Passed in 1986, ECPA updated the federal wiretap statute, known as Title III, was an attempt to take into account the rise of cellular technologies and electronic messaging.

ECPA brought these new forms of communications under the legal controls of the wiretap law, requiring the police to get a warrant to intercept cell phone transmissions, just as under Title III they needed a warrant to intercept wire line or hard wire calls. Private interception was also made illegal.

The information revolution has continued to advance since 1986 and unfortunately for the most part ECPA has not kept up.  The explosion of new data sources, and in particular the now billions or perhaps trillions of messages sent and received each day by individuals communicating through the Internet has created an explosion of data , offsite data backup and data storage needs..  The potential evidence these messages contain for a variety of investigations be it criminal, civil, terror-related has made them an irresistible target for law enforcement as well as civil litigants.

Along with the sheer volume of new data sources, ECPA’s assumptions have been undermined by the growth of cloud-based services, especially email Add to this the growth of inexpensive data storage, and the potential use that that stored data for a variety of purposes has made it attractive for ISPs and other services (e.g., Google’s Gmail) to retain copies of messages and other user data on a more permanent basis.

All this is leading us to the unintended consequences of ECPA..  Under ECPA, law enforcement agents hoping to get access to your emails are required to obtain a warrant, just as they would need a warrant to search your home and seize your computer.

But for data stored on a third party computer, say an ISP or other cloud computing providers like online backup services or data Storage Company, the warrant requirement applies only for “unopened” messages for 180 days after their receipt.  Once the message is opened and 180 days have passed, any stored data can be obtained by law enforcement without a warrant.

This simply means that as users move to cloud computing they are inadvertently and unknowingly waiving privacy protections .In other words if you keep your data only locally in your home or office and law enforcement need a warrant to look at or take it.  Leave it in the cloud somewhere, and they can take a look with out much effort.

At PCIC backup solutions our remote data backup is fully encrypted at the source so that only the end user knows the password to unlock the data. Your data sits fully encrypted on our servers making it safe from not only a data breach but also from the inadvertent prying eyes of government bureaucrats or anyone else for that matter.