Online data acquisition by California police now requires a warrant.
In a significant move towards safeguarding digital privacy, California Governor Jerry Brown has signed S.B. 178, the California Electronic Communications Privacy Act (CalECPA). This law aims to protect Californians' electronic communications from unauthorized access by requiring law enforcement and other entities to obtain a warrant before accessing electronic devices and communications[1].
Key Details of CalECPA
The CalECPA introduces a warrant requirement, meaning that law enforcement must obtain a search warrant based on probable cause before accessing electronic communications or data on electronic devices[1]. The scope of the law is extensive, covering emails, text messages, geolocation data, browser history, photos, videos, and any other electronically stored information[1]. Notably, this law also extends protection to data stored both on devices and held by third-party service providers[1].
Broader Context Compared to Other California Laws
CalECPA complements the California Invasion of Privacy Act (CIPA), which requires all-party consent before recording or intercepting confidential communications, including online conversations and keystroke capture by websites or apps[1][2]. It also works alongside the California Consumer Privacy Act (CCPA), which grants consumers rights over personal information collection, sale, and sharing by businesses[4][5].
Comparison with Privacy Laws in Other U.S. States
CalECPA is considered one of the strongest laws in the U.S. requiring warrants specifically for electronic data, while many states have less comprehensive or no explicit digital privacy warrant requirements[3]. California’s CIPA is more stringent than many states that allow recording with only one party's consent. Additionally, California's CCPA is broader than many other state laws, giving consumers control over their personal data with mandatory disclosure, opt-out, and access rights[4][5].
Implications
Businesses operating in California or serving California residents must ensure compliance with stringent warrant and consent requirements before intercepting or accessing electronic communications. The high level of consumer protections requires transparency, strong data governance, and may increase litigation risk for non-compliance. California serves as a privacy law leader, often influencing privacy legislation in other states, which may lead to gradually increasing protections nationwide[1][2][4].
Support from Tech Giants
The bill has been supported by Google, Apple, Facebook, Twitter, and a number of other major tech companies[3]. Twitter and Tumblr received more demands from California than any other state, while Facebook, Twitter, Pinterest, and LinkedIn are companies that have supported CalECPA[3].
The Email Privacy Act and the Future of Federal Digital Privacy Laws
The House Judiciary Committee has approved the Email Privacy Act, a federal bill that aims to protect Americans' emails from government surveillance[3]. If enacted, the Email Privacy Act would update the Electronic Communications Privacy Act of 1986 (ECPA)[3]. However, the status of the Email Privacy Act in the Senate remains unclear.
In conclusion, California's CalECPA provides robust protections for electronic communications and digital privacy, surpassing many other U.S. states by requiring warrants and all-party consent, reflecting California’s leading role in data privacy regulation[1][2][4]. The passage of CalECPA and the approval of the Email Privacy Act indicate a growing focus on digital privacy protection in the United States.
