The Email Privacy Act (EPA) is for the second year in a row in front of the US Senate after the US House of Representatives approved the bill on Monday.
The EPA is a long-awaited reform of the Electronic Communications Privacy Act (ECPA), a law that defines the status of electronic communications.
According to the old ECPA, an outdated law passed in 1986, many years before the birth of the World Wide Web, US law enforcement can access everyone's email with only a subpoena, if the email is older than 180 days.
For emails newer than 180 days, investigators have to request access to emails using a court order signed by a judge. The new EPA will force law enforcement to get a warrant for all cases, on a per-user basis, regardless of the email's age.
According to many privacy groups and tech companies, the 180-days time limit left a gaping hole in user privacy rights, as law enforcement could collect all the data they wanted on users just by waiting six months and issuing a subpoena.
The push to reform the ancient ECPA intensified after Snowden's revelations, and as the US public and tech giants became more focused on respecting user rights.
A first try to reform ECPA through EPA was attempted in 2016. Just like this year, the bill passed with a 419-0 vote in the House of Representatives, only to fail on the Senate floor after legislators tried to use the bill's immense popularity to bundle all sorts of provisions that infringed on user privacy rights, contrary to the EPA's spirit.
After Jeff Sessions, the new Attorney General, has spoken in favor of using encryption backdoors in the past, many fear the new Trump administration will erode user privacy rights, albeit the administration has not taken any steps in this direction as of now.
But these fears are legitimate, as it was Jeff Sessions, Alabama senator at the time, that tried to append an "emergency exception" clause to the EPA in 2016, which eventually led to the bill's demise.