Privacy legislation reintroduced for email older than 180 days

The bill would require law enforcement to get a warrant to read emails older than 180 days

Gmail Google Mail
Credit: Martyn Williams

A bill has been reintroduced in the U.S. House of Representatives that would require law enforcement agencies to get a warrant before they poke around users’ emails and other communications in the cloud that are older than 180 days.

The Email Privacy Act, reintroduced on Monday, aims to fix a loophole in the Electronic Communications Privacy Act that allows the government to search without a warrant email and other electronic communications that are older than 180 days and stored on servers of third-party service providers such as Google and Yahoo.

“Thanks to the wording in a more than 30-year-old law, the papers in your desk are better protected than the emails in your inbox,” the Electronic Frontier Foundation, digital rights organization, said in a blog post Monday.

The bill was passed by the House last year but stalled in the Senate. U.S. Reps. Kevin Yoder (R-Kan) and Jared Polis (D-Colo) said they are reintroducing the legislation because the Senate failed to act on it before the 114th Congress came to a close.

If the legislation becomes law, government agencies will have to obtain a warrant based on a showing of probable cause to compel service providers to disclose emails and other electronic communications of Americans, regardless of the age of the mails or the means of storage. In the original version of the legislation, the government also had to notify the person whose account is disclosed, along with a copy of the search warrant and other information, within a stipulated period.

Privacy groups and tech companies backed the legislation when it was first introduced. But it failed to clear the Senate as it was bogged down with amendments such as the requirement of mandatory compliance by service providers without court oversight when law enforcement claimed an emergency as an exception for asking for user data. U.S. Sen. John Cornyn (R-Texas) proposed an amendment that would expand the information that the FBI can obtain with a National Security letter without prior judicial oversight.

“Government access to communications without oversight of warrants is a dangerous path for any country that supports democratic values,” said Ed Black, CEO and president of the Computer & Communications Industry Association, in a statement Monday.

“Rules on how the government can access electronic communications in criminal investigations have simply not kept up with advances in modern technology. Indeed, US law still treats data stored in the cloud differently than data stored on a local computer,” said Information Technology and Innovation Foundation vice president Daniel Castro in a statement.

Opposition to the bill came previously from a number of agencies, including the Securities and Exchange Commission, which uses administrative subpoenas on service providers to work around people under investigation who don't keep copies of incriminating mail after sending it or decline to share their content with the SEC.

Computerworld's IT Salary Survey 2017 results
Shop Tech Products at Amazon