Technology

Senate amendments could sink email privacy compromise

GOP senators have filed a series of amendment that could sink a compromise on email privacy legislation, but they are unlikely to receive enough support to pass. 

Nine amendments have been filed ahead of the Senate Judiciary Committee’s markup Thursday. They include one by Sen. Jeff Sessions (R-Ala.) to create an emergency disclosure requirement and another by Sen. John Cornyn (R-Texas) to expand the government’s use of National Security Letters. 

{mosads}Privacy advocates like the American Civil Liberties Union and Open Technology Institute circulated letters late Wednesday night urging lawmakers to oppose the additions. 

Sens. Mike Lee (R-Utah) and Patrick Leahy (D-Vt.), who have led reform in the Senate, are hoping for a clean bill. With the backing of privacy advocates, they are pushing an amendment to insert the carefully negotiated language that unanimously passed the House last month. 

“We urge all Senators to support the House-passed bill,” they said. 

The overall bill would update the 1986 Electronic Communications Privacy Act to ensure that law enforcement gets a warrant before forcing technology companies like Google or Microsoft to turn over a customer’s emails or electronic communications. 

While not generally used anymore, a current provision in the law allows the government to use a subpoena — rather than a warrant — to get the information. 

The substitute amendment backed by Lee and Leahy is nearly identical to the House language. The only major change is the inclusion of a provision that would allow the government to obtain records — but not the content of emails — without any kind of court order as long as they are part of a telemarketing investigation. 

Because of the years-long delays in advancing the bill and the negotiations so far, privacy advocates and technology companies have pressed senators to oppose a series of other amendments. 

Below is a list of other amendments filed, though some could eventually be withdrawn. 

EMERGENCY EXCEPTIONS 

Sen. Jeff Sessions (R-Ala.) is pushing an amendment that would force technology companies to hand over a customer’s emails without a warrant in an emergency, when delay could cause “danger of death or serious physical injury.” Technology companies have lobbied hard against the provision, and it failed to make it into the House version. 

Sessions and Sen. John Cornyn (R-Texas) have also offered amendments that would have tech companies hand over the information if the government gets consent from the person who sent or received the communication. Groups like the ACLU warned that the provision could lead to “improper disclosures resulting from abuse or human error.” 

TERROR AND INTEL PROBES 

Cornyn has also offered an amendment that could force technology companies to hand over email records — but not the content — if the FBI director or a designee says they are “relevant to” a terrorist or intelligence investigation. Those records would include name, address, phone number, login history and IP address. 

“It’s doubly offensive that this provision is being tacked onto ECPA reform,” the Open Technology Institute said in a note to senators. “This is a significant expansion of government surveillance authority that demands open and full debate.”

DISCLOSURE

Sen. Jeff Flake (R-Nev.) offered an amendment that would clarify that technology companies can disclose the existence of a warrant to a lawyer or other people who are necessary to comply with the warrant. The amendment would also allow the court decide whether technology companies can disclose the existence of the warrant to any other person. 

Privacy advocates made a major concession in the House when they agreed to scrap a provision that would have let technology companies tell their customers when the government forced disclosure of their emails. 

BILLS AS AMENDMENTS 

Sens. Orrin Hatch (R-Utah) and Lindsey Graham (R-S.C.) offered amendments that are made up of related bills that each has previously introduced. The amendments are unlikely to be approved, but could give the senators a chance to highlight them. 

Hatch’s two amendments are made up of stand-alone legislation he has introduced previously to set limits on the U.S. government’s access to data stored abroad by U.S. companies.

As an amendment, Graham filed his Botnet Prevention Act, which he introduced as stand-alone legislation earlier this month along with Sens. Sheldon Whitehouse (D-R.I.) and Richard Blumenthal (D-Conn.). The bill would give the Department of Justice more power to go after hackers who infect a large network of computers and use them to launch denial-of-service and other cyber attacks.