Texas is on the verge of passing legislation that patches a hole in federal privacy law. Under the 1986 Electronic Communications Privacy Act, no warrant is needed to spy on email once it has been opened, or if it is unopened on a server for more than six months. The Feds have fought efforts to reform this antiquated law, which the DHS and its affiliated snoops rely upon to conduct mass-scale, warrantless surveillance. The Texas law is somewhat symbolic (since it won't stop Fed snooping), but it's still an important step toward establishing a better norm in privacy standards for files on cloud-based services:
On Tuesday, the Texas bill (HB 2268) was sent to Gov. Perry’s desk, and he has until June 16, 2013 to sign it or veto it. If he does neither, it will pass automatically and take effect on September 1, 2013. The bill would give Texans more privacy over their inbox to shield against state-level snooping, but the bill would not protect against federal investigations. The bill passed both houses of the state legislature earlier this year without a single "nay" vote.
This new bill, if signed, will make Texas law more privacy-conscious than the much-maligned (but frustratingly still in effect) 1986-era Electronic Communications Privacy Act (ECPA). With the ECPA, federal law enforcement agencies are only required to get a warrant to access recent e-mails before they are opened by the recipient.
As we've noted many times before, there are no such provisions in federal law once the e-mail has been opened or if it has been sitting in an inbox, unopened, for 180 days. In March 2013, the Department of Justice acknowledged in a Congressional hearing that this distinction no longer makes sense and the DOJ would support revisions to ECPA.
Unprecedented e-mail privacy bill sent to Texas governor’s desk [Cyrus Farivar/Ars Technica] DiscussNext post