Tag Archives: email privacy act

ARL Applauds Approval of Email Privacy Act, Urges Swift Senate Action

The Association of Research Libraries (ARL) applauds the approval of the Email Privacy Act by the US House of Representatives.  The House passed the bill with a voice vote, moving this critical piece of legislation one step toward ensuring that the outdated Electronic Communications Privacy Act (ECPA) is reformed to keep pace with the digital age. The House previously passed the Email Privacy Act in a unanimous vote during the last Congress.

House passage of the Email Privacy Act signals an important recognition that Fourth Amendment protections extend to online communications. As libraries and universities move services into the cloud and more communications take place online, ensuring the protection of information long considered to be private—including what individuals are reading or researching—is essential.

ARL has long supported reform of ECPA to ensure that the Fourth Amendment applies to digital communications and urges the Senate to quickly move forward to pass this bill.

Will Congress Finally Pass ECPA Reform?

The Electronic Communications Privacy Act (ECPA) is a law from 1986 governing privacy for online communications and has long been in need of reform. For the last several years, Congress has seriously considered reform to rectify the deficiencies of this law that denies individuals a reasonable expectation of privacy for the content of their online communications. On January 10, 2017, Congressmen Yoder (R-KS) and Polis (D-CO) reintroduced the Email Privacy Act (H.R. 387) for the 115th Congress, a bill that unanimously passed the House of Representatives last year.

ECPA was written in an era in which few individuals owned computers, most did not use e-mail, services like Facebook did not exist, and “the cloud” had not yet transformed the way people communicate and work. It reflects a poor understanding of the digital age and has clearly not kept pace with evolving technologies. ECPA allows the government to seize online documents and communications older than 180 days without a warrant, leading to an absurdity that grants greater protection to hard copy documents than to digital communications.

The Email Privacy Act would rectify this absurdity and restore Fourth Amendment protections to the digital world by requiring a warrant for content, just as a warrant would be required for a copy of a document stored in a file cabinet. The bill has enjoyed overwhelming bipartisan, with a super majority of the House of Representatives co-sponsoring the bill in the last Congress, before its unanimous passage.

ARL applauds the reintroduction of the Email Privacy Act and urges Congress to move quickly to pass ECPA reform and restore Fourth Amendment protections for online communications.

 

Civil Agencies, Law Enforcement Officials Threaten Meaningful ECPA Reform

On May 24, 2016, ARL joined a coalition of civil society organizations, companies and trade associations in a letter to Senate Judiciary Committee Chairman Grassley and Ranking Member Leahy supporting the Email Privacy Act (H.R. 699) as passed unanimously by the House of Representatives on April 26, 2016.  While the House-passed bill did not make all necessary reforms to the Electronic Communications Privacy Act (ECPA), it represents a big step forward by imposing a warrant-for-content rule.  Importantly, the H.R. 699 did not include a civil agency carveout, ensuring that civil agencies do not have warrantless access to online communications such as e-mails or documents stored in the cloud.

The Electronic Communications Privacy Act (ECPA) is a law from 1986 governing privacy for online communications and has long been in need of reform. ECPA was written in an era in which few individuals owned computers, most did not use e-mail, services like Facebook did not exist, and “the cloud” had not yet transformed the way people communicate and work. It reflects a poor understanding of the digital age and has clearly not kept pace with evolving technologies. ECPA allows the government to seize online documents and communications older than 180 days without a warrant, leading to an absurdity that grants greater protection to hard copy documents than to digital communication.  Essentially, ECPA reform seeks to ensure that the 4th Amendment applies equally to the digital age as it does to the analog world, requiring a warrant for the content of documents and communications.

Civil agencies, primarily the Securities and Exchange Commission (SEC), have repeatedly sought an exemption from the ECPA reforms and continue to do so as the Senate Judiciary Committee considers a vote.  These agencies would like to compel third-party providers to disclose the content of personal communications without a warrant, increasing their power beyond the existing tools they have at their disposal such as subpoenas.   Such an exemption threatens the reasonable expectation of privacy.

In addition to civil agencies seeking carveouts, law enforcement officials would like to broaden the emergency exceptions language in the ECPA reform bill despite the fact that current law already permits service providers to release information where there is an emergency involving the danger of death or serious physical injury.  Expansion of existing law in this area could be subject to abuse by government and law enforcement agencies who may try to overreach to access data.

ECPA is in serious need of reform and the Email Privacy Act passed last month by the House of Representatives–without modification or amendment–represents the appropriate vehicle to move reform forward.

