The Electronic Communications Privacy Act (ECPA) is ridiculously outdated. It was passed in 1986, and to this day provides the (incredibly inconsistent and difficult to apply) rules for what sort of privacy electronic communications have, even though the technology has changed drastically.
This has created some wacky consequences, including that (for example) emails have different privacy protections when an email is being written compared to when it's being sent compared to when it's been received compared to when it's been read compared to when it's been archived. As an example, since most messages did not stay on servers for very long (they were downloaded and deleted), the law decided that messages stored on a server for more than 180 days were considered "abandoned" and subject to even lower standards of privacy protections. Think about that the next time you open your Gmail account...
ECPA has lots of problems, but the basics are this: it certainly didn't anticipate an era where most of the things we do were in the so-called "cloud," and it takes almost no account of the expectation of privacy.
Last year, Senator Pat Leahy introduced an ECPA reform bill that was mostly good. It basically said that if the government wants to get access to your data on a server, it first needs to obtain a warrant -- something that is sorely missing today. There were some loopholes that concerned us, but for the most part, it was a very big improvement. And it went nowhere. Now, many folks around here will remember Senator Leahy for being the driving force in the Senate behind PIPA -- and you may be quick to want to dismiss his actions here. But just because he's (strongly) supported that bad bill, it doesn't mean that everything he introduces has been similarly problematic.
Click headline to read more and access hot links--