WASHINGTON, D.C., February 2, 2013 - The House of Representatives is in the process of formulating new legislation on email privacy, which likely will codify the requirement that police obtain a search warrant from a judge before accessing emails and other private information.
Police and prosecutors have previously issued subpoenas to access emails, and many Internet Service Providers have simply rolled over and given them what they asked for.
Google disclosed last week that their policy has always been to require more than a subpoena to disclose information. They require a search warrant whenever a request is made for a user’s emails, documents or information for contents of Gmail and other services based on the Fourth Amendment to the Constitution, which prevents unreasonable search and seizure.
The 4th Amendment states: The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
However, this policy appears to conflict current law, based on two 1986 laws.
First, the Electronic Communications Privacy Act provides that if law enforcement personnel have “reasonable grounds to believe” that information could be useful as part of an investigation, they need only a subpoena to access that information.
No judge intervention is required.
Second, the Stored Communications Act allows a governmental entity to compel an Internet Service Provider to disclose electronic communications to officials in certain circumstances. The compelled disclosure provisions of the Act offer different levels of privacy protection for email held by an electronic communication service or email held by a remote computing service, and different levels of protection based on how long the email has been in storage.
The SCA targets two types of online service: “electronic communication services” and “remote computing services.” The statute defines an electronic communication service as “… any service that provides to users … the ability to send or receive wire or electronic communications.” A remote computing service is defined as “the provision to the public of computer storage or processing services by means of an electronic communications system.”
Within the Act there is a description of the conditions under which the government is able to compel an ISP to disclose “customer or subscriber” content and non-content information for each of these types of service. A search warrant is necessary in some cases under the SCA, and not in others.
In the world before the Internet, a law governing privacy did not have to deal with multiple formats, multiple storage locations nor seemingly the entire world population of users.
The 1986 ECPA’s protections were adequate then. The world is vastly different today, with extensive use of online communication, cloud computing and social networking.
The enormity of more data and information makes a new law that includes all of this, and our privacy, very necessary.
Current law focuses on whether or not you have an expectation of privacy when you send an email.
The ECPA allows the authorities with a simple subpoena to obtain access to emails that are more than 180 days old because those are considered abandoned.
Challenges to the law have been met with resounding agreement, albeit in differing degree, that there is a need for police to obtain a warrant before being accessing email.
Cases decided over the last several years, seen collectively, make a new uniform law necessary to clarify exactly what requirements are when police seek to capture electronic communications.
In 2010, the 6th U.S. Circuit Court of Appeals ruled in US v. Warshak that the government must have a valid warrant to access email content stored on a provider’s server. The judges wrote that email content should not be treated differently than phone calls and letters, which cannot be accessed without a warrant.
Given the fundamental similarities between email and traditional forms of communication, it would defy common sense to afford emails lesser Fourth Amendment protection… First, the very fact that information is being passed through a communications network is a paramount Fourth Amendment consideration… Second, the Fourth Amendment must keep pace with the inexorable march of technological progress, or its guarantees will wither and perish.
A Kansas Court last year, in In re Applications for Search Warrants indicated it found the Warshak case persuasive, and held that electronic communications are subject to a reasonable expectation of privacy. The Court’s ruling further indicated that search warrants for should be sufficiently limited to the relevant crime and should address limits for reviewing the data.
The ECPA has been interpreted inconsistently. The 6th Circuit (covering Ohio, Michigan, Kentucky and Tennessee) ruled in 2010 that police must obtain warrants for all emails.
The Judges in the 9th Circuit Court of Appeals (covering Alaska, Arizona, California, Hawaii, Idaho, Montana, Nevada, Washington, and Oregon) ruled that a search warrant is required for both opened and unopened email, but only if left on a server for less than 180 days.
Facts and circumstances will always present in a unique manner. This individual privacy vs. public protection issue, however, needs thorough uniformity. Police currently can use a “D Order” to get “to” and “from” addresses from ISPs, if a judge signs the Order. The police however, must only show there is a reasonable suspicion of a crime, a much lower standard than that of probable cause required for a search warrant.
Further complicating things, requests for non-content metadata, which includes the names individuals use when signing up for accounts, IP addresses of the computers used to create those accounts, the times and locations of sign-ins and sign outs of email accounts, the identification of a sender and a recipient of an email and the IP address used to send an email, can all be accessed now without a warrant.
In summary, the current status of the law is begging for a one-stop simple statement which provides us the protections afforded by the 4th Amendment and which also gives the government access to track criminal behavior.
The new law, or amendments to the existing laws, should clean up all confusion surrounding timing, location of the sent and received communications, and exigent circumstances. The law should cover all forms of sites, whether they acted as the location for the creation of an account, facilitate transmission of the communication or store the message, image or other content.
Paul A. Samakow is an attorney licensed in Maryland and Virginia, and has been practicing since 1980. He represents injury victims and routinely battles insurance companies and big businesses that will not accept full responsibility for the harms and losses they cause. He can be reached at any time by calling 1-866-SAMAKOW (1-866-726-2569), via email, or through his website. He is also available to speak to your group on numerous legal topics. Paul is the featured legal analyst on the Washington Times Radio, in Washington, D.C., on the Andy Parks show, the featured legal analyst for America’s Radio News Network, heard in 165 markets nationwide, and he is a columnist on the Washington Times Communities.
His book The 8 Critical Things Your Auto Accident Attorney Won’t Tell You is free to Maryland and Virginia residents and can be obtained by ordering it on his website; others can obtain it on Amazon.
This article is the copyrighted property of the writer and Communities @ WashingtonTimes.com. Written permission must be obtained before reprint in online or print media. REPRINTING TWTC CONTENT WITHOUT PERMISSION AND/OR PAYMENT IS THEFT AND PUNISHABLE BY LAW.