{
  "id": "R44036",
  "type": "CRS Report",
  "typeId": "REPORTS",
  "number": "R44036",
  "active": true,
  "source": "EveryCRSReport.com",
  "versions": [
    {
      "source": "EveryCRSReport.com",
      "id": 441362,
      "date": "2015-05-19",
      "retrieved": "2016-04-06T19:03:08.007588",
      "title": "Stored Communications Act: Reform of the Electronic Communications Privacy Act (ECPA) ",
      "summary": "In 1986, Congress enacted the Electronic Communications Privacy Act (ECPA) to both protect the privacy of an individual\u2019s electronic communications and provide the government with a means for accessing these communications and related records. Although passed at the infancy of the Internet, the Stored Communications Act (SCA), which is part of ECPA, has been interpreted over the years to cover the content of emails, private Facebook messages, YouTube videos, and so-called metadata, or non-content information, connected to our Internet transactions (e.g., websites visited, to/from and time/date stamps on emails).\nThe scope of the SCA is determined largely by the entities to which it applies, \u201celectronic communication service\u201d (ECS) providers and \u201cremote computing service\u201d (RCS) providers, as defined in the statute. It does not apply to government access to records held by a party to the communication. The SCA has two core components. First, it creates a broad bar against service providers voluntarily disclosing a customer\u2019s communications to the government or others, subject to various exceptions, and second, it establishes procedures under which the government can require a provider to disclose customers\u2019 communications or records. As to government access, ECPA utilizes a tiered system with different levels of evidence required depending on whether the provider is an ECS or RCS; whether the data sought is content or non-content; whether the email has been opened; and whether advance notice has been given to the customer.\nIn recent years, ECPA has faced increased criticism from both the technology and privacy communities that it has outlived its usefulness in the digital era and does not provide adequate privacy safeguards for individuals\u2019 electronic communications. In light of these concerns, various reform bills have been introduced in the past several Congresses, with three major reform bills pending in the 114th Congress. The Electronic Communications Privacy Act Amendments Act of 2015 (S. 356, H.R. 283) and the Email Privacy Act (H.R. 699), almost identical in text, would, among other things, place both ECS and RCS providers under the same legal requirement; eliminate the current 180-day rule found in the SCA and require a warrant for emails no matter how long they have been stored or whether they have been opened; and remove the reliance on the definition of \u201celectronic storage,\u201d which has confused the lower courts. Additionally, the Online Communications and Geolocation Privacy Act (H.R. 656) would make similar changes to the SCA.\nSome federal agencies, most prominently the Securities and Exchange Commission (SEC), which currently rely on their subpoena authority to access electronic communications, have argued that these bills would stymie their ability to conduct investigations as they have no legal authority to obtain a warrant. In response to this concern, both the Email Privacy Act and the ECPA Amendments Act include a rule of construction providing that nothing in these bills should be read to preclude the SEC or any other federal agency from seeking these records directly from a party to the communication, rather than the target\u2019s service provider.\nFinally, there has been ongoing litigation in the lower federal courts as to ECPA\u2019s extraterritorial reach. The Law Enforcement Access to Data Stored Abroad (LEADS) Act (S. 512, H.R. 1174) would require third-party service providers to disclose the contents of U.S persons\u2019 electronic communications held overseas upon issuance of a warrant based on probable cause.",
      "type": "CRS Report",
      "typeId": "REPORTS",
      "active": true,
      "formats": [
        {
          "format": "HTML",
          "encoding": "utf-8",
          "url": "http://www.crs.gov/Reports/R44036",
          "sha1": "072f2e617e8b77eae3362a1e90218946b202a785",
          "filename": "files/20150519_R44036_072f2e617e8b77eae3362a1e90218946b202a785.html",
          "images": null
        },
        {
          "format": "PDF",
          "encoding": null,
          "url": "http://www.crs.gov/Reports/pdf/R44036",
          "sha1": "28fb0dda23e1d9c7c701e355bf36ac15f7edd888",
          "filename": "files/20150519_R44036_28fb0dda23e1d9c7c701e355bf36ac15f7edd888.pdf",
          "images": null
        }
      ],
      "topics": []
    }
  ],
  "topics": [
    "Intelligence and National Security"
  ]
}