Senator Leahy Wants To Update Digital Privacy Law; Some Good, Some Bad

from the well,-it's-a-start dept

Tue, May 17th 2011 4:07pm — Mike Masnick

For years, there have been discussions in DC about how we need an update to the Electronic Communications Privacy Act (ECPA), which was put in place in 1986 -- way before most people even thought about electronic communications. Much of ECPA was woefully out of date, especially when it came to content stored on remote servers. Senator Patrick Leahy has finally introduced a bill that would update ECPA, and in typical DC fashion, there are some good things in there, but plenty of bad things as well. The key points are that it would require warrants for searches of email and other electronic communications.

There's been debate on this for years, with some (mainly on the side of law enforcement) arguing that the "third party doctrine" meant that emails stored on third party servers were not subject to 4th Amendment hurdles (probable cause, warrant, etc.). To make matters more confusing, courts have issued very mixed rulings on the matter. The new Leahy bill tries to make it clear that accessing such email requires a warrant. That's a good thing.

The new bill would also require that those, whose content was accessed, be notified within three days and that they be given a copy of the warrant. There is a 90 day exception, in specific cases where disclosing the info would "imperil" an ongoing investigation or the ever popular, if overly vague, "national security." Another bit of good news: the law would cover location data from a phone or device -- something law enforcement has often tried to access without warrants.

The concerns about the bill, however, are focused on the fact that it offers an exemption, so long as law enforcement claims that the mater is one of "cybersecurity," which is, again, broad and vague and seems like the sort of "exemption" that will be used as a matter of course. There are also concerns that the bill does not include transparency in the form of reporting requirements, detailing how often these searches are done.

ECPA definitely needs updating, but it should be updated properly and without huge loopholes.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: ecpa, email, patrick leahy, privacy

12 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Christopher (profile), 17 May 2011 @ 4:22pm

What is with these senators and the loopholes! Simply say that unless someone's life is in imminent danger or someone is connected with terrorism, that you have to have a warrant to get any of this information.
[ link to this | view in chronology ]
- Wise (profile), 17 May 2011 @ 4:26pm
  
  Re:
  I agree. The vague use of "cyber security" and "national security" mean nothing to the general populace. If the government wants to continue using these terms for blanket loop-holes, then they will need to release a statement with clear and concise definitions that will not change when under the scrutiny of a certain beholder.
  [ link to this | view in chronology ]
Miff (profile), 17 May 2011 @ 4:34pm

Isn't "cybersecurity" technically "any law enforcement action involving *jazz hands* computers"?
[ link to this | view in chronology ]
- Wise (profile), 17 May 2011 @ 4:46pm
  
  Re:
  It could be construed as anything having to do with the internet and the overall security therein.
  [ link to this | view in chronology ]
  - Zach Mollett (profile), 17 May 2011 @ 4:51pm
    
    Re: Re:
    Grr... keep forgetting to sign into my account *mental note*
    [ link to this | view in chronology ]
Anonymous Coward, 17 May 2011 @ 5:07pm

With the typical air of law enforcement today, it will merely mean that 98% of every thing they request access to will now be linked as terrorist related. Meaning that with these large loopholes, nothing has really changed except terrorism and national security will play an ever larger role as the reason for wanting access.

Similar to the entertainment industries '...but pirates' reasons.
[ link to this | view in chronology ]
- Anonymous Coward, 17 May 2011 @ 5:41pm
  
  Re:
  And for the other 2%, they just plain won't bother taking out warrants. Why start now?
  [ link to this | view in chronology ]
- The eejit (profile), 18 May 2011 @ 12:02am
  
  Re:
  Day 192 in the Big Brother Nation: Marlon Abuwe was locked up for thinking about terrorist motivations.
  [ link to this | view in chronology ]
Jeni (profile), 18 May 2011 @ 4:22am

DC Dogs
These DC "dogs" aren't deep enough to think beyond "vague-ness" (is that a word???).

Consider TSA - in their vague little minds & worlds, everyone is already a terrorist...
[ link to this | view in chronology ]
Josef Anvil (profile), 18 May 2011 @ 4:37am

Why the Surprise?
Im not sure why anyone is surprised by the "national security" loophole. The government learned well under the Bush Administration and they are not backing off the good times that came from doing whatever they want and saying "err.. national security, terrorism".

Cybersecurity is a new one though. Putting that in a bill about digital privacy is a bit like rewording the 4th Amendment with an exception for "security".
[ link to this | view in chronology ]
- Jay (profile), 18 May 2011 @ 6:43am
  
  Re: Why the Surprise?
  You should read about the new attacks on cybersecurity. They're a doozy.
  
  Link
  [ link to this | view in chronology ]
Mike Raffety (profile), 18 May 2011 @ 11:06am

Searching e-mail on ISP servers
What's the law regarding searches of bank safe deposit boxes? Seems like a possible analogy here. If the police want to access my personal safe deposit box at the bank, what do they have to do? I would surely think this requires a warrant??? Or for that matter, even to ask the bank for my bank statement?
[ link to this | view in chronology ]