Privacy SOS

Congress lines up three bills to require law enforcement to get warrants before seizing our emails

Bipartisan legislation introduced this week in congress by Representatives Zoe Lofgren (D-CA), Ted Poe (R-TX), and Suzan DelBene (D-WA) would require police and federal law enforcement to obtain warrants before reading our emails or tracking our physical locations, barring some exemptions. The bill would reform woefully obsolete electronic communications privacy law in the United States, which was first passed in 1986—before the internet as we know it existed, and before most people had cell phones. Lofgren’s bill would even prevent law enforcement form using controversial stingrays to track cell phones unless they got approval from a judge, having showed probable cause. The legislation is a huge step forward.

Under current US federal statutes, law enforcement may be able to obtain our private communications and documents stored in the cloud with a simple subpoena. Subpoenas are simply pieces of paper prosecutors fill out and issue to corporations or individuals, demanding information. No judge approves them or in most cases even sees them. The standard for issuing subpoenas is extremely low. Prosecutors must only believe that the information they seek is relevant to an investigation—a tautology of sorts, given that prosecutors investigate things for a living.

Obviously this federal framework for electronic surveillance makes no sense in 2015. Even the Department of Justice has agreed that a warrant requirement for email surveillance in criminal investigations makes sense. Yet somehow, congress hasn’t been able to get this obvious and important reform over the finish line.

In the absence of federal legislation to close the gaps, a patchwork of state and circuit court rulings and state statutes has created an impossibly complex legal framework for electronic surveillance. Today, the rights you have against unconstitutional search and seizure very much depend on where you live, and what level of law enforcement agency may be targeting you.

In Massachusetts, for example, our state high court ruled in Commonwealth v. Augustine that police must obtain probable cause backed warrants before demanding cell site location information from cell phone companies, to track someone’s historical physical location. But that precedent only governs state and local police in the state, not the feds.

If you live in the states covered by the Sixth Circuit Court of Appeals, your email is protected by a warrant requirement (except in so-called “national security” investigations). That’s because the Sixth Circuit ruled in US v Warshak that the government—feds or locals—must get a warrant before seizing emails stored by a company like Google or Microsoft.

At the same time, some states have passed their own statutes requiring law enforcement to obtain warrants to track our physical locations or read our private communications; but most haven’t. In all of these cases, like with the Augustine ruling in Massachusetts, the 21st century warrant requirement only applies to state and local cops, not the DEA, FBI, ATF, or other federal agencies. State legislators cannot create laws to bar federal law enforcement from conducting warrantless searches.

This inconsistent development of electronic privacy law makes it extremely difficult for ordinary people and even privacy law experts to understand what the law requires in particular circumstances in different states. The Online Communications and Geolocation Protection Act would smooth out the bumps by modernizing privacy law in every state and circuit with one fell swoop, providing a blanket warrant requirement for tracking and monitoring.

Don’t get too excited, though: This bill, like similar efforts aimed at bringing the 1986 Electronic Communications Privacy Act (ECPA) into the 21st century, wouldn’t mess with the NSA’s unconstitutional surveillance programs. Lofgren’s bill, Senator Leahy’s Electronic Communications Privacy Act Amendments Act of 2015, and a similar bill brought by Representatives Jared Polis (D-CO) and Kevin Yoder (R-KY) provide loopholes for what the federal government calls “Foreign” Intelligence Surveillance. In other words, NSA/FBI programs like PRISM wouldn’t be affected if these important bills were signed into law.

Despite that shortcoming, these proposals are crucial steps forward. While they won’t stop the NSA from reading your email, they will stop local police and in many cases even the FBI from introducing evidence against you if it was obtained without a warrant.

And there’s some hope that one of these bills might even move this time around. “We really hope that this Congress is the one to do it,” Congressman Polis said of his proposal to modernize the warrant requirement for email content. “I mean, introducing it with 223 [co-sponsors] is an amazing number. That’s huge.”

Let’s hope President Obama gets the message, and moves forward legislation that his own DOJ and over half of the House agree on. Obama’s legacy isn’t looking so good when it comes to digital rights. If he were to sign comprehensive electronic communications privacy reform it would be the first expansion of criminal investigations related digital privacy rights from congress in nearly thirty years. I’d say it’s about time.

© 2021 ACLU of Massachusetts.