This may have made sense in 1986, long before the wide-spread adoption of cloud-based e-mail and storage solutions. It does not make sense today.”

Amendment: Get a'Warrant

The proposed amendment from Senators Patrick Leahy (D-VT) and Mike Lee (R-UT) would force government agencies to get a warrant before they could access any e-mails or electronic communications stored on third-party servers, regardless of when they were received.

“American consumers and businesses large and small are increasingly taking advantage of the efficiencies offered by Web-based e-mail servers and cloud-based storage and computing,” the letter states. “Removing uncertainty about the level of legal protection afforded such information will encourage consumers and companies, including those outside the U.S., to utilize these services.”

The letter also expresses opposition to a proposal from the Securities and Exchange Commission (SEC) granting the agency an exemption from the amendment. In an April 24 letter to Senate Judiciary Committee Chairman Leahy, SEC Commissioner Mary Jo White cautioned that the amendment would have a “significant negative impact” on the SEC's enforcement capabilities. See, http://bit.ly/13ptLfU. White argued that getting a subpoena or warrant for e-mails every single time was impractical and would encourage individuals or entities under investigation to delete incriminating e-mails. Instead, White proposed preserving the SEC's ability to get e-mails directly from third-party providers, “in appropriate circumstances.”

“The SEC wants special treatment and wants the law to clarify that they don't need a warrant,” says David LeDuc, senior director of public policy at the Software & Information Industry Association (SIIA; www.siia.net) ' a signatory of the letter. “It's shocking to us that they feel so emboldened to do that.” LeDuc says that he and members of the Center for Democracy & Technology are currently in discussions with the SEC to see if they come to a resolution.

Instead, the companies and organizations argue that the traditional system should be maintained. A regulatory agency serves a subpoena on the target of its investigation forcing the target to turn over documents relevant to the subpoena. “The SEC proposal would turn that process on its head,” the letter says. “If a civil regulatory agency could serve process on the target's communications service provider, the provider would be forced to turn over all of the information in the target's account, even if irrelevant to the subject of the investigation or legally privileged.”

Wide Support

The amendment has galvanized companies and organizations of all persuasions. Signatories to the July letter span the spectrum of right and left wing politics, big business and non-profit interest groups. Supporters of the amendment include the U.S. Chamber of Commerce, conservative political organization Americans for Tax Reform, Tea Party group FreedomWorks, and Internet civil liberties groups such as the Electronic Frontier Foundation and Demand Progress.

“At Adobe, we believe customer private communications should receive full constitutional protections,” says Adobe spokesperson Lips. Other groups cite additional consequences of leaving the ECPA unamended. The Chamber of Commerce, for instance, worries about losing jobs to overseas competitors. “EU companies are pitching customers, telling them they should store stuff in the EU because they have stronger privacy protections than the United States,” says Jason Goldman, senior telecommunications policy counsel for the Chamber, in an interview with e-Commerce Law & Strategy's ALM affiliate, Law Technology News. Meanwhile, Mason Clutter, national security and privacy counsel at the National Association of Criminal Defense Lawyers (NACDL; www.nacdl.org), says that many regulatory agencies have criminal components to them, meaning they could share information easily. “Regulatory agencies could obtain private information without a warrant and then hand it over to their criminal law counterparts to be used in prosecutions,” says Clutter.

The amendment was passed by the Senate Judiciary Committee in April. A vote before the full Senate has not yet been scheduled. On July 17, the House of Representatives Appropriations Committee unanimously passed a similar amendment giving e-mails the same protection as regular mail. “The IRS, SEC, and other government agencies have stated Americans don't have an expectation of privacy with their e-mail,” said Representative Kevin Yoder (R-KS), who co-sponsored the House amendment. “I completely disagree.”

Victor Li is a staff reporter with Law Technology News, an ALM affiliate of e-Commerce Law & Strategy. He can be reached at [email protected].