On April 27, the House of Representative unanimously passed the Email Privacy Act.  As previously reported, the proposed changes would strengthen the privacy protections for email and other cloud-storage services by closing a loophole that allowed law enforcement to access older data without obtaining a warrant.

However, while there is widespread support to require

In a unanimous vote, the House Judiciary Committee approved the Email Privacy Act, a long-awaited update to the 30-year-old Electronic Communications Privacy Act (ECPA).  The proposed changes would strengthen the privacy protections for email and other cloud-storage services by closing a loophole that allowed law enforcement to access older data without obtaining a warrant. 

Although Senator Rand Paul (R-KY) may have received the most attention for his attendance at South by Southwest (“SXSW”) Interactive, many other members of Congress were represented this year.  Continuing our coverage of the conference, this past weekend we attended a panel on “The Future of Privacy,” featuring congressional representatives Darrell Issa (R-CA), Suzan DelBene (D-WA), and Blake Farenthold (R-TX).  All three representatives support legislation to reform the Electronic Communications Privacy Act (“ECPA”), and the panelists focused their remarks on the importance of extending warrant protections to electronic communications regardless of how long such communications are stored.

The panel began on a somewhat whimsical note with the panelists presenting photographs of themselves from the 1980s.  To drive home the point, Congressman Issa explained a great deal has changed since 1986 when ECPA was first enacted.  The panelists generally focused on the need to protect all electronic mail and other electronic communications no differently than paper records are protected.  Congressman Issa also noted that ECPA reform has an economic impact in light of the increased use of cloud services.
Continue Reading Covington at #SXSW 2015: Members of Congress Discuss Future of Privacy

On May 14, a judge in the Northern District of California granted in part and dismissed in part four motions to dismiss filed by defendants in the consolidated class action, Opperman v. Path (No. 3:13-CV-00453-JST). The plaintiffs alleged that apps offered by a number of developers (“App Defendants”) accessed and uploaded information from plaintiffs’ mobile devices—including contact information—without plaintiffs’ knowledge or consent. The plaintiffs further alleged that, among other things, Apple had control over these apps, failed to exclude the apps from its App Store, and misrepresented that private information could not be accessed by third-party apps without the user’s express consent. The FTC made similar allegations last year when it claiming that Path deceived customers by collecting contact information from users’ mobile address books without notice and consent. Path settled these charges by entering into a consent decree in February 2013. 


Continue Reading Court Dismisses CFAA, ECPA, and Other Claims in Privacy Class Action Opperman v. Path

Continuing a flurry of recent legislative activity (see posts here and here), the California legislature on Tuesday passed a bill requiring that California law enforcement agencies obtain a search warrant to compel the production of communications content (e.g., emails and social media messages) from providers of electronic communication services.  A service provider may provide stored content to law enforcement without a search warrant if the service provider, in good faith, believes that an emergency involving the danger of death or serious physical injury to a person require disclosure without delay.  The bill—S.B. 467—was introduced by Senator Mark Leno and is sponsored by the Electronic Frontier Foundation and supported by the ACLU of California.  It will be enacted into law and become effective on January 1, 2014 if signed by Governor Jerry Brown or if Governor Brown has not vetoed the bill before October 13, 2013. 

Currently, the Stored Communications Act (“SCA”) (part of the federal Electronic Communications Privacy Act (“ECPA”)) requires law enforcement to obtain a search warrant for stored communications held by a service provider for less than 180 days or that have not been opened by the recipient, but only requires less rigorous forms of legal process—for example, a subpoena—for opened, stored communications held for more than 180 days.  (This distinction arose because in 1986 when the SCA was enacted, email typically was hosted on service providers’ servers temporarily and then downloaded by users after a short period of time).


Continue Reading CA Passes Legislation Requiring Search Warrant For Disclosure of Stored Content

The last two weeks have brought two important decisions in the ongoing litigation over behavioral advertising firm NebuAd’s alleged use of a device to intercept data from ISP networks. Several ISPs allegedly permitted NebuAd to install an “appliance” on their networks in order to collect and analyze subscriber data for ad targeting purposes.  In lawsuits that began to be filed in 2008, plaintiffs have alleged that NebuAd–and the ISPs with which it allegedly partnered– violated Title I of the Electronic Communications Privacy Act (i.e., the Wiretap Act) as well as other federal and state laws.  Plaintiffs have sued the ISPs in separate suits around the country.  Two of these suits–against ISPs Embarq and WideOpen West (“WOW”)–yielded decisions in favor of the ISPs last week. 


Continue Reading Two New Decisions on the Wiretap Act and Secondary Liability

Continuing the flurry of activity around privacy legislation that we have seen over the past few weeks, the House today passed an amendment to the Video Privacy Protection Act (“VPPA”), 18 U.S.C. § 2710.  The bill would amend the VPPA by clarifying that a consumer may consent to the disclosure of her video viewing information

Today, the Senate Judiciary Committee passed the much-discussed update to the Electronic Communications Privacy Act of 1986 and the Video Privacy Protection of 1988 (“VPPA”).  The Committee adopted Senator Leahy’s manager’s amendment (which we discussed here), with a minor modification proposed by Senators Cornyn and Lee. 

Senator Feinstein also offered an amendment to the