Senate Holds Hearings on Updated ECPA Data Privacy, Storage Rules

By Wayne Rash  |  Posted 2015-09-16 Print this article Print
Data Privacy Legislation

Instead, that portion of the law enforcement community is arguing for a new requirement that would mandate the creation and retention of any record, including transient DNS requests and other IP connections that might someday be useful to some investigator, somewhere.

Other agencies and outside groups are leaning more toward support of the changes to the ECPA that are currently being proposed, while not surprisingly, some agencies are using the proposed revision to the ECPA as a way to get access to information that they've never had before.

One notable illustration is the Federal Trade Commission, which states in its testimony that it currently doesn't get information from providers covered by the ECPA, but would like to have the law amended so that it can get whatever content it wants, without a warrant.

As you might expect, a strong undertone to the Senate hearings was the current appeal in the Department of Justice vs. Microsoft case. The LEADS Act and the proposed changes to the ECPA would clarify how data contained on foreign servers and owned by foreign nationals should be treated.

As it stands now, the legislation asks the State Department and the Justice Department to find a way to streamline requests to foreign governments for data that could be evidence.

Notably, the LEADS Act also contains language that would vacate any warrant that would force a U.S. person or corporation to violate a foreign law. It also eliminates the differences between the age and opening date of messages that no longer make sense in today's context.

In addition, the updates to the ECPA would change the act so that it conforms to court decisions that now require law enforcement to get a warrant before seeking information from a person's personal messaging accounts, whether they're in the form of email or text messages.

The technology industry is solidly behind the LEADS Act and the changes to the ECPA. "We urge the Senate Judiciary Committee to reject any effort to create exceptions for government agencies, which would lead to lesser protections for information stored remotely than in the home," Mark MacCarthy, senior vice president of the Software and Information Industry Association, stated in an email. "The committee should pass the Lee-Leahy legislation to bring ECPA in-line with current technology."

Likewise, BSA–The Software Alliance president Victoria Espinel said in her testimony that the organization supports passage of the ECPA. "The Act makes critical updates that are needed to protect the privacy of Americans’ email content and subscriber records."

At this point it remains to be seen exactly what direction an update to the ECPA might take. Most of the testimony in the Senate hearing urged strongly for passage of the revisions as soon as possible.

However, some (but not all) law enforcement statements urged against continuing the ECPA. While it's unlikely that the committee will side with allowing investigators unfettered access to email, it's unclear what direction the final legislation will take.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel