A new bill proposed Tuesday calls for a major overhaul to a digital privacy law that is now 25 years old. It would allow for more restricted access by requiring government officials receive a probable cause warrant before they can gain access to email and other information stored in the cloud.
The bill would be an update to the Electronic Communications Privacy Act (ECPA), first enacted in 1986 before sophisticated email or Internet. As it stands, the ECPA allows for the government to acquire someone's emails or any other content as long as it's been stored on a third party server for more than 180 days, according to Wired, and as long as the government showed reasonable grounds to believe the information could further an investigation.
Democrat Senator of Vermont Patrick Leahy, who proposed the bill, said in a statement that the ECPA "is significantly outdated and out-paced by rapid changes in technology and the changing mission of our law enforcement agencies after September 11. Updating this law to reflect the realities of our time is essential to ensuring that our federal privacy laws keep pace with new technologies and the new threats to our security."
The bill also refers to a warrant requirement to access smartphone location data — which should be particularly of note to some as word of how iPhone and Android devices have been storing that data without consumer consent has made headlines recently. The bill has "well-balanced exceptions" about having to receive a warrant if there's an immediate threat to safety, but overall "the bill also requires a search warrant in order to obtain real-time location" data.