Email and The Cloud Get New Privacy Protections Says US House

Data privacy laws are very lax under current US laws

Recent reports published in the media have revealed that the United States House of Representatives has approved new protections (that is privacy protections just to be clear) for online services such as the email and the cloud.

The current data privacy law, which is over thirty years old, would be amended as a result of the new privacy protections through the new Email Privacy Act.

The Email Privacy Act was approved in the United States House of Representatives in the past week, on Monday.

Talking about its purpose, the new Email Privacy act will protect citizens along with other organizations through a new arrangement which would necessitate all law enforcement agencies to first acquire a court-ordered warrant in order to search suspects or suspected organizations.

According to the new Email Privacy act, this would only apply in situations where law enforcement agencies would want to search online services such as email and other types of online data on suspect entities.

Moreover, the email and data stored on any given entity (assuming everything is being handled by a third party service or organization) must be stored for longer than a period of six months.

Data not in storage for the specified amount would not require a court order for search or further investigation.

However, that doesn’t mean that the bill would go into immediate effect.

Far from it.

The Email Privacy Act has only been approved, as a bill, in the United States House of Representatives through a voice vote (according to Wikipedia a voice vote is, A vote by voice is the regular method of voting on any motion that does not require more than a majority vote for its adoption) and will now have to go to the Senate for further consideration and deliberation to see the light of day.

As mentioned earlier as well, if passed, the Email Privacy Act would modify (in other words update) the older Electronic Communications Privacy Act, ECPA, which is a thirty-one-year-old law.

It wouldn’t be too far-fetched to say that if the bill also goes through the Senate, it could mean a huge moral victory for many privacy advocate groups along with tech companies (both big and small) since both of these entities have been pushing Congress to bring the older Electronic Communications Privacy Act up to date with the modern world since 2011.

User expectations have changed a lot since the 80s

Privacy protections that are too weak and not comprehensive enough for stored data and email give rise to questions and apprehensions about online cloud services available in the United States of America.

The primary type of customers who pay considerable attention to data privacy laws are individual consumers and enterprises.

Of course, that is the point of view of people who support the new Email Privacy Act bill.

Under current law (that is, the older Electronic Communication Privacy Act), privacy protections related to stored data and email change according to the age of the data.

In other words, under Electronic Communication Privacy act, a recently stored data would have a different set of privacy protections than a data that has been lying in storage for a period of twelve months or more.

As per current laws, if law enforcement agencies want to search a suspect’s residence, working space (office) or any other premises then they need to get court-ordered warrants in order to search items such as files or electronic files which might be stored on the suspect’s laptop or any other type of computer machine or even in the cloud, only if the stored data or email in question or under investigation has been in storage for less than 180 days.

What happens if that data has been in storage for a longer period?

Then, the privacy protections afforded to individuals along with enterprises start to wane away.

To put it another way, if a suspect has files on his computer or in the cloud or even in any physical shape or form, it would have very little privacy protection from the law if it has been in storage for longer than 180 days.

Naturally, groups who advocate more privacy protection, and are intimidated by all the mass surveillance programs being funded by the United States governments, and tech companies have been growing every so uncomfortable with current data protection laws.

Currently, law enforcement agencies such as the police only need something like a subpoena, which doesn’t have to be reviewed by a respect judge, in order to force individuals or enterprises to release stored files either in the cloud or with third-party service providers, provided the data has been in storage for longer than 180 days.

Users now want more privacy and transparency than ever.

It doesn’t take a genius to figure out that this “loophole” of sorts can be abused both by law enforcement agencies along with suspect individuals and enterprises.

For clarity’s sake. The law, currently, treats data differently according to the time it has been in storage. That stark difference in treatment needs to change according to some privacy protection advocates.

In fact, some even consider the difference in treatment as a glaring loophole in the privacy protection laws that are currently active in the United States of America.

One certain Jared Polis, who is a Democrat from Colorado and a co-sponsor of the new bill and currently is acting as a representative, certain believes that the law needs to change, sooner for the better.

Kevin Yoder, who is also a representative and a Republican from Kansas and one of the other co-sponsor of the new bill believes that the new Email Privacy Act would be able to successfully bring the United States laws related to digital privacy into the new century (that is the twenty-first century).

