That law tech-policy types call “ECPA” has long since become a four-letter word. Its original sin was leaning on an obsolete understanding of email to grant warrant-free access to messages stored online, but its major failing is now irrelevance: webmail providers demand a warrant anyway.
Up to that expiration date, the government needs awarrant from a judge based on probable cause to compel a communications provider to turn over your mail. Afterwards, a meresubpoena suffices.
The advent of webmail services in which your messages never left the cloud — beginning less than 10 years after ECPA’s passage withHotmail — only made that line look more absurd.
Since then, other telecom firms as AT&T (T), Comcast (CMCSA) and Yahoo’s corporate parent Verizon (VZ) have also said they require warrants. Smaller mail services without staff counsel, however, may still oblige a subpoena.
The Trump administration has made it clear that it wants to loosen rules on both companies and law enforcement, which may weaken the agencies’ cause while encouraging the anti-terrorism argument. Meanwhile, itsoverall vagueness about tech policy has included silence about fixing ECPA.
“There is no reason to expect they will act to move reform forward,” concluded Sharon Bradford Franklin, director of surveillance and cybersecurity policy atNew America’s Open Technology Institute.
Meanwhile, Congress has a hard time passing anything these days, not justin tech policy.
“There no longer seems to be space for small, useful reforms like this update to ECPA,” said Chris Calabrese, vice president for policy at theCenter for Democracy & Technology. “Because everything is hard to pass, other actors like local law enforcement and the FBI want to make sure that they get their unrelated priorities met in any piece of legislation.”
Hoping the courts clean up Congress’s mess is, as the president might say, sad. But seeing as how judicial intervention finally yieldedmeaningful progress in patent reform last year, it also appears sadly realistic.
