
Email privacy bill unanimously passes U.S. House - enlightenedfool
http://www.reuters.com/article/us-usa-congress-email-idUSKCN0XO1J7
======
rayiner
The article is somewhat confusingly worded. Under the ECPA (passed in 1986), a
warrant is required to access email less than 180 days old. Back in the days
of POP email, when the user checked his email, it would be downloaded and
deleted from the server. So the reasoning was that an email still on the
server more than 180 days had been "abandoned" there by the user. What this
bill does is apply the warrant requirement to emails older than 180 days as
well. So the net effect is that accessing any email will now require a
warrant.

~~~
themartorana
When the NSA intercepts it on the wire, under the presumption of investigating
international terrorists (presumably in near-real-time) and the then shares it
[0] with domestic three-letter-agencies, does it matter that they need a
warrant to get it from "provider" (Google, etc.)?

[0] [http://mobile.nytimes.com/2016/02/26/us/politics/obama-
admin...](http://mobile.nytimes.com/2016/02/26/us/politics/obama-
administration-set-to-expand-sharing-of-data-that-nsa-intercepts.html?_r=1)

~~~
briandear
A serious question here: has anyone reading this been arrested, prosecuted or
otherwise harassed because of email contents obtained by the NSA? I am not in
favor or warrantless searches, but it feels more and more like the tech
community treats the NSA like Eastasia.

I certainly could be wrong, thus the question.

~~~
briandear
Downvoted? But no answer? Seems to prove my point that the knee-jerk hatred of
the NSA ought to be backed by some real world facts.

~~~
merijnv
You appear to be ignoring the fact that even if you consider the NSA's work
benevolent, it is only benevolent to US citizens. Meanwhile lots of us on here
are, in fact, not US citizens, especially at this time of day. So the NSA's
activities are all negative, no positive to non-Americans.

------
cvwright
So this passed unanimously in the House, and is supported by more than 25% of
Senators.

But it might not pass the senate because Grassley doesn't want to discuss it
"during an election year"? WTF?!? Where's the controversy? This sounds more
like an opportunity for a big bi-partisan win that everyone in both parties
could brag about.

~~~
lsiebert
According to [https://morningconsult.com/2016/04/email-privacy-act-
faces-s...](https://morningconsult.com/2016/04/email-privacy-act-faces-senate-
hurdles/)

Grassley wants to give civil agencies like the FTC and SEC an exemption.

~~~
cmdrfred
Ahh, that must be the real reason this was passed. Somebody doesn't like the
SEC looking at their email.

~~~
marcoperaza
And why shouldn't the SEC need a warrant just like the FBI does?

~~~
cmdrfred
Because the SEC regulates publicly traded companies. If you wish to keep your
email private simply don't go public.

~~~
JumpCrisscross
> _the SEC regulates publicly traded companies_

Nope. The SEC regulates all securities issued by American companies or to
American investors. Tesla and SpaceX are both SEC regulated.

~~~
Retric
IMO, there is not much difference in regulating public stock and public debt.
If SpaceX wants to borrow from bank of America fine, but if they want to issue
trade-able bonds and borrow from John Q Public that's a separate thing.

PS: Arguably this is the same reason banks are regulated.

------
MikeKusold
As a Boulder, CO resident I'm extremely proud that our representative co-
authored this bill. Polis is one of the few representatives that seem to
always be on the side of privacy.
[http://polis.house.gov/news/documentsingle.aspx?DocumentID=3...](http://polis.house.gov/news/documentsingle.aspx?DocumentID=398099)

~~~
deadowl
As a Vermont resident, I'm happy Senator Batman (Leahy) co-authored the Senate
version.

------
dcw303
My knowledge of US criminal law is limited to what I've grokked from watching
crime tv shows, so I'm not clear on the definitions of some terms.

Does a search warrant imply that the person being searched will be notified? I
know that a court has to approve the request, but wanted to confirm if it
means that the person under suspicion is informed. The way the article
contrasts this new law to the current ECPA seems to suggest this is the case.

Additionally, the article mentions requests made to service providers. What if
I host my own server? Is it just a case of the law agency making the request
to my hosting company, or are they required to contact me to get the
information?

~~~
deadowl
If you host your own private server, from what I recall reading (and looks
consistent with a cursory Google search), a warrant is required to review your
emails.

Edit: looks like it only applies to in-home servers, not hosted ones.

~~~
lucaspiller
Host the mail server on DO then download and delete it (heh, a use for POP!)
from that to a server in your house.

~~~
icebraining
You can also configure it to encrypt incoming mail:
[https://grepular.com/Automatically_Encrypting_all_Incoming_E...](https://grepular.com/Automatically_Encrypting_all_Incoming_Email)

------
alrs
Business doesn't care about privacy, until business realizes that the
mechanisms used to hunt for terrorists are also used by the IRS.

