Last Updated on May 19, 2020, 9:59 am ET
Today is Data Privacy Day, a day for organizations, companies, and individuals to advocate for stronger privacy rights. One area that is badly in need of reform is the Electronic Communications Privacy Act (ECPA), a law that was passed in 1986 that governs when government agencies can access e-mails and other online communications. This law has clearly not kept pace with evolving technologies and permits agencies to access documents or communications that are older than 180 days and stored online with merely a subpoena, meaning that no warrant or prior judicial consideration is necessary. This result is an absurd one, affording online communications with less protection than hard copy documents stored in an office or filing cabinet.
As libraries and universities move services into the cloud and more communications take place online, it is critical that Fourth Amendment protections continue to apply even in the digital world. The way individuals communicate and interact today has clearly changed since ECPA’s enactment in 1986 and the law must be updated to protect civil liberties. ARL has been a member of a broad coalition that includes civil liberties groups (such as ACLU, CDT, EFF and others) as well as technology companies (such as Google and AT&T) and trade associations (such as CCIA), to advocate for updates to ECPA.
In the last Congress, ARL celebrated when the Email Privacy Act, a bill that would provide much needed updates to ECPA, reached a milestone of 218 co-sponsors in the House of Representatives on June 17, 2014 representing a majority of support from members in the House. The Email Privacy Act ultimately attracted 270 cosponsors with broad, bipartisan support. The Senate had its own version of the bill, which passed committee, but never reached the floor.
Twenty-nine years have passed since ECPA was enacted and today’s digital world is very different from the one that existed in 1986. Congress has waited long enough to act on this important issue and we urge re-introduction and swift passage of the Email Privacy Act.