Privacy advocates cheered the Second Circuit’s July 2016 Microsoft v. United States decision holding that electronic communications stored abroad cannot be seized from an Internet service provider (ISP) with a search warrant under the Stored Communications Act (SCA). Coupled with recent efforts to amend the Electronic Communications Privacy Act of 1986 (the ECPA), the pendulum has swung in favor of privacy protection from government access for remotely-stored electronic data. Today it is growing harder for the government to obtain personal email content.
For financial fraud investigations, the proposed amendments to the ECPA could have significant consequences. The amendments may lead to earlier and greater cooperation between civil agencies like the SEC and the Department of Justice. It may become more difficult for the SEC to meet the standard for scienter in cases where individuals used personal email accounts as part of the alleged misconduct. Finally, in light of the Second Circuit’s recent decision in Microsoft, an ISP’s decision to maintain its customers’ cloud storage data in a foreign location could be a key factor in the privacy analysis.
