On Data Privacy Day, ECPA Stands Frozen in Time

By Elizabeth Holland

Today is Data Privacy Day, the annual event aimed at drawing attention to the importance of protecting privacy on the Internet. And guess what? The law that protects the privacy of your online communications and that of your library patrons from government intrusion, the Electronic Communications Privacy Act (ECPA), has still not been updated since it was authored in 1986.

ECPA was passed into law at time when people did not have laptops, did not utilize the cloud, or did not generally use email. Of course, lawmakers did not anticipate the technological advancements of the decades to come, let alone establish the appropriate protections needed to accommodate them. How could they have? The rules governing your online privacy are older than the Web itself. While technology has advanced at a rapid pace, electronic privacy law has remained at a standstill. Without reform, the kind of electronic communications and records that are common today— think any email, Facebook posts, search history, cloud computing documents, cell phone location information, or text messages older than 180 days— can be freely seized without a warrant.

In the last Congress, efforts to update ECPA received broad, bipartisan support, but ultimately stalled. The House bill, the Email Privacy Act (H.R. 1852), even gained a majority 272 co-sponsors, but was never awarded floor time because one federal agency, the Securities and Exchange Commission, worked to keep the bill from coming to fruition.

We anticipate last year’s sponsors will introduce their legislation to update ECPA shortly, and we have urged members the Senate and House to move swiftly to advance the bills. It has been 29 years since ECPA was enacted. Reform is long overdue and there is no better time to focus on the need to protect individuals’ privacy online than on Data Privacy Day.

Comments are closed.

%d bloggers like this: