Unless Leahy is directly lying in his statement, what CNet's reporter did was to play "gotcha" with draft senate language. While this may make us feel better, like we all played a role in ensuring that a terrible bill wasn't passed, what it really does is ensure that senators and their staffs will work even harder to make sure we don't see draft bill language until it is more or less a fait accompli and the only two outcomes are "pass" or "discard".
Patrick Leahy has one of the better reputations in the whole senate on civil liberties issues (check out the ACLU scorecard). But yeah, let's definitely eat our own to ensure ideological purity. That worked super well for the Tea Party.
Leahy was the author of PIPA, so I'm not one to extend that umbrella. He has been a champion of civil liberties and other worthy causes, but that doesn't mean he gets a free pass on everything. If we blindly defend "our" side in two-party politics, we inevitably end up defending some pretty bad legislation. I'd rather assess each piece individually.
He's far from a consistent supporter of Civil Liberties. Surely we shouldn't demonize him, but clearly could use some education and encouragement to do the right thing.
The language CNet reported on is also out of character for Leahy, and Leahy has ECPA amendment language ready that kills the 180-day rule for email. It doesn't add up.
I am giving him the benefit of the doubt since he is such a Batman supporter.
However, the commentary, and the bill (perhaps) assumes that email resides on a providers server - that the end user does not control it.
How does the bill address warrantless access (or access of any kind) to email hosted on the users own mail server ?
(1) Servers I own that are physically located in my house.
(2) Servers I own that are co-located at a hosting facility.
(3) (physical) Servers that I am renting from a hosting facility.
(4) Virtual servers that I am renting from a hosting facility.
I assume that most law enforcement officials feel that 2-4 shouldn't need a warrant because they are not located in my house, so therefore I don't get protection from unreasonable search/seizure.
Also, at what point do #3 or #4 start to encroach onto Dropbox-esque territory where I own the data, but they are holding it for me under contract?
As I understand it, things are shakier in case (3) and (4), because your provider absent a contract with you that says otherwise could choose to comply with subpoenas (providers commonly claim that they'll respond to LEOs only if they have a "subpoena or a warrant", as if that was a feature; you should assume that subpoenas are mere formalities and that any LEO can obtain one practically on demand). It's possible that your remedy in such a case would be civil, which would be cold comfort if your goal was to have evidence excluded from a trial.
There are a bunch of lawyers on HN now, and I'm sure one of them will jump in here to correct me.
If we just stick our heads in the dirt, congress won't have to do it for us! You're either a moron or a dick. People took action against invasive legislation, and you reflexively belittle them. And that's assuming that your beloved Leahy didn't lie about not supporting said measure. It's not like a politician would... lie