12 Sep California’s New Electronic Communications Privacy Act
On October 8, 2015, Governor Jerry Brown signed the California Electronic Communications Privacy Act (“CalECPA”), which took effect on January 1, 2016. While not the first digital privacy legislation in the United States, CalECPA has been hailed as a landmark victory for digital privacy.
The law bars any state enforcement agency from acquiring “electronic communication information” without first obtaining a warrant. The bill defines “electronic communication information” broadly to include private user data such as emails, text messages, and documents stored in the cloud. It further requires state enforcement agencies to acquire a warrant before searching or tracking the location of electronic devices. CalECPA provides exceptions to its warrant requirement, such as consent by the owner of a device or an emergency involving “danger of death or serious physical injury,” which would allow the agency to obtain the warrant within three days of obtaining the data. CalEPCA also imposes new limits on agencies’ ability to access and review digital information obtained by warrant. For example, the warrants must require that all information “unrelated to the objective of the warrant” not be subject to further review, use or disclosure.
CalECPA is the most expansive legislation on digital privacy in the country. CalECPA was endorsed by Silicon Valley tech giants like Apple, Google, Facebook, and Twitter, all of which agreed that California’s archaic digital privacy laws were leaving their users vulnerable to warrantless searches. In an age where digital communications have increasingly replaced non-digital communications like written “snail mail,” lawmakers believed it was time to protect Californians from having their information searched without their knowledge or consent. For example, according to bill authors Senators Mark Leno and Joel Anderson, in 2014 AT&T received over 64,000 demands for location information. In Twitter’s transparency report of 2015, it revealed that it received 4,363 government data requests in the first half of 2015.
Naturally, CalECPA has its opponents. Some law enforcement agencies are concerned that it might hinder their ability to investigate child pornographers and other people who commit online crimes.
CalECPA’s advocates hope that a federal legislation of this kind will be passed soon. The proposed federal update to the Electronic Communications Privacy Act, called the Email Privacy Act, has 300 sponsors in the House of Representatives, but it remains unclear whether it will pass in its proposed form. A House version passed in April 2016, while the Senate version languishes in committee. Whether or not Congress follows California’s lead this year, CalECPA may signal a nationwide trend towards more privacy in digital communications.
Natalie Bermudez
Latest posts by Natalie Bermudez (see all)
- How Would California’s Prop 64 Change Drug Law Enforcement? - September 21, 2016
- California’s New Electronic Communications Privacy Act - September 12, 2016