House Praised for Passing Email Privacy Act; Unclear What's in Store in Senate

Senate work on ECPA update legislation remains “important” but it “won't move too soon” given Senate Judiciary Committee consideration of Supreme Court nominee Neil Gorsuch and other pressing business, said Chairman Chuck Grassley, R-Iowa, in an interview. Grassley said he hasn't “talked to anybody about” how Senate Judiciary should prioritize the ECPA revamp in its legislative agenda but believes the committee may now “look a little more at the law enforcement issue” given the controversial FBI access amendment that Senate Majority Whip John Cornyn, R-Texas, attached to the revamp bill last year. Grassley believes Senate Judiciary ranking member Dianne Feinstein, D-Calif., “may have a different view” on the contours of ECPA reform than did previous ranking member Patrick Leahy, D-Vt.

Several other privacy and technology experts and senators' offices contacted either didn't comment or couldn't say whether the measure that makes significant updates to the 1986 ECPA would pass the Senate. Reintroduced a month ago by Reps. Kevin Yoder, R-Kan., and Jared Polis, D-Colo., HR-387 (see 1701090017) passed via voice vote Monday. The same bill passed 419-0 last year, but it never made it out of the Senate Judiciary Committee.

At the time, Cornyn introduced an amendment (see 1605260016) that would have expanded government collection of certain types of information through national security letters, which are essentially administrative subpoenas. The amendment would have widened collection of electronic communications transactional records (ECTR) such as account numbers, login history, credit card and bank account information, types of services such as social media accounts and email providers, location data and browsing history. Sens. Mike Lee, R-Utah, and Leahy, who co-sponsored the ECPA update bill, said they couldn't support what they called a "poison pill" amendment (see 1606090007) and instead withdrew their measure.

Robyn Greene, policy counsel and government affairs lead with New America's Open Technology Institute, emailed that the Email Privacy Act "is the most widely supported bill" in Congress for two consecutive years. "Americans are more concerned about their privacy than ever before in light the Trump administration and his cabinet picks, several of whom are openly hostile to civil liberties. Even Congressional staffers are encrypting their communications to protect their privacy," she said. Center for Democracy & Technology (CDT) Vice President-Policy Chris Calabrese said in an interview: "Certainly we’re hopeful as well. It is the kind of commonsense thing that you feel like with the right vehicle should be able to move pretty easily."

Calabrese and Greene said they don't know if Cornyn is planning anything, but they said to expect a fight if he proposes an amendment that would again collect ECTR data. "If Cornyn tries to turn this pro-privacy bill into a pro-surveillance bill with more poison pill amendments, he’ll be in for a rude awakening: the opposition will be fierce," said Greene. Calabrese said any ECTR proposal is "an absolute nonstarter from our point of view." He said DOJ and many other law enforcement agencies have largely adopted the practice of obtaining a warrant to access email in all cases, since the 6th U.S. Circuit Court of Appeals ruled in the 2010 U.S. v. Warshak case that ECPA violated the Fourth Amendment by not requiring law enforcement to obtain a warrant. "We’re not going to make radical changes that undercut people's privacy, for example in the national security letter context, in exchange for this modest fix," he said. Cornyn's office didn't comment.

Calabrese said things are a bit different since Microsoft's win in a court challenge against the government's seeking customer data in Ireland (see 1607140071 and 1701240057), and the upcoming debate over Section 702 of the Foreign Intelligence Surveillance Act Amendments Act, which sunsets at the end of this year. If Sen. Jeff Sessions, R-Ala., is confirmed as attorney general, Calabrese hoped the new AG would follow the law as he said during his hearings and wouldn't undercut Warshak, which would be a major change in direction for the DOJ. Calabrese also credited the House for acting quickly on this issue.

On the House floor Monday, Yoder said Americans have Fourth Amendment protections for their paper documents, which isn't the case for the digital content on cellphones or computers. "Our laws allows federal agencies like the IRS or SEC or the law enforcement, to kick down the virtual doors and search innocent American’s private communication and data storage without a warrant, without probable cause or any type of due process," he said. "If an individual was leaving an email on a third-party server it was akin to that person leaving their paper mail in a garbage can at the end of their driveway." These updates "to the law will better safeguard Americans’ constitutional rights while also protecting law enforcement’s ability to fight crime," said House Judiciary Chairman Bob Goodlatte, R-Va. "It’s time for the Senate to take up this bipartisan legislation and send it to the President’s desk to become law.”

Several technology and civil liberties groups also lauded passage of HR-387. They include: BSA|The Software Alliance, CDT, CompTIA, the Computer & Communications Industry Association, Electronic Frontier Foundation and Internet Association.