It will be interesting times for "the cloud" when business realizes that
investigations and subpoenas are transparently happening in the background,
without the heads-up of marshalls at the doorstep.

~~~
eumoria
This will only hurt small to mid-sized businesses like every other piece of
legislation or trade regulation. The fine print so small it's invisible: "Does
not apply to the oligarchy."

------
deadowl
About fucking time (pardon my language)

~~~
BlackjackCF
I'm surprised this passed, to be honest.

~~~
nickpsecurity
Unanimously. How often does that happen?

~~~
lukeschlather
In the 113th Congress, it looks like the House of Representatives had 95
unanimous votes, where unanimous is defined as having zero no votes and at
least one yes vote. This is out of 1204 votes, based on a quick little script
I whipped up.

You can look at the raw data pretty easily thanks to
[https://www.govtrack.us/developers/data](https://www.govtrack.us/developers/data)

    
    
        rsync -avz --delete --delete-excluded --exclude **/text-versions/ govtrack.us::govtrackdata/congress/113/votes .
        for file in votes/*/h*/data.json; do
            noes=$(jq '(.votes.Nay | length) + (.votes.No | length)'  $file;)
            yeses=$(jq  '(.votes.Yea | length) + (.votes.Aye | length)' $file;)
            if [[ "$yeses" -gt 0 && "$noes" -eq 0 ]]
                then
                echo $file :  "No: $noes" "Yes: $yeses"
            fi
        done | wc -l
    

In the senate, the number is 87. (The code for the senate is basically the
same, except you do

    
    
        votes/*/s*/data.json
        instead of
        votes/*/h*/data.json
    )

~~~
nickpsecurity
Cool. Thanks. It's the definition of unanimous that's a little fishy. I
thought it meant everyone voted Yes for it whereas even a 1 to 0 vote could
pass as unanimous, right?

~~~
etjossem
That's why we have a quorum. Half of all seated Senators (51) are required to
be present for the Senate to do business. For a House with no vacancies, half
means 218 Representatives.

So you're right; fishy "unanimous" votes can and do happen. A controversial
measure might pass unanimously in a legislative body because all the
opposition walked out in protest. This happened about a month ago in the
50-seat North Carolina Senate, which is dominated by Republicans. [1]

[1] [https://www.carolinajournal.com/news-article/senate-
democrat...](https://www.carolinajournal.com/news-article/senate-democrats-
walk-out-of-vote-overturning-bathroom-ordinance/)

~~~
lukeschlather
It looks like the smallest unanimous vote in the 113/114th congresses was 353.

[http://clerk.house.gov/evs/2013/roll631.xml](http://clerk.house.gov/evs/2013/roll631.xml)

For the Senate, 83.

[http://www.senate.gov/legislative/LIS/roll_call_votes/vote11...](http://www.senate.gov/legislative/LIS/roll_call_votes/vote1141/vote_114_1_00300.xml)

------
cm3
What's the process in the US to undo/invalidate a law? Is it the same as in
other countries, where you'd go through the supreme court? I stated this in
another post yesterday, but I firmly think laws may only be passed after a
long >=5 years process and those pushing for the same law repeatedly in
disguise need to be penalized or precluded from doing so. We see so many
things get blocked due to popular outcry, to just be hidden inside trojan
package and passed as a side note.

~~~
adanto6840
It requires Congress to pass a new law repealing the old; alternatively the
Judicial Branch can invalidate the law as well, which would culminate at the
level of the US Supreme Court.

------
lwf
The Senate version of the bill is S.283

[https://www.congress.gov/bill/114th-congress/house-
bill/283](https://www.congress.gov/bill/114th-congress/house-bill/283)

If you live in the United States and want to voice your opinion with your
senator, [http://www.digital4th.org/](http://www.digital4th.org/) has a tool
that provides a template along with contact links to the senators for your
state.

------
teekert
This is only for Americans right? And what if I run my own email server? Can I
be forced to hand over my own emails after 180 days? Are they allowed to hack
the server in my basement?

~~~
JensRantil
I'm pretty sure they don't need a warrant for obtaining emails for
international citizens. Also, this bill doesn't seem to protect for non-
warranted snooping by NSA.

------
deadowl
On a downer note, this is so overdue that I'm wondering why now instead of ten
years ago.

~~~
bottled_poe
Because, due to recent leaks, they now understand the implications from a
purely selfish perspective.

------
AJAlabs
So emails less than 180 days old are not protected?

~~~
ascagnel_
They were already protected.

------
JOnAgain
do they not need a warrant for emails not 180 days old?

Edit: Do they need a warrant for emails less than 180 days old?

~~~
deadowl
If they're on a home email server, they always need a warrant. For hosted
email, they don't require a warrant for older emails.

~~~
ryanfreeborn
That's not really the case. The courts have decided otherwise:

[http://itlaw.wikia.com/wiki/Theofel_v._Farey-
Jones](http://itlaw.wikia.com/wiki/Theofel_v._Farey-Jones)
[https://en.wikipedia.org/wiki/United_States_v._Warshak](https://en.wikipedia.org/wiki/United_States_v._Warshak)

------
nxzero
Why is this bill important?

