February 14, 2017

Email Privacy Act Unanimously Passed by House of Representatives

by Danielle Pomeraniec

In early February 2017, the House of Representatives unanimously passed H.R. 387, the Email Privacy Act, which prohibits the federal government from searching individuals’ emails without a warrant. The act updates the current standard set by the Electronic Communications Privacy Act (ECPA), which allows the federal government to search emails without a warrant if the emails are older than 180 days and stored on third-party servers (e.g., Google). The act also applies to cloud technologies, thus protecting items such as Dropbox files. The act requires the federal government to show probable cause in order to obtain a search warrant. However, it does not alter warrant requirements under the Wiretap Act, the Foreign Intelligence Surveillance Act (FISA), or any other law.

This is not the first time that the act was presented to Congress. Last year, the same bill was passed by the House and then stalled in the Senate, due to proposed amendments, such as the one proposed by then-Senator Jeff Sessions in June 2016 that would create “emergency disclosure” exceptions and the amendment proposed by Senator John Cornyn (R-TX) that would expand the information the FBI could obtain with a National Security Letter, which do not require prior judicial oversight. Ultimately, the proposed amendments delayed the bill too long for a vote to be reached during the last congressional session.

In a statement issued after the vote on Monday, Google Director of Law Enforcement and Information Security Richard Salgado declared, “The Email Privacy Act ensures that the content of our emails are protected in the same way that the Fourth Amendment protects the items we store in our homes.” Salgado further referenced the Sixth Circuit’s decision in United States v. Warshak, 2010 WL 5071766 (Dec. 14, 2010), wherein a portion of the Stored Communications Act, contained within the ECPA, that allowed warrantless searches of emails was found to be unconstitutional.

The act does not protect emails stored on servers located in servers outside the United States. Thus, it will not have an impact on Microsoft’s current legal disputes in Ireland.

Danielle Pomeraniec is an associate at the Roth Law Firm in New York City, New York.


Copyright © 2017, American Bar Association. All rights reserved. This information or any portion thereof may not be copied or disseminated in any form or by any means or downloaded or stored in an electronic database or retrieval system without the express written consent of the American Bar Association. The views expressed in this article are those of the author(s) and do not necessarily reflect the positions or policies of the American Bar Association, the Section of Litigation, this committee, or the employer(s) of the author(s).