recommended reading

Advocates hope Petraeus scandal will spur action on ECPA


Privacy advocates said on Wednesday they are hopeful that the attention over e-mails that forced CIA Director David Petraeus to resign over an extramarital affair will finally push lawmakers to update a two-decade-old law dealing with government access to electronic communications.

During a Capitol Hill briefing on privacy issues, privacy advocates argued that revelations that the FBI uncovered Petraeus’s affair by obtaining access to his personal e-mail shows the need for lawmakers to provide Americans with more protections over their personal electronic communications. A coalition of privacy groups and industry has been pushing lawmakers in recent years to update the 1986 Electronic Communications Privacy Act. Under current law, law enforcement only needs a subpoena to obtain e-mail that is six months or older.

Bills have been introduced in both chambers to update the law. Senate Judiciary Chairman Patrick Leahy, D-Vt., attached part of his ECPA reform measure to a video privacy bill that his panel began marking up in September. The amendment to the video privacy bill would require government to obtain a search warrant based on probable cause to access e-mail or other electronic communications from a service provider, with some exceptions.

What the scandal involving Petraeus “illustrates so clearly is that the trail we're leaving with e-mail and [electronic] records creates an incredibly detailed profile of our lives and a portrait of us,” said Chris Calabrese, legislative director for the American Civil Liberties Union. “The scandal will put a face on why we need to update ECPA.”

Calabrese noted that the Senate Judiciary Committee may finish its markup of the video privacy bill with the ECPA provisions when Congress returns from Thanksgiving during the last week of November. Although he still believes it is unlikely such a bill would pass Congress during the lame duck, he is hopeful the committee will return to the issue early in the 113th Congress.

Justin Brookman, director of the Center for Democracy and Technology’s Project on Consumer Privacy, echoed this view and noted that there is both bipartisan and widespread industry support for updating ECPA. “It’s going to be tough in the lame duck, but it will be a huge issue in the 113th Congress,” he said. The center has been leading the Digital Due Process coalition, which includes a wide range of companies and groups from Google to Americans for Tax Reform to the ACLU.

Senate Judiciary Committee ranking member Chuck Grassley, R-Iowa, has voiced concerns raised by state and local-law enforcement officials and the Obama administration about Leahy’s legislation. In a statement in September, Grassley noted that some law-enforcement officials are concerned that the warrant standard imposed by Leahy’s measure “could impact cases where time is of the essence, namely kidnapping and child-abduction cases.”

(Image via FrameAngel/

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.


When you download a report, your information may be shared with the underwriters of that document.