What’s Wrong With Current Data Privacy Laws?

Current data privacy laws according to Electronic Communication Privacy Act were passed in the year 1986. Data privacy advocates along with supporters firmly believe that the bill is out of date by about thirty years.

The primary reason for that is, as supporters claim, users who go online and use the internet on a regular basis to get their work done have changed.

More specifically their expectations on how their data is handled, monitored or collected have changed.

To be fair, it should have been anticipated a long time ago that with the development of the web and its integration into the very fabric of how people connect with each other, buy things, handle their finances, the expectations as to how all of that data is managed would change.

And they have.

One of the reasons why internet users’ demands have changed regarding their data and privacy is because of the prices of computer hardware.

Back in the 80s, computer hardware was expensive.

Consequently, not many people or organizations could afford massive amounts of storage during that era.

The total number of people, on earth, who had email accounts, back then, were around 10 million.

At least that is what Yoder believes.

Tech companies along with many other privacy advocates have constantly campaigned in support of the new bill

Fast forward to 2017, and you have internet users who are way more sensitive to how marketing agencies along with government organizations spy on them and collect their data.

Perhaps, that’s why the number of users who store and trust their sensitive data with cloud services and other types of internet-based companies has increased exponentially.

On the other hand, it is also true that during the presidentship of Barack Obama, the concept of making drastic changes to the current Electronic Communication Privacy Act was not only considered but also favored heavily.

Critics point out though, that the changes being proposed to the Electronic Communication Privacy Act will make it much more difficult for the United States law enforcement agencies to catch terrorists or stop terrorism in general.

Moreover, it would also hinder the process of investigating criminals along with other types of crimes for law enforcement agencies.

Readers who have been following news about data privacy and data protection laws would do well to recall that a similar looking boll was based in the United States House of Representatives in April of 2016.

Back then, the bill was passed by a unanimous 419-0 vote count.

Needless to say, that was a rare occasion.

What Does The History Of Such Bills Tells Us?

So what happened to that bill?

It died.

Partly because once the bill was considered by the Senate, it did not take long for it to completely discard the bill.

In other words, the Senate did its best to not act on the bill and hence the bill failed. The legislation never saw the light of day.

And by the time a new Congress came along (got elected) in the November of the same year, the bill was nowhere to be seen or heard about.

As far as the latest version of the Email Privacy Act is concerned, it has currently managed to attract about 108 cosponsors.

The Email Privacy Act was introduced on January 9, 2017, and within three months, over a quarter of the number of members of the House of Representatives has given it its approval.

In a weird little twist though, various media reports published in the media have also revealed the proposed bill will not be able to safeguard technology/internet companies from being searched by the United States law enforcement agencies as far as their servers, which are located overseas outside the US, are concerned.

Recently, the media has been flushed with news about how giant tech corporations like Google and Microsoft have been trying their best to resists search warrants for online data that these tech companies have collected on their users and stored on servers that are physically located outside the United States of America.

How Did The Privacy Bill Actually Got Approved In The House

To say that The Email Privacy Act was approved just because about a quarter of the members of the United States House of Representative backed it would be kind of an understatement for the simple reason that some outside influence could have come in handy as well.

As indicated earlier as well, some data privacy advocates along with technology companies had supported the proposed bill long before January 2017.

What we didn’t mention was the fact that the Consumer Technology Association tried its best to persuade the United States House of Representatives to do its best so that the bill gets passed.

This happened before the vote so one can be sure of the fact that it might have played a role in getting the support it needed to get passed.

Gary Shapiro, who is currently the president along with the CEO of Consumer Technology Association recently said in an official statement that the current Electronic Communication Privacy act was written before Congress could even imagine a United States citizen sharing and storing personal information on third-party servers and hence was awfully out of date.


Zohair A. Zohair is currently a content crafter at Security Gladiators and has been involved in the technology industry for more than a decade. He is an engineer by training and, naturally, likes to help people solve their tech related problems. When he is not writing, he can usually be found practicing his free-kicks in the ground beside his house.
Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.