During the long, hard fight to bring the outdated Electronic Communications Privacy Act (ECPA) into the 21st century, advocates have run into the most unlikely of opponents: the Securities and Exchange Commission (SEC). Yes, the SEC鈥攖he agency charged with regulating the securities industry鈥攈as brought the ECPA update to a screeching halt. Yesterday the 老澳门开奖结果, along with the Heritage Foundation, Americans for Tax Reform and the Center for Democracy and Technology, sent the agency a letter calling them out on their opposition.
ECPA, enacted in 1986, is the main statute protecting our online communications from unauthorized government access. Unfortunately, as our lives have moved online the law has remained stagnant, leaving dangerous loopholes in our privacy protections. A broad coalition including privacy and consumer advocates, civil rights organizations, tech companies, and members of Congress from both parties has been pushing for an update. Strong bipartisan to update the law has over 200 sponsors and is making serious headway in Congress. Even the Department of Justice鈥攖he law enforcement agency with arguably the most to lose in such an update鈥 that some ECPA loopholes need to be closed.
But the SEC is pushing back鈥攅ssentially arguing that they should get to keep one of the loopholes that have developed as the law has aged. When ECPA was passed in 1986, Congress developed an elaborate framework aimed at mirroring existing constitutional protections. Newer email, less than 180 days old, was accessible only with a warrant. Based on the technology of the time, older email was assumed to be 鈥渁bandoned鈥 and was made accessible with a mere subpoena. Similarly, another category of digital records, 鈥渞emote computing services,鈥 was created for information you outsourced to another company for data processing. Seen as similar to business records, it could also be collected with a subpoena under the law.
Fast forward to the 21st Century. Now we keep a decade of email in our inboxes and "remote computing services鈥 has morphed into Facebook keeping all our photos or Microsoft storing our Word documents in their cloud. Suddenly the SEC can access content in way it never could before.
But in 2010 the 6th Circuit, in , ruled that email was protected by the Fourth Amendment. Since the SEC doesn鈥檛 have the power to get a search warrant, they lost the benefit of the loophole that they had been exploiting.. Up until now this hasn鈥檛 seemed like a big deal. They have never legally challenged this prohibition or been able to identify a case, pre- or post-Warshak, where they have really needed this authority; they already have a wide range of tools at their disposal.
So while the SEC is trying to frame the issue as a loss of authority, it is really a power grab鈥攐ne that would apply not just to the SEC but all federal and state agencies, including the IRS, DEA, and even state health boards.
Civil agencies investigate a broad range of issues and they are allowed to do so without specific suspicion of wrongdoing. It makes no sense that we would demand law enforcement鈥攈andling our nation鈥檚 most serious crimes鈥攖o obtain a warrant to access sensitive data online, but allow civil agencies to conduct a warrantless search for something as simple as a health code violation. The exception would undercut the warrant requirement by allowing an agency that has both civil and criminal authority鈥攕uch as the Department of Justice鈥攖o simply use the new authority as a backdoor to a criminal investigation.
The SEC has managed to successfully prosecute everyone from Enron to Martha Stewart without access to Americans鈥 most personal data. Their opposition to ECPA reform isn鈥檛 about supporting their mission; it is nothing more than another clear-cut example of an agency power grab.
Originally posted on the .
Visit to learn more about legislation to update ECPA and to make sure your Member of Congress is currently signed on to support it.