Hey Hillary : Feds Say Need Access to Americans’ Emails WITHOUT Warrant…
But the FTC and SEC have not used the current subpoena process in five years.
A bipartisan bid to reform an electronic-privacy law has the support of the tech community and the White House, but federal law enforcement officials tell Congress the changes would hamper civil prosecution.
Civil law enforcement agencies like the Federal Trade Commission and the Securities and Exchange Commission would not be able to obtain critical information if the law were changed to require criminal warrants for access to data stored on cloud services, according to witnesses from those agencies testifying in front of the Senate Judiciary Committee Wednesday.
The law enforcement officials were reacting to bills from Sens. Mike Lee and Patrick Leahy, and Reps. Kevin Yoder and Jared Polis, that aim to update the Electronic Communications Privacy Act, or ECPA.
In its current form, ECPA protects emails from government snooping for 180 days. When the law was initially drawn up in 1986, email providers routinely removed emails from their servers a month or two after they were delivered; users would generally download the messages they intended to keep. Whatever remains on an email server after 180 days is fair game for government to access, with just a subpoena—not a warrant.
Today, ubiquitous cloud-based email systems like Gmail, which offer gigabytes of storage for free, allow the average user to keep his or her messages—and calendars, contacts, notes, and even location data—on a provider’s servers indefinitely.
The ECPA Amendments Act would require law enforcement to get a warrant to access server-hosted information, no matter how old, and would require the government to notify an individual that his or her information was accessed within 10 days, with certain exceptions.
But law enforcement officials expressed opposition to some of the bill’s proposed changes, arguing that its requirement for criminal warrants could leave civil litigators without access to important electronic information.
“The bill in its current form poses significant risk to the American public by impeding the ability of the SEC and other civil law enforcement agencies to investigate and uncover financial fraud and other unlawful conduct,” said Andrew Ceresney, director of enforcement at the Securities and Exchange Commission.
Ceresney and Daniel Salsburg—chief counsel for technology, research, and investigation in the FTC’s consumer protection branch—said the SEC and FTC are not looking for the authority to obtain data with just a subpoena, and instead proposed a system where they could obtain a court order for access to the data. Such a process would notify the individual being investigated and give him or her the chance to make a case in front of the judge before an order is granted or denied.