Email Privacy Act – Reintroduction
In the Electronic Communications Privacy Act of 1986 (EPCA), Section 2703, Requirements For Governmental Access
Subsection (a) – Contents of Electronic Communications In Electronic Storage states that “a governmental entity may require that disclosure by a provider of electronic communication service of the contents of an electronic communication, that is in electronic storage in an electronic communications system for 180 days or less, only pursuant to a warrant issued under the Federal Rules of Criminal Procedure or equivalent State warrant.”
More importantly, it goes on to say that “a governmental entity may require the disclosure by a provider of electronic communications services of the contents of an electronic communication that has been in electronic storage in an electronic communications system for more than 180 days by the means available under subject b of this section.”
Subsection (b) – Contents of Electronic Communications In A Remote Computing Service states that “a governmental entity may require a provide of remote computing service to disclose the contents of any electronic communication to which this paragraph is made applicable by paragraph (2) of this subsection.”
Section 2703 (b) (2) states that the previous paragraph “is applicable with respect to any electronic communication that is held or maintained on that service.”…
“(A) on behalf of, and received by means of electronic transmission from (or created by means of computer processing of communications received by means of electronic transmission from), a subscriber or customer of such remote computing service; and
(B) solely for the purpose of providing storage or computer processing services to such subscriber or customer, if the provider is not authorized to access the contents of any such communications for the purposes of providing any services other than storage or computer processing.”
So… what does this mean?
Any communications that are being stored for more than 180 days in the cloud by an email service provider or other service provider do not require a warrant to access.
Here is a link so that you can check it out:
https://www.congress.gov/bill/99th-congress/house-bill/4952/text
The Email Privacy Act has been introduced to Congress on four occasions. It was a simple bill made to require authorities to obtain a search warrant before accessing emails and data in cloud storage for more than 180 days.
The first time the Email Privacy Act was introduced to Congress, it failed to make it out of the first committee. The next three times it was introduced, it was approved by the House of Representatives but died in The Senate. In 2015, (the second time it was introduced), The Act was passed unanimously through The House before being amended and killed in The Senate.
I plan to contact Kevin Yoder and Jared Polis (the writers of the Email Privacy Act) to request their assistance reviving the bill.