Congress could fix this email privacy issue, but might not. ¯\_(ツ)_/¯
The 114th Congress’ time is running out, but there’s still time for it to fix an obsolete email privacy law that almost everybody agrees is broken. But even though the privacy-reform bill to fix those problems, H.R. 699, otherwise known as the “Email Privacy Act,” won unanimous passage in the House back in April, you can’t rule out Congress failing to finish the job, because that’s whattends to happen on Capitol Hill when tech policy comes up.
Even in 1986, itshouldn’t have been a foreign concept that people would keep mail on a remote computer instead of only on their own machines. There were such things as dial-up bulletin-board systems, which allowed users to store and download their messages on a central server, but not that too many people near Congress would have been using them.
But the thinking behind ECPA held that anything left to linger on a server for more than 180 daysmight as well be abandoned property, unworthy of the traditional protections accorded to messages saved on your own computer, or paper letters in your own home.
The only meaningful dent in that policycame in 2010, when the U.S. Court of Appeals for the Sixth Circuit held that ECPA’s 180-day rule was unconstitutional. Although that ruling was only binding in that circuit’s territory — Kentucky, Michigan, Ohio and Tennessee — major webmail providers began holding investigators to that standard nationwide, insisting on a warrant for stored email.
It’s now been over three and a half years since the mass-market irrelevance of that part of ECPA has become common knowledge, and the law remains on the books unaltered.
Not for lack of trying
After several years of having attempts to fix ECPA in Congress run aground, we’re now closer than ever.The Email Privacy Act passed the House by a vote of 419 to zero in late April.
So Senate passage in the remaining weeks of this session should be a sure thing, right?
Advocates of ECPA reform are not overflowing with confidence.
“Given the fact that the bill has passed out of the House overwhelmingly, and there is strong support in the Senate… I think there’s certainly a path for ECPA reform,” said Michael Petricone, vice president of government affairs of theConsumer Technology Association.
“It’s certainly possible that the House’s strong support could mean it gets included in some year-end package,” said Chris Calabrese, vice president of public policy at theCenter for Democracy & Technology. “Is that super likely? Probably not, but it’s also certainly a possibility.”
The alternative is that the bill won’t get out of the Judiciary Committee, where it’s been stuck since April as some lawmakers have sought to amend it to give the government more investigative powers — a common reflex after terrorist attacks.
If the Email Privacy Act gets dragged to the trash, it will at least have good company there.
Congress also looks increasingly likely to do nothing on patent reform, once again preserving the market “patent trolls” that make nothing and instead buy up patents so they can then shake down random companies with threats of lawsuits for allegedly infringing them.
The last best hope for tech-policy action may come in a bill that just cleared the House: TheConsumer Review Fairness Act would strike down clauses in contracts between merchants and customers that allow businesses to punish consumers for saying mean things about them.
So tech-policy advocates promise that if they can’t make things happen in 2016, there’s always next year. As CDT’s Calabrese said about ECPA reform: “If it doesn’t happen in this Congress, we’re also teed up for action in the next Congress.” Or, presumably, the one after that.
EmailRob at rob@robpegoraro.com; follow him on Twitter at@robpegoraro.
