The government doesn’t need a warrant to obtain and read your emails. Unlike other forms of communication that do require law enforcement and other government agencies to get a search warrant, emails are open to government inspection with only a court order or subpoena – neither of which require proof of probable cause.
Fortunately, this lax standard of inspection and examination only applies to emails that are older than 180 days. Put another way, if an email was sent or received during the past 180 days, the government would have to show probable cause and get a search warrant to access it, but for any email older than 180 days, the probable cause standard disappears.
The 180-day requirement dates back to the Electronic Communications Privacy Act, which became law in 1986. Back then, data companies routinely deleted emails that were older than 180 days and the concept of a “cloud” where internet users could store vast amounts of data – including archived emails – was inconceivable. The vast quantities of data storage that come with iCloud, Gmail or any number of digital services have made it possible to save emails well beyond 180 days, and many people do just that.
But the law hasn’t been updated to reflect changing technology.
A recent high profile court case between Microsoft and the FBI proved the need for an overhaul of email privacy laws. Seeking information for a drug case, the FBI demanded that Microsoft, a U.S.-based company, turn over emails stored on a company server in Ireland, outside the jurisdiction of warrant the bureau had obtained. A federal appeals court ruled that, like it or not, tech companies don’t have to turn over data stored outside the U.S. if they don’t obtain a local warrant (or the equivalent). The case was a win for internet privacy, but only stressed the confusing nature of current U.S. internet privacy laws.
In Wisconsin, there is an up-close example of what can happen when government obtains emails for a questionable purpose. Called the John Doe II probe, and initiated by liberals at the state Government Accountability Board and the Democratic district attorney of Milwaukee County, it obtained sweeping search warrant powers and confiscated the computers and digital files of numerous conservative individuals. Also targeted were conservative non-profit groups.
Using pre-dawn raids, investigators obtained literally millions of pieces of digital information and communications for a prosecution that never happened because state and federal courts ruled prosecutors were pursuing an un-constitutional and illegal theory of legal violations.
Now, years after the probe started, and well after their case was dismissed by multiple courts, prosecutors are suspected of being behind leaks of the confiscated (and confidential) material to a British newspaper, which has published some of the information online.
To end the current “Wild West” of regulation surrounding government access to emails older than 180 days, the International Communications Privacy Act has been proposed. Although it shows no signs of passing during this session of Congress, starting next year it is likely lawmakers will take up the measure. A key component of the legislation protects all digital communications from government review regardless of whether they are 180 minutes old or 180 days or 180 months old. Under ICPA’s provisions, law enforcement would always need to obtain a search warrant before it obtained and reviewed any emails. Additionally, the legislation reforms procedures for obtaining information held by U.S. companies overseas for clients by establishing a reciprocity process that respects the laws of other sovereign nations and synthesizes the efforts of across-border law enforcement.