Federal law enforcement agencies are pushing back on a widely supported movement to update the 1986 Electronic Communications Privacy Act, stalling a popular House bill in the process.
Most members agree that the current law is outdated, as is reflected by a whopping 305 co-sponsors on the House bill. That includes 192 Republicans and 113 Democrats, along with 28 on the House Judiciary Committee, where the bill is being considered.
However, officials from law enforcement agencies worry that the bill’s new privacy protections could hamper their ability to carry out investigations. These concerns are holding up the legislation, as they pressure lawmakers to carve out channels allowing law enforcement access to electronic communications from Internet service providers.
The Email Privacy Act, H.R. 699, would require a warrant before an enforcement agency can compel a provider to disclose the contents of any electronic communication.
House Judiciary Committee Chairman Bob Goodlatte (R-Va.) is listening to law enforcement’s concerns. He said Tuesday that supports “the core” of the bill, but he holds reservations on how it would impact law enforcement.
“Congress can ensure that we are furthering the legitimate needs of law enforcement through ECPA reform by joining with the warrant requirement recognized exceptions and procedures designed to further the legitimate needs of law enforcement,” Goodlatte said in an opening statement at committee hearing on the bill.
The bill would clarify that a warrant is required for emails and other forms of communication older than 180 days old, and if they are stored on a cloud service. When the law was written, it was assumed that any email stored for longer than 180 days was considered to be abandoned. But now, with cloud computing and the ability to store more information for longer periods, this interpretation of email storage no longer makes sense.
Agencies are against the bill because they believe it would hamper their ability to investigate crimes.
“H.R. 699, in its current form, poses significant risks to the American public by impeding the ability of the SEC and other civil law enforcement agencies to investigate and uncover financial fraud and other unlawful conduct,” said Andrew Ceresney, director of the enforcement division at the Securities and Exchange Commission.
Ceresney said that in many cases when the SEC investigates wrongdoing, the suspect won’t respond to request for information or will simply delete the emails when directly subpoenaed. What’s more, the SEC and other civil law enforcement agencies can’t obtain criminal warrants, as the bill would require, which would mean they couldn’t gather evidence directly from providers.
Steven Cook, the president of the National Association of Assistant United States Attorneys’ Board of Directors, said technology is pervasive in the criminal world, especially for child predators and terrorists who communicate online.
Pulling evidence from stored emails, as currently allowed under the law, “is central to our ability to solve virtually every type of crime,” Cook said. The ability to access the information quickly “can literally be the difference between life or death,” he added.
Some Internet companies, such as Yahoo and Google, already have policies where they will only disclose contents of emails to law enforcement if they receive a warrant.
These policies are especially important following the landmark case in the field, United States vs. Warshak. In the case, the U.S. Court of Appeals for the Sixth Circuit ruled that the government had violated the defendant’s fourth amendment rights by making his Internet service provider hand over emails without a warrant.
Passing the bill is important to consumers and providers alike, said Noah Theran, a spokesman for the Internet Association, which represents Internet giants like Google, Yahoo, and Facebook.
“Internet users expect that information in their email inbox has the same kinds of safeguards that exist for their mailbox,” Theran said in an interview. “It is time that ECPA, a law that was written before the proliferation of the commercial Internet, is updated for the Internet age.”
Ross Schulman, senior policy counsel at the New America Foundation’s Open Technology Institute, said he and his colleagues believe Congress will take action on the legislation soon, despite the issues stalling it. “Given that the Email Privacy Act in the House has over 300 co-sponsors and would easily pass the full House if it was given the chance,” Schulman said in an email.
Chris Calabrese, vice president of policy at think tank the Center for Democracy and Technology also said that if the bill were to go to the floor, it would pass with strong numbers. There are far more areas of agreement than disagreement.
“This panel is unified in saying that we need a warrant for email,” Calabrese said at the hearing. “Now we have some minor issues around the edges, but honestly I believe that this is a bill that would pass the House of Representatives by 300 or 400 votes. It is that popular.”
The Ranking Member of the House Judiciary Committee, Rep. John Conyers (D-Mich.), echoed that sentiment. “The sponsors of H.R. 699 all agree that current law is not adequate to protect new forms of digital communication,” he said. “Our expectation of privacy does not diminish merely because Congress did not think of the medium when it last visited the statute. The sponsors of this bill agree we must act without delay.”