Modern field guide to security and privacy
View of the distinctive US Capitol dome from an arch on the Senate side of the structure.
Melanie Stetson Freeman | Caption

Opinion: The Senate should pass the Email Privacy Act without delay

PATH TO PROGRESS

The Senate must step up to pass this desperately needed legislation that restores the privacy rights of all Americans in the Digital Age.

With Congress consumed by political battles, there's still a glimmer of hope for bipartisanship on privacy issues: The House last week passed the Email Privacy Act by unanimous voice vote.  

That’s not altogether surprising. Introduced by Kansas Rep. Kevin Yoder (R) and Colorado Rep. Jared Polis (D) the measure was even known as the “most popular bill in Congress” for garnering 315 co-sponsors last year.

Despite its popularity, however, this important bill, which would require government agencies to get a search warrant before accessing emails or other digital communications that are more than 180 days old, failed to pass the Senate last year.

We can’t let that happen again. The Senate must step up to pass this desperately needed legislation that restores the privacy rights of all Americans in the Digital Age.

At a time when internet users are concerned about their privacy, the Email Privacy Act goes a long way toward restoring their confidence and establishing desperately needed online protections.

The legislation updates the Electronic Communications Privacy Act (ECPA) of 1986 — passed when email was still in its infancy — to establish reasonable privacy expectations for how we use email, text messaging and other digital correspondence in the modern age.

Under current law, law enforcement and other government agents do not need a warrant to search and seize digital communications for older than 180 days. This includes your personal emails, text messages or photos shared exclusively with a loved one.

Passing the Email Privacy Act to update the three decade old law and require warrants for digital searches is crucial to ensure our online correspondence enjoys the same protections as other personal items in real life. If the government needs a warrant to read your secret letters locked away in a filing cabinet, they should also get legal permission to read your emails.

Working together with both law enforcement and privacy advocates – groups that do not always see eye to eye – the House managed to create a balanced, bipartisan solution to a longstanding problem. Unlike some prior versions of the proposal, this 2017 bill does not create carve-outs allowing federal agencies like the Securities and Exchange Commission or the Internal Revenue Service to access emails without a warrant, which would have expanded government surveillance capabilities and undermined the very purpose of the reform.

With trickier questions about surveillance authority, encryption and cybersecurity on the horizon, fixing ECPA can be a first step for the legislative branch to rebuild relationships with the tech community, which have been has been rather tense of late.

A multitude of companies are extremely alarmed about President Trump's immigration executive order. Concerns that their users’ data may be a target of unwarranted government surveillance remain a dark cloud hovering over Silicon Valley. American tech companies are not just competing with one another but with a more competitive global marketplace where foreign customers and foreign governments are becoming less hospitable to American brands.

With this backdrop, the Senate should avoid the mistakes it made in 2016.

After all, even after the House passed last year's version of the bill unanimously, the bill fell apart when some senators attempted to use the measure's popularity as an excuse to attach unrelated amendments.

One proposed amendment last year would have expanded the FBI’s ability to use National Security Letters, administrative subpoenas not requiring a warrant, to obtain electronic communication transactional records (known as ECTRs) from Internet Service Providers. Opponents of the amendment say it’s not needed, and that the current language sets the right balance to ensure oversight and prevent abuse, while also allowing the FBI the tools it needs to do its job. Instead, the amendment would give the FBI broad new powers to collect private information without court authorization.

The Email Privacy Act is a carefully structured bill to improve email privacy protections. Attaching unnecessary amendments like the so-called “ECTR fix” would be a mistake – and undermine the good-faith negotiations completed by the House and further sour already-strained relations with the tech industry.

Congress has an opportunity to show the public that it can work together, sending the president a popular, smart and bipartisan reform that will benefit all Americans. At a time when almost every action is under scrutiny and subject of intense social media debates, getting the Email Privacy Act across the finish line would set a new tone for further deliberation on the complex policy challenges facing the nation.

Nathan Leamer is a policy analyst and the outreach manager for the R Street Institute, a nonprofit, nonpartisan, public policy research organization. Follow him on Twitter @nathan_leamer.