Anyone Can Read Your Old Emails: It’s The Law!

Sen. Patrick Leahy

Sen. Patrick Leahy believes that the Electronic Communications Privacy Act (1986) needs to be amended to better reflect the way we use technology today.

If you have any e-mails that are older than 180 days (and we all do), they’re considered “legally abandoned.” Any governmental agency can look at these e-mails simply by providing a statement saying that they are relevant to an investigation. The scariest part? There’s no judicial review or oversight required… none at all.

You might think this law was part of the Patriot Act or created after 9/11 to fight the war on Terror – it wasn’t. It’s called the The Electronic Communications Privacy Act of 1986 (ECPA) and it predated the World Wide Web by almost a decade.

As Technology Evolves, So Must The Law

In the early days of e-mail, messages were only stored on a server for a short amount of time: until they were delivered to you. Now, most of the major e-mail severs out there – Gmail, Hotmail (, aol, Yahoo!, etc. – are all cloud-based, and our e-mails live on these servers permanently. Under the ECPA, any e-mails that are over 180 days old are considered abandoned and find themselves one governmental request away from being read. The ironic part is that Gmail originally wanted us to “never delete an e-mail again” by offering us more space than most of us could ever use. Those e-mails we never deleted are now fair game for the government to read.

If 180-day-old e-mails were stored locally on your computer, and not on a server, a government agency would need a search warrant to obtain the files, regardless of how long ago the messages were sent. As it is now, they just need a request.

The ECPA also increased the number of crimes that justify the use of surveillance and the number of judicial members that can authorize that surveillance. This (essentially) gives bosses the rights to legally read their employees’ e-mails if he or she feels the employee’s actions are not in the company’s best interests. Scary, and creepy.

Two years ago, The New York Times published a piece analyzing how that privacy law has been outrun by the web.

History and The Law of Unintended Consequences

So what is the ECPA? The act was initially introduced in the House by Robert Kastenmeier (D – Wisconsin) in June of 1986 and was passed by the house later that month. The Senate passed the bill in October of that year, and President Ronald Reagan signed it into law on October 21, 1986. It was an amendment to Title III of the Omnibus Crime Control and Safe Streets Act of 1968 (the Wiretap Statute) and was designed to prevent unauthorized government access to your private electronic communications.

The act has been discussed at great length since it became law, and several court cases have tried to determine whether or not e-mails are protected while they were en route to their final destination.

In United States v. Councilman, Bradford C. Councilman was indicted for conspiracy to violate the Wiretap Act. Councilman was the Vice President of Interloc, Inc., which ran an online rare book listing service. Councilman directed his employees to intercept incoming communications from Amazon to gain a competitive advantage for the business. Councilman moved to dismiss the indictment by arguing that the e-mails were in “electronic storage,” which meant he wasn’t technically intercepting electronic communications. The district court granted his motion. The First Circuit Court of Appeals affirmed the motion, but then reviewed the decision and reversed it. Ultimately, Councilman was acquitted of all charges.

We Have An Advocate

Obviously, the ECPA is outdated and doesn’t reflect how we share, store and use information today. Senator Patrick Leahy (D – Vermont) agrees. He believes that under the ECPA, it is far too easy for a governmental agency to demand ISPs hand over your data that’s been stored on their servers.

Leahy has been the President pro tempore of the United States Senate since December of last year, which means he’s third in the presidential line of succession (behind Vice President Biden and Speak of the House Boehner). Leahy has held the office since 1975, making him the most senior senator. He also took office at a younger age (35) than any other current senator.

On Leahy’s official site, he urges visitors to take action and “Stand Up for Privacy in the Digital Age,” asking you to sign as a citizen co-sponsor of his “legislation to reform ECPA and protect your email privacy!”

What has the Senator done? In March, the House Judiciary Committee he held a hearing to gather testimonies from Google, legal experts and law enforcement on ways to fix the ECPA. That same day, March 19, Leahy and Senator Mike Lee (R – Utah) introduced the Electronic Communications Privacy Act Amendments Act of 2013, which would require law enforcement to obtain a warrant before accessing private e-mails or other online communications.

Here is what Leahy had to say about the newly proposed act:

“No one could have imagined just how the Internet and mobile technologies would transform how we communicate and exchange information today. Privacy laws written in an analog era are no longer suited for privacy threats we face in a digital world. Three decades later, we must update this law to reflect new privacy concerns and new technological realities, so that our Federal privacy laws keep pace with American innovation and the changing mission of our law enforcement agencies.”

Leahy tried to pass the same act last year, but it didn’t get to the floor for a vote. Rep. Zoe Lofgren (D – California), also tried to amend ECPA, introducing the Online Communications and Geolocation Protection Act two weeks before Leahy and Lee introduced theirs in March. More recently, the Washington Post reported that Attorney General Eric Holder declared his support for requiring the government to get a warrant before it can read your e-mails. His support has prompted the Internet to buzz that this might actually the end of this antiquated law. We’ll see.



Shelly Palmer

Shelly Palmer is Managing Director, Digital Media Group at Landmark Ventures/ShellyPalmer a technology focused Investment Banking & Advisory practice specializing in M&A, Financings, Strategic Partnerships and Innovation Access. He is Fox 5 New York's On-air Tech Expert and well known for his work on Fox Television's Shelly Palmer Digital Living as well as his daily radio report on United Stations Radio Networks. For more information, visit


  1. paula lynn says:

    Then why is it OK for companies to keep and sell your information, then “read” it and use it to sell you stuff or find you ? Voluntary non usage is not the same.

  2. rge2001 says:

    I agree that the law needs serious and deliberative updating, and have written my own senator on this matter, but its not true that “anyone” can read my emails. Despite the headline, lots of people in and out of government have no legal right to read my emails and would either get nowhere in making such a request, or would get in a lot of trouble if they were found out (“NASA reading people’s emails!”. Really. As for government law enforcement agencies engaged in an investigation, they’d simply request access to the email account, not limit themselves to just emails older than 180 days, and to do that they’d still need a warrant of some kind. Given the seriousness of the issue, we should try to focus a little.


  1. […] Anyone Can Read Your Old Emails: It’s The Law! Our question is: when did this stop being a government of the people, by the people, for the people and thank you, Abe Lincoln (Gettysburg Address, in case you’ve forgotten). […]

Speak Your Mind