By Lauren Moxley
In late July, three bipartisan bills to reform the Electronic Communications Privacy Act of 1986 (“ECPA”) were introduced in the Senate. Each of the bills propose different updates to ECPA, which governs law enforcement access to consumer information stored with service providers. As we have discussed here, here, here, and here, the 1986 law has been criticized for being outdated in today’s digital world.
Senator Mike Lee (R-UT) introduced the Email Privacy Act (S.B. 1654), along with a coalition of seven co-sponsors, including Senator Patrick Leahy (D-VT) and Senator Steve Daines (R-MT), Senator Richard Blumenthal (D-CT), Senator Dean Heller (R-NV), Senator Jeanne Shaheen (D-NH), Senator Cory Gardner (R-CO), and Senator Al Franken (D-MN). As ECPA currently stands, law enforcement need only a subpoena to access emails that have been stored for more than 180 days. Among other changes, this bill would require law enforcement to obtain a warrant before accessing the contents of communications, regardless of how long those communications have been stored.
Senator Lee also introduced the ECPA Modernization Act of 2017 (S.B. 1657), along with co-sponsors Senator Leahy and Senator Daines. Like the Email Privacy Act, this bill includes a warrant requirement for access to consumer communications. It also includes a number of more comprehensive reforms, including a particularity requirement, rules governing law enforcement access to geolocation information, and a new set of obligations to notify a customer whose material has been accessed.
Senator Orrin Hatch (R-UT) re-introduced the International Communications Privacy Act (S.B. 1671), which is designed to address law enforcement access to data stored abroad. The bill has two co-sponsors, Senator Heller and Senator Christopher Coons (D-DE). More information about this bill is expected soon.