It’s time for Congress to update the law governing digital surveillance

Cyber war has a new weapon: Your smartphone
Getty Images

Laws governing emails and other electronic communications in the United States are seriously outdated. As applied today, those laws can lead to seemingly opposite, illogical conclusions.

The federal government can access emails and other stored communications without a warrant, if an email or other electronic communication is over 180 days old. Yet, if a service provider decides to store electronic files overseas, domestic law enforcement agencies may not be able to access the information, even using a warrant. Similarly, foreign governments may not be able to access an email sent by and received by their citizens if the service provider elects to store the email on a server in the United States.

The federal government both has too broad access to highly personal information and may not have access to information it needs during a lawful investigation.

{mosads}On the one hand, federal agencies may have too much access to “old” electronic communications. If the emails sought are older than six months, law enforcement agencies may not need warrants. Warrants are based on probable case and subject to other Fourth Amendment restrictions. That is to say, where warrants are required to access electronic files, the government must formulate some reason for which it needs access—a reason palpable enough that a judge will sign off on it.

 

If electronic communications are six months old, or older, the government need only send a service provider a subpoena, which does not need to state why the government needs the communications. 

On the other hand, if a U.S. resident sends an email to another U.S. resident, but the email service provider decides to store the email in a server overseas, say in Europe, at least one current court case and treaties may either prevent the government from obtaining copies of the email or significantly slow legitimate investigations. This prohibition applies uniformly to requests issued via warrant and requests issued via subpoena, and the age of the email has no bearing on the outcome of the request.

The Electronic Communications Privacy Act of 1986 governs both law enforcement access to domestically stored electronic communications and restricts access to data stored overseas. Let that sink in for a moment. Federal law enforcement access to emails is governed by laws predating the invention of webmail and the smartphone. Cloud computing was but a twinkle in some computer scientist’s eye when Congress first passed ECPA. 

In 1986, the internet was in its infancy. The internet was largely a tool to connect military communications and academic institutions. Those two groups had just spun the internet’s predecessor ARPANET into a military application called MILNET and a civilian version. As of 1986, there were just a few thousand computers on the internet. Email had been around for over a decade at that point, but its full potential was unrealized. 

Neither Congress nor too many experts had reason to foresee the scope and scale of today’s global internet. Data—emails, files, and other packets—cross international borders all the time. Emails are routinely stored for years, if they are ever deleted. Society’s expectations of privacy regarding stored or old emails are significantly greater today than they were even a decade ago. 

Congress in 1986 had great foresight. That foresight, though, only lasted for a time. Laws protecting emails and other stored electronic communications from the government’s potentially prying eyes need to be updated to reflect modern technology and societal expectations of privacy. Rules that hinder law enforcement from accessing communications stored overseas with valid warrants need to be similarly updated. It just so happens that the law governing both is the same one Congress passed in 1986.

Jonathon Paul Hauenschild, J.D. is a technology policy analyst in Washington, D.C. and the founder and principal of Franklin Adams & Co., LLC.


The views expressed by contributors are their own and are not the views of The Hill.

Tags ECPA Electronic Communications Privacy Act Jonathon Hauenschild Privacy Surveillance Technology

Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

Most Popular

Load more