Plans to end warrantless email searches pass Senate committee

Plans to end warrantless email searches pass Senate committee

Summary: The privacy law governing how U.S. law enforcement can access email data after a certain time has been passed unanimously across both sides of the Senate.

SHARE:
TOPICS: Privacy, Security
7

The Senate Judiciary Committee on Thursday passed a bipartisan measure that would force U.S. law enforcement and government agencies to get a warrant before reading citizen emails.

The vote, which was passed unanimously by members on both sides of the Senate, will be seen as a huge boost for privacy. The provisions would amend the Electronic Communications Privacy Act (ECPA), first signed in 1986 during a time where email was still reserved for the technological bourgeois.

ECPA currently allows the U.S. government to access email older than six months old or if they had been marked as "read" or opened, with a subpoena signed by a federal prosecutor. Only email less than six months old requires a warrant signed by a judge. 

But the amendment, jointly written by Sen. Patrick Leahy (D-VT) and Sen. Mike Lee (R-UT), will require the government to inform a U.S. resident when their email has been disclosed via a search warrant.

Read this

Yes, the FBI and CIA can read your email. Here's how

Yes, the FBI and CIA can read your email. Here's how

"Petraeus-gate," some U.S. pundits are calling it. How significant is it that even the head of the CIA can have his emails read by an albeit friendly domestic intelligence agency, which can lead to his resignation and global, and very public humiliation? Here's how.

There are two exceptions: one would be if a National Security Letter "gagging order" has been issued, which may not exist by the time this bill is voted upon, after a U.S. district court found such orders in breach of the First Amendment. The other would be to prevent tipping off a suspect of an investigation by delaying such a notice.

The changes to ECPA would still allow some data to be released under subpoena, such as the date and time of when a communication was made, and the name, address and IP address to access some corporate communication data.

The amendment will also prohibit companies that hold email communications — such as Microsoft, Google, and Apple, among others — from "voluntarily disclosing the contents of its customers' email or other electronic communications to the government." 

This comes at a time where the Cyber Intelligence Sharing and Protection Act (CISPA), a cybersecurity bill that allows U.S. private sector firms to hand over customer data to the U.S. government and receive legal immunity from doing so. This is in spite of Fourth Amendment rights, warns U.S. privacy groups

However, it's not clear how CISPA will affect the Leahy-Lee amendment to ECPA, because of the language used in the cybersecurity bill. CISPA includes a provision that says, "notwithstanding any other provision of law," potentially overriding and undermining decades of basic privacy provisions codified into U.S. law.

The Senate still needs to vote in favor of the bill, and it still has to be passed to the lower House chamber for voting. Nonetheless, it's a step in the right direction for privacy rights. But how other acts of law — if passed — could lead to a significant conflict over privacy (or lack of) jurisdiction.

Topics: Privacy, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

7 comments
Log in or register to join the discussion
  • It's very simple

    The US Government is getting out of the business of enforcing the Internet, including halting predatory pricing and other anticompetitive tactics, in favor of letting the industry police itself, and all its hundreds of millions of users. I expect to see shortly an expansion of methods by which these private firms can exert their force against individuals and companies they deem insufficiently compliant, including but not limited to seizure, forfeiture of access, excommunication from all telecommunications, and punitive fines disguised as fees.

    We fought wars to keep foreign governments from imposing this sort of will on us. Are we to just roll over when AT&T or Level3 do the same? These firms have physical infrastructure that is poorly guarded at best, and highly subject to even casual damage, man-made or not. We should keep this in mind, and plan accordingly.
    progan01@...
    • Rights?

      Given that the US & UK have both taken away some very fundamental rights from its citizens (War on Terror), you can hardly moan about the security services accessing your emails. They've been doing it in a clandestine fashion for years now -- just watch any episode of NCIS.
      sip01
    • Actually, No

      The US government is NOT getting out of the business of (attempting) to regulate the internet - it's just getting started, with the help of its "friends." You'll want to track more about this, here:

      https://twitter.com/AnonyOdinn/status/326757484066906112

      Use also this resource: https://twitter.com/DC_Camp/status/326892854536458240
      AnonyOdinn
    • How is this relevant...

      ...to a prohibition against unwarranted searches of e-mail?
      John L. Ries
  • Let's stop the nonsense we'll hear from the US Senate before it begins.

    First, let's clear up some misconceptions.

    When you spend many millions and have hundreds of lobbyists constantly camping on an issue, that issue doesn't go away and the law you were burning shit-tons of bucks on isn't going to disappear into the ether, because some reporters say so or because someone on the Hill says so.

    CISPA is going to come back in a week, or perhaps within the month at the very latest -- at an opportune moment when you are not watching. Perhaps, when the US is about to go to war with Syria, or something like that -- then, and only then, will the lobbyists and Senators get together for a vote count and a quick rush to try and get this piece of shit passed, so that Obama can despair and say how much he objects to it but how "necessary" it is as he signs away your rights, like with NDAA.

    Got it? Good.

    Next, let's cover what you can do about this.

    Remember, DoD's DIB "CISPA rule" is operating now, overriding the #ECPA change. If #CISPA passes, it will trump #ECPA too. #StopCISPA

    ^That was a tweet, 140 characters. Steal it, copy it, paste it, whatever.

    Then take this and run with it - get info this way on what's next with CISPA. Straight from the legislative source of where it's published, not random rumor.

    https://twitter.com/DC_Camp/status/326892854536458240
    AnonyOdinn
  • I may just have to vote for Sen. Lee

    I find some of his positions extreme, but I'm satisfied that he's honest, intelligent, and not for sale, which are big plusses.
    John L. Ries
  • "notwithstanding any other provision of law" - Really?

    So the language used in the cyber security bill. CISPA includes a provision that says, "notwithstanding any other provision of law".

    In reading this article I envisioned being robbed by someone. Now robbery is against the law, but this person has a gun, I don’t. The law was just superseded by superior force. I’ve been robbed and CISPA is the culprit.

    The Supreme Court must step in if CISPA passes with the current wording and intent intact. If allowed to stand it is almost certain that it will later be amended and adulterated until it would routinely be used to capture all private information, even when there is no suspicion of illegal activity.

    All of this was predictable. Our government is an entity unto itself that has evolved over time and displays the composite persona of the many individual components (people) that function within the gestalt; or the whole of it.

    It is the nature of government to control what it can and impose order where possible, that’s what governments do. The government has enormous inertia and desperately resists change so what we’re seeing here is the result of a government that went from one that was fairly relaxed 3-4 decades ago to one that is becoming very hardened by increasing attacks and pressure, even to the point of distrusting it’s own citizens.

    It’s unfortunate in many ways that we are where we are. Attacks, terrorism and other pressures have hardened both government and people in ways that most are unaware of and history has shown that there is only so much disorder and pressure that can be accepted before a breaking point is reached before it shifts from repose and acceptance to attack and elimination [of the cause].

    There is no way to guess how bad it could get, but from a sociological point of view the signs are there and it seems inevitable it will occur, and also that the collateral damage to the rest of the world, immense.
    afhavemann@...