The Electronic Communications Privacy Act (ECPA) was enacted in 1986, long before widespread use of the Internet. Today’s society communicates in a dramatically different manner than in 1986, with an increasing amount of data stored digitally with third party providers. 

Unfortunately, ECPA does not prohibit access to user communications and information stored online without a warrant if the item had been marked “read” or opened, or if it is are older than 180 days.  In those cases, only a less-strict subpoena is required in order to read user emails as part of an investigation.  However, because most users now store information and emails with third-party providers online using cloud computing providers, it makes little sense to treat this information differently based whether the item’s status is marked as “read” or dated more than 180 days.

How the government treats this information varies widely, with some jurisdictions following a ruling by the Sixth Circuit Court of Appeals in United States of America v. Warshak, which determined that by compelling the defendant to turn over his emails without first obtaining a warrant, his Fourth Amendment rights were violated.  Yet outside of the Sixth Circuit, this same rule is not necessarily applied by law enforcement when seeking this type of information from a third party email service provider or cloud computing provider.

Concerns over warrantless searches and the privacy of information stored online, including the use of third party cloud providers for email storage, have been raised by the Digital Due Process Coalition (DDP), of which Citizens Against Government Waste (CAGW) is a member.  ECPA was unclear in regard to the authority law enforcement and government agencies have to access such information.

Members of the DDP pushed hard for more than a year to include provisions in ECPA reform legislation that would require a warrant in order for law enforcement to access the content of electronic communications.   In addition to being a member of DDP, CAGW is also the co-chair of the Privacy Working Group, which brings together leading experts and thought leaders on current privacy policy and online safety issues. 

Congress is considering improvements to ECPA, including requiring a warrant in order for law enforcement and other government entities to access electronic communications, including email from third party providers.  On April 25, 2013, the Senate Judiciary Committee approved S. 607, the Electronic Communications Privacy Act Amendments Act of 2013by voice vote.  If signed into law, S. 607 would require information stored by individuals online, including cloud computing services, to be subject to the same privacy rules and protections as information stored in personal computers, desk drawers and file cabinets.