Privacy laws need update for digital age

Recent government breaches on Americans’ privacy — from the NSA to the IRS — demonstrate that our federal privacy laws have not kept pace with technological advances and emerging privacy concerns. Earlier this year, the IRS admitted it was reading Americans’ emails and other private documents stored on the Internet without a warrant, infringing on our Fourth Amendment protections, “to be secure in [our] persons, houses, papers and effects, against unreasonable search and seizure.”

Many Americans would be surprised to learn that our federal laws allow these types of significant privacy violations because email is not treated the same as traditional mail or phone calls.

Under current statute, government agencies including the IRS, the Department of Homeland Security, the Securities and Exchange Commission and many others are allowed to access emails and other private communications older than 180 days without probable cause that a crime has been committed and without obtaining a search warrant. 

They claim this authority through the Electronic Communications Privacy Act (ECPA), a law that passed in 1986, nearly three decades ago. The law sets certain standards for government monitoring of private Internet communications and cellphone conversations. 

When it was originally written, the ECPA was intended to protect — not violate — the privacy of our digital communications. But it was written with issues of the past in mind and has gone virtually unchanged despite drastic advancements in technology.

Today we live in a world centered on ubiquitous Internet access, tablets and smartphones. Unfortunately our laws have not kept pace with our privacy in the realities of the 21st century.

The constitution prohibits the government from accessing personal files stored in a filing cabinet or letters sent through the mail without a warrant. Laws exist to prevent these overreaches. When the telephone was introduced into mainstream culture, our laws changed to protect call privacy.

Today, we all use email, and our communications deserve the same privacy protections. The fact that email does not receive the same expectation of privacy is a real issue and must be addressed.

Our laws should protect our private communications whether they occur online or offline. That’s why I am proud to have worked with Reps. Kevin Yoder (R-Kan.) Tom Graves (R-Ga.) to introduce the Email Privacy Act, a companion to the Senate bill introduced by Sens. Patrick Leahy (D-Vt.) and Mike Lee (R-Utah). Our bipartisan legislation would ensure that our privacy rights are protected from government intrusion. 

Our legislation would update the ECPA by requiring the government to provide a search warrant in order to access the content of Americans’ emails and other electronic communications regardless of their age or status when those communications are requested from a third-party service provider, such as Google or Facebook.

Updating our digital communications privacy laws in a comprehensive way is long overdue.

In the wake of public concern over government infringement on our privacy, Congress needs to pass the Email Privacy Act and update our privacy laws to include email. The average American has a reasonable expectation about the privacy of his or her emails and other private documents stored online. Now is the time to reshape our laws to reflect Americans’ privacy expectations.  

Polis has represented Colorado’s 2nd congressional district in the House of Representatives since 2009. He serves on the Education and the Workforce and the Rules committees.