New California law requires police to get warrants for online data

Backed by many tech firms and the ACLU, the privacy law hits the books but doesn't apply to federal law enforcement authorities.

California State Flag
California's governor signed a new law that will require law enforcement within the state to get a warrant to access online data. © Joseph Sohm/Visions of America/Corbis

If the police want to take a look at your email, they'll now have to get a warrant. At least in California.

Gov. Jerry Brown signed a privacy bill into law Thursday requiring law enforcement agencies in California to obtain a warrant for online data.

The bill had the support of Silicon Valley and privacy advocates, showing that tech firms are resisting government collection of customer data in the aftermath of Edward Snowden's surveillance revelations.

"The same protection as what we have for the data in our filing cabinets or home computers now extends to all our data wherever it may be," said Nicole Ozer, technology and civil liberties policy director at the American Civil Liberties Union.

A federal law is pending with similar restrictions. For now, federal law enforcement doesn't need a warrant to access online data, even in California.

The California law covers a huge range of data, from the content of text and email messages to files stored remotely on cloud services to the location of cell phones. Google, Facebook and Twitter were among the companies that supported the bill, which had bipartisan sponsorship in the state legislature.

"We applaud Governor Brown's decision to sign the...bill, which updates California law to better reflect how people use the web today. Law enforcement has long needed a search warrant to enter your house or seize letters from your filing cabinet -- the same protections should apply to electronic data as well," Google general counsel Kent Walker said in a statement.

The San Diego Police Officers Association also supported the bill, while many large law enforcement unions remained neutral. But the California Correctional Peace Officers Association and a handful of smaller groups were opposed.

Before withdrawing its opposition to the bill, the California District Attorneys Association told the legislature that the bill "undermines critical efforts to stop child exploitation, mandates the destruction of evidence by law enforcement, and violates the California Constitution." None of the law enforcement groups that opposed the bill replied to a request for comment.

California is not the first state to update its privacy laws from the analog age. Virginia, Utah and a handful of other states have also made changes, but Ozer said California's modifications are the most comprehensive. For instance, California's new law applies even to metadata, the time stamps and other information that follow around Internet files and can prove who wrote an email when and from what location.

In August, Twitter reported a 52 percent jump in the number of law enforcement requests for user data this year in its annual transparency report. A warrant accompanied 20 percent of those requests, and more than 11 percent came from within California.

The bill was sponsored by Sen. Mark Leno (D-San Francisco) and Sen. Joel Anderson (R-Alpine).

"For too long, California's digital privacy laws have been stuck in the Dark Ages, leaving our personal emails, text messages, photos and smartphones increasingly vulnerable to warrantless searches," Leno said in a statement Thursday. That era is over, he said.

He and Ozer also stressed that the legislation won't hamper efforts to combat cybercrime.

"The bill also ensures that law enforcement officials have the tools they need to continue to fight crime in the digital age," Leno said.

Update, 9:20 a.m. PT October 9: A statement from Google was added.

Close
Drag
Autoplay: ON Autoplay: OFF