ARL Celebrates House Passage of Email Privacy Act; Urges Senate to Pass Quickly

*Cross-posted from ARL News*

The Association of Research Libraries (ARL) applauds today’s 419-0 vote in the US House of Representatives passing the Email Privacy Act (H.R. 699), a bill that updates the Electronic Communications Privacy Act (ECPA). Passed in 1986, ECPA has not kept pace with evolving technologies and has led to an absurdity that affords greater protection to hard-copy documents than digital communications.

House passage of the Email Privacy Act today signals an important recognition that Fourth Amendment protections extend to online communications. As libraries and universities move services into the cloud and more communications take place online, ensuring the protection of information long considered to be private—including what individuals are reading or researching—is essential.

“Reform of ECPA is long overdue and today’s vote in the US House of Representatives demonstrates overwhelming support for bringing privacy laws in line with the digital age,” said ARL president Larry Alford. “The Email Privacy Act will restore a reasonable expectation of privacy in online communications, requiring the government to obtain a warrant for content, and is a key step forward in updating a 30-year-old law governing digital privacy. ARL applauds today’s vote and urges the Senate to quickly move forward to pass this bill.”

The Senate version of the bill, the Electronic Communications Privacy Act Amendments Act of 2015 (S. 356), has enjoyed broad, bipartisan support. The Association of Research Libraries strongly encourages the Senate to pass this legislation soon.

ARL Joins More than 50 Organizations and Companies Supporting Manager’s Substitute on ECPA Reform

On April 13, 2016, ARL joined a coalition of more than 50 civil society organizations, trade associations and companies in writing to support the Manager’s Substitute Amendment to the Email Privacy Act (H.R. 699), a bill to update the Electronic Communications Privacy Act (ECPA), in advance of the bill’s markup.  ECPA, a law passed in 1986, has not kept pace with evolving technology and allows government agencies to access private communications stored in the “cloud” without a warrant.  ARL has long supported reform of this outdated law to ensure that Fourth Amendment protections extend to the digital world.

The Email Privacy Act has enjoyed broad support with 314 co-sponsors.  While the coalition letter supports the Manager’s Substitute, it notes:

The Manager’s Substitute does not achieve all of the reforms we had hoped for. Indeed, it removes key provisions of the proposed bill, such as the section requiring notice from the government to the customer when a warrant is served, which are necessary to protect users. However, it does impose a warrant-for-content rule with limited exceptions. We are particularly pleased that the Manager’s Substitute does not carve out civil agencies from the warrant requirement, which would have expanded government surveillance power and undermined the very purpose of the bill.

Markup of the bill will happen in the House Judiciary Committee today, April 13, 2016 at 10:30 a.m.

The time for ECPA reform is long overdue and while the Manager’s Substitute rolls back some of the positive aspects of the original bill, it still represents a step forward in protecting privacy in the digital age.

On Data Privacy Day, ARL Urges Congress to Reform Outdated Online Privacy Law

Today is Data Privacy Day, a day for organizations, companies, and individuals to advocate for stronger privacy rights. One area that is badly in need of reform is the Electronic Communications Privacy Act (ECPA), a law that was passed in 1986 that governs when government agencies can access e-mails and other online communications. This law has clearly not kept pace with evolving technologies and permits agencies to access documents or communications that are older than 180 days and stored online with merely a subpoena, meaning that no warrant or prior judicial consideration is necessary. This result is an absurd one, affording online communications with less protection than hard copy documents stored in an office or filing cabinet.

As libraries and universities move services into the cloud and more communications take place online, it is critical that Fourth Amendment protections continue to apply even in the digital world. The way individuals communicate and interact today has clearly changed since ECPA’s enactment in 1986 and the law must be updated to protect civil liberties. ARL has been a member of a broad coalition that includes civil liberties groups (such as ACLU, CDT, EFF and others) as well as technology companies (such as Google and AT&T) and trade associations (such as CCIA), to advocate for updates to ECPA.

In the last Congress, ARL celebrated when the Email Privacy Act, a bill that would provide much needed updates to ECPA, reached a milestone of 218 co-sponsors in the House of Representatives on June 17, 2014 representing a majority of support from members in the House. The Email Privacy Act ultimately attracted 270 cosponsors with broad, bipartisan support. The Senate had its own version of the bill, which passed committee, but never reached the floor.

Twenty-nine years have passed since ECPA was enacted and today’s digital world is very different from the one that existed in 1986. Congress has waited long enough to act on this important issue and we urge re-introduction and swift passage of the Email Privacy Act.