California enacts strong new online-privacy law as debate continues on national version

Privacy activists are celebrating the passage of a new California law that prevents police from arbitrarily searching people’s online records.

The California Electronic Communications Privacy Act (CalECPA) requires state police officers to get a warrant before accessing emails, text messages, or any other communications, as well as metadata (like GPS location) related to those communications. The new law covers both private devices and the servers storing data in the cloud.

The Electronic Frontier Foundation (EFF) hailed the new law as a victory Thursday night. “California’s elected leaders have updated the state’s privacy laws so that they are in line with how people actually use technology today,” the group said.

State Sen. Mark Leno (D-San Francisco), who co-authored the bill with Joel Anderson (D-Alpine), said California’s digital privacy laws “have been stuck in the Dark Ages.”

“That ends today with the Governor’s signature of CalECPA, a carefully crafted law that protects personal information of all Californians,” said Leno, the author of a 2014 law that requires local governments to comply with (and pay for) public records requests. “The bill also ensures that law enforcement officials have the tools they need to continue to fight crime in the digital age.”

“Senator Leno and I helped bridge the gap between progressives and conservatives to make the privacy of Californians a top priority this year,” Anderson said. “This bipartisan bill protects Californians’ basic civil liberties as the Fourth Amendment and the California Constitution intended.”

The passage of the California bill comes as privacy advocates push for an update to the federal ECPA, which President Ronald Reagan signed into law in 1986 to extend Fourth Amendment protections to electronic communications. The law was written based on the technology of the era and is now widely regarded as being outdated.

 Sens. Mike Lee (R-Utah) and Patrick Leahy (D-Vt.), along with Reps. Kevin Yoder (R-Kan.) and Jared Polis (D-Colo.), have introduced The Electronic Communications Privacy Act Amendments Act to remedy the law’s shortcomings, which include a loophole exempting records older than 180 days from the warrant requirement.

Photo via Heinrich Plum/Flickr (CC BY ND 2.0)

Dell Cameron

Dell Cameron

Dell Cameron was a reporter at the Daily Dot who covered security and politics. In 2015, he revealed the existence of an American hacker on the U.S. government's terrorist watchlist. He is a co-author of the Sabu Files, an award-nominated investigation into the FBI's use of cyber-informants. He became a staff writer at Gizmodo in 2017.