White House Vaguely Agrees Outdated ECPA Should Be Reformed But Only With An Eye On The Government's 'Interests'

from the SOMEONE-SHOULD-REALLY-FIX-THAT-SOMETIME dept

The Obama administration must be doing a little housecleaning in preparation for the 2016 winner. After months of highly-sporadic and belated responses to We The People petitions, it's answered two big ones (that have been sitting around forever) in a single day. It's also issued a handful of other responses to open petitions, some of which are little more than "we decline to respond," accompanied by a link to the site's Terms of Participation.

It took on two big petitions today. The first was a response to a request to pardon Snowden, which it denied under its "No Good Whistleblowing Goes Unpunished" policy. The second asked for a long-delayed rewrite of an outdated law.

The Electronic Communications Privacy Act has been in need of reform for years. If nothing else, the law's misleading name needs to be changed. One of the more notorious aspects of the law is that it gives email less privacy protection than snail mail, which is already an exceedingly low bar.

The administration agrees that reform of this law -- which treats email older than six months as "abandoned" and thus easily-accessible by law enforcement -- is needed. However, it does so both belatedly, vaguely and disingenuously.

The We The People petition calling for ECPA reform was posted November, 12, 2013. It passed the 100,000-signature threshold roughly 30 days later. At that point, a response was "required." 593 days later, that response has finally arrived.

It's obvious that many -- and arguably, most -- Americans today use email as one of their primary means of communication. Particularly in an era where we keep so much of our lives online, the content housed there deserves strong privacy protections -- which is at the core of what ECPA was designed to do. But over time, technology has evolved.

Which is why our policy teams agree with you: ECPA is outdated, and it should be reformed.
This is good news. Or it would be if there were any particular plan to get something done. While the response agrees that the outdated law's take on email privacy protection is pretty much terrible, the administration doesn't seem too willing to push for any specific reform effort.
We know there are still important details being worked out across government and in the halls of Congress. We aren't going to endorse a single ECPA-reform bill at this time. As any given bill goes through committee and makes its way to the House and Senate floors, the draft is negotiated and modified to address concerns and strengthen the bill.
In other words, we like the idea of reform so much we're going to do nothing about it. While efforts have been made over the past few years, they've been stalled/gutted to appease law enforcement and (yes, really) regulatory agencies' interests. Very little forward motion has been made and without something stronger than "we'll probably support whatever actually makes its way to the President's desk" propelling this reform, it could still be several more years before the already-outdated law is rewritten to properly address a communication method that originated nearly 45 years ago.

Finally, the response sends a mixed message about reform in the very last sentence.
That said, we're encouraged by the strong bipartisan support for updating this legislation in both chambers of Congress, and are looking forward to seeing this law address today's technological realities while preserving the interests we must protect.
This seems to indicate it will be more supportive of a bill that has the backing law enforcement and other government agencies. A warrant requirement for emails older than six months isn't that much of an imposition, but so far, it's been a tough idea to sell. This last sentence shows the administration finds the government's "interests" worth protection. The privacy interests of millions of Americans? Not so much.


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    boomslang, 28 Jul 2015 @ 11:28am

    The reason email hosted at third-party email services needs strong privacy protections in the law is because the popular third-party email services refuse to strongly encrypt our emails on their servers.

    That's the price we pay for free hosting at Google, for example. They need access to our decrypted emails so they can serve ads, and so they can comply with requests from law enforcement.

    Many of the big companies that have been fighting against government backdoors, such as Google, maintain their own backdoor to our data. It would be hypocritical if their arguments fell into the category of "backdoors hurt everyone's security".

    reply to this | link to this | view in chronology ]

    • icon
      John Fenderson (profile), 28 Jul 2015 @ 12:00pm

      Re:

      While I agree that privacy from third party email services such as Google is critical, what Google is doing is not, in any sense, a "backdoor".

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 28 Jul 2015 @ 12:22pm

      Re:

      The reason email hosted at third-party email services needs strong privacy protections in the law is because the popular third-party email services refuse to strongly encrypt our emails on their servers.

      The strength of the encryption does not matter if a third party holds the keys, especially if it is the same party that holds the emails. Strong encryptions, via public key encryption is available, but it takes effort on the part of users to exchange keys, and use the system, and can be used when using a service like Gmail.

      reply to this | link to this | view in chronology ]

    • icon
      Blackfiredragon13 (profile), 28 Jul 2015 @ 4:41pm

      Re:

      Might want to redefine your definition of "Backdoor" there.

      reply to this | link to this | view in chronology ]

  • identicon
    That One Other Not So Random Guy, 28 Jul 2015 @ 3:17pm

    The Electronic Communications Privacy Act...
    The USA Patriot Act...
    The Affordable Care Act...

    If there is nothing about privacy and nothing patriotic, and nothing affordable shouldn't a gov agency step in to stop this confusion?

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Special Affiliate Offer

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories

Close

Email This

This feature is only available to registered users. Register or sign in to use it.