The Electronic Communications Privacy Act or ECPA is a US federal law that was enacted in 1986. It prevents US investigative agencies like the police, FBI or NSA from intercepting email messages, or from reading them while they are temporarily stored in interim storage devices, but only for a limited time of 180 days.
Technipages Explains Electronic Communications Privacy Act (ECPA)
After that period, they can be accessed by the agency, and before it, they can only be accessed by first obtaining a warrant. Though the reason for it cannot be said for certain, the ECPA suffers from a major oversight – it does not apply to emails stored permanently in archives. The suspicion is that it happened because of a lack of technical knowledge from the lawmakers, leading them to omit that circumstance from the legislation. This ‘oversight’ creates an easily exploitable loophole.
In fact, this loophole has been exploited once before, practically immediately after the law was enacted. Investigators used it in order to gain access to Lieutenant Colonel Oliver North’s emails to other White House officials that were involved in the Iran-Contra scandal that happened exactly around the time the law was enacted – between 1985 and 1987. The information revealed showed a great deal of relevant and previously secret details – it was at the time by far the biggest email scandal in the US government.
Common Uses of Electronic Communications Privacy Act (ECPA)
- Practically as soon as it was enacted, a loophole in the ECPA was exploited to gain access to a military operative’s emails.
- The ECPA provides limited protection for individuals from having their emails read by investigative agencies, but only for a limited amount of time.
- The coverage of the ECPA is limited to 180 days and also only to interim storage devices, rather than permanent ones.
Common Misuses of Electronic Communications Privacy Act (ECPA)
- The ECPA is a data protection act.