Protecting Email Privacy

One of the challenges government faces is applying century’s old legal concepts, like the Fourth Amendment, to rapidly changing technology. This week, the House will be voting to pass the Email Privacy Act, which passed 419-0 last Congress, but never got a vote in the Senate.

Until the Email Privacy Act is signed into law, government access to email is covered by the Electronic Communications Privacy Act (ECPA). Under EPCA, a 1986 law, email left on an online server more than 180 days is considered abandoned and Americans have no reasonable expectation of privacy in something that is abandoned.

Under the Email Privacy Act that I am a cosponsor and strong supporter of, people can move documents from their computer to their cloud storage without giving up their ownership or privacy to that information. It requires the government to obtain warrants rather than subpoenas to access emails that have been opened or are older than 180 days. The bill also requires the government to serve a copy of the warrant on the customer within 10 days of receipt of stored contents, except in some special circumstances.

The legislation also expands the definition of what is covered to include any service that provides storage or computer processing services, regardless of how incidental that storage or computer processing is. This is designed to protect customers’ information used on websites such as Uber, PayPal, banks, department stores, Starbucks, etc.

While all the technology changes happening today may cause people’s head to spin, the House has taken a big step in preserving Fourth Amendment rights and the intent of the framers of the Constitution.