ECPA Modernization Proposal Would Streamline Disclosure Requirements
A recent press release from Congressman Jerrold Nadler should be music to the ears of ISPs, cloud-based businesses, and users who are storing data in the cloud.
Rep. Nadler believes that “current law is inconsistent and unclear regarding the standards for government access to the content of communications, and a single email is potentially subject to multiple different legal standards. Clarifying the laws will help industry stakeholders, who currently struggle to apply the existing, outdated categories of information to their products and services, and it will provide a clear standard for law enforcement.”
Accordingly, Rep. Nadler has introduced H.R. 6339, the “Electronic Communications Privacy Act Modernization Act of 2012.” While the text of the bill is not yet available (it will be posted here), it would reportedly: (1) impose a uniform requirement that the government obtain a warrant based on probable cause before it can mandate the disclosure of the contents of communications from third parties; (2) establish notice requirements for such disclosures; (3) create a uniform suppression remedy when the contents of communications are unlawfully obtained; and (4) expand reporting requirements to facilitate congressional oversight.
The Digital Due Process Coalition has long advocated in favor of a uniform warrant-and-probable cause requirement for searches of the contents of electronic communications. Senators John Ashcroft and Patrick Leahy proposed such a reform in 1998 but were unsuccessful. Sen. Leahy also introduced a Senate bill last fall to amend ECPA to include such a requirement. Sen. Leahy’s bill would also apply the warrant requirement to stored communications over 180 days old, which can presently be obtained by subpoena under ECPA, and to location-based data.