The US House of Representatives has unanimously passed a new act which will force the authorities to seek a "probable cause" warrant from a judge before grabbing emails and other cloud-based documents.
The Email Privacy Act, which was co-sponsored by an unprecedented 315 lawmakers, updates the Electronic Communications Privacy Act (ECPA) of 1986 which allowed the government to access such data as long as it’s 180 days old.
The vote was given a cautious welcome by rights group the Electronic Frontier Foundation (EFF), which claimed it should extend to geospatial data.
“In particular, the Email Privacy Act doesn’t require the government to notify users when it seeks their online data from service providers, a vital safeguard ensuring users can obtain legal counsel to fight for their rights,” it added in a blog post.
“However, companies may continue to provide notice to users of government requests—prior to compliance—something many companies commit to in our annual Who Has Your Back report.”
The courts should also be able to suppress any comms data obtained in violation of the law, EFF argued.
However, the vote was welcomed by Peter Bauer, co-founder and CEO of email security firm Mimecast.
“Existing due process should apply in the digital world. Public opinion is on the side of fair and reasonable control of law enforcement and government in this regard to protect the right of the individual to privacy,” he argued.
“This is a clarion call for governments around the world to continue to modernize law-making in wake of the unstoppable rise of cloud computing services. Laws written in the analogue and desktop computing age need rethinking for the cloud era.”
The final vote was 419-0, with almost three-quarters of the entire House co-sponsoring the bill following a unanimous vote by the House Judiciary Committee earlier this month.