In Texas, cops will soon need a warrant to search your email
Now, it's up to Gov. Rick Perry to sign the bill passed this week by the Texas legislature
Computerworld - Texas is poised to become the first state in the U.S. to require law enforcement officers to get a search warrant based on probable cause before they access any electronic communications and customer data stored by a third-party service provider.
The Texas legislature this week passed a bill (H.B. 2268) mandating the warrant. The measure now only needs a signature by Gov. Rick Perry to become law.
The bill would be the first to address what many, including courts, say are glaring shortcomings in the Electronic Communications Privacy Act. The ECPA was drafted in 1986 and does not always require law enforcement authorities to obtain a search warrant to access email, instant messages and other customer data stored by Internet service providers and online storage services.
In many instances, the ECPA only requires them to give prior notice and obtain an administrative subpoena to access customer data. The only situation where existing federal law mandates a search warrant is for unopened email messages that are less than 180 days old.
Concerns over warrantless email searches by police have prompted sweeping calls for ECPA reforms, both at the state and federal level.
Just last week, for instance, Sen. Rand Paul (R-KY) introduced the Fourth Amendment Preservation and Protection Act of 2013, which stipulates a search warrant requirement similar to the Texas bill. In March, three lawmakers introduced an ECPA reform bill that would require law enforcement agencies to obtain a warrant to intercept or access stored electronic communications and geolocation data.
Similar bills have been proposed by others in recent years, but the Texas statute looks to be the first effort to actually become law.
The measure requires a warrant for all law enforcement access to stored electronic data, regardless of how long it has been stored, who is storing it or how it is being stored. All applications for search warrants would need probable case and have to be supported by an oath by the officer making the request.
In most cases, companies served with such warrants would be required to comply with them within 10 days. In some instances, a judge could require compliance in as little as four days if police are able to prove than a delay would jeopardize an investigation, put someone's life at risk or let someone to escape prosecution.
The bill is important for two reasons, said Hanni Fakhoury, a staff attorney at the Electronic Frontier Foundation (EFF). First, it creates stronger privacy protections by updating the state's electronic privacy laws.
"Second, although this bill only covers Texas, it will hopefully spur other states to do the same and for Congress to update ECPA, too," Fakhoury said.
California, for instance, is currently considering a similar bill (SB 467) sponsored by the EFF. It has been passed by the California Senate and is now awaiting action in the Assembly, he said.
Separately, ECPA reform has been steadily moving through Congress, with entities as varied as Google and the U.S. Department of Justice now backing a warrant requirement, he noted. "Having individual states demonstrate to Congress that email privacy legislation is both politically and practically feasible, necessary and desired is only going to make the law better for everyone, no matter what state they're in."
The Texas law would only apply to state investigations -- not federal investigations, which will still be governed by ECPA requirements.
This article, In Texas, cops will soon need a warrant to search your email, was originally published at Computerworld.com.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is firstname.lastname@example.org.
- Franken presses Ford on location data collection practices
- Justices let stand appeals court decision on border searches of laptops
- California lawmakers move to bar state help to NSA
- Appeals court again nixes Google's bid to overturn Street View case
- Older Mac webcams can spy without activating warning light
- Update: Judge rules NSA spy efforts may be unconstitutional
- Perspective: Privacy concerns could keep Amazon delivery drones grounded
- NSA collects data from millions of cellphones daily
- Perspective: Curbing data use is key to reining in NSA
- Lavabit-DOJ dispute zeroes in on encryption key ownership
Read more about Privacy in Computerworld's Privacy Topic Center.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
Red Hat Enterprise Linux - The Original Cloud Operating System
Linux adoption is growing against a number of measures, such as the
number of supercomputers that run Linux and the size of the contributing...
- OpenStack Hype vs. Reality: CIO Quick Pulse Open-source architecture can enable IT departments to build infrastructure-as-a-service (IaaS) clouds running on standard hardware.
- Building a Bridge to the Next Generation Data Center Selecting a widely adopted operating system is a foundational component of a standardization strategy.
- OpenStack and Red Hat: IDC White paper Most OpenStack deployments are by public cloud providers that are early adopters of technology and use OpenStack in a do-it-yourself deployment and support...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- Webinar: Building a Big Data solution that's production-ready Big data solutions are no longer just a nice-to-have. All Privacy White Papers | Webcasts