Amidst Congressional Inaction, California Enacts Law to Restore Email Privacy

Share |

Inactivity in Congress is not entirely new or surprising, except when there is broad bipartisan, bicameral support for legislation that also enjoy strong support from both civil society and industry.

Such is the case with legislation to update the Electronic Communications Privacy Act (ECPA), where legislation to level the playing field for law enforcement access to electronic content is stalled, despite overwhelming bipartisan support.  The Electronic Communications Privacy Act Amendments Act (S. 356) and the Email Privacy Act (H.R. 699) enjoy overwhelming bipartisan support, with co-sponsorship of nearly 330 members of Congress.  But neither bill has even received a markup in respective Committee.

There is no real disagreement that ECPA is outdated and badly in need of reform. The technological advances in communications and computing since the bill’s original passage in 1986 have left both providers and users of remote computing with a baffling and outdated set of rules and a double standard that provides lower protection for emails stored “in the cloud.”

In response to the inaction in the U.S. Congress, California Gov. Jerry Brown yesterday signed S.B. 178, the California Electronic Communications Privacy Act (CalECPA),which is being hailed as the Nation’s best digital privacy law because it bars any state law enforcement agency or other investigative entity from compelling a business to turn over any metadata or digital communications—including emails, texts, documents stored in the cloud—without a warrant. It also requires a warrant to track the location of electronic devices like mobile phones or to search them.  Maine and Utah have both passed legislation to create a warrant requirement, and several other states are actively considering the same approach.

The Senate Judiciary Committee held a hearing on this legislation last month, but no further action is scheduled.  Hopefully California’s action on this issue will help move the needle in Congress, where the issue has bogged down by calls for an exception from administrative agencies.  As SIIA highlighted previously, such calls for an exception are without merit and shouldn’t stand in the way of quick Congressional action on this issue.  SIIA strongly supports H.R. 699 and S. 356 and urges Congress to act expeditiously to pass this critical legislation.

David David LeDuc is Senior Director, Public Policy at SIIA. He focuses on e-commerce, privacy, cyber security, cloud computing, open standards, e-government and information policy. Follow the SIIA public policy team on Twitter at @SIIAPolicy.