
Oklahoma does … something?
On January 13, Rep. Collin Walke (D-Oklahoma City) filed the Oklahoma E-Mail Communication Content Privacy Protection Act. This bill is intended to “make it illegal for companies, like Google or Microsoft, that host email servers to glean information from users” (Facebook post, 14 January 2020).
The bill itself is pretty short. There is a general prohibition saying:
No email service provider shall conduct any form of scanning of the subject lines or body of any email communication sent to or by any of its clients nor shall such email service provider allow any other person, whether directly or indirectly, to perform a scan of any such email communications.
Oklahoma E-Mail Communication Content Privacy Protection Act, Sec 3.A.
That’s pretty heady stuff there. It would seem to prohibit things like spam or virus filters from operating. After all, both of those work by scanning the content of messages. Thankfully, the definitions of the bill tighten things up a bit:
“Scanning” means any process pursuant to which any part of the content of an email communication is analyzed, summarized, interpreted or otherwise examined by human action or by the use of software, analytical programs, algorithms or any other method that allows a person or business entity, including the email service provider, to acquire information about the email client which includes personal information about the client such as their name, mailing address, phone number or numbers, other email addresses, financial information or any other information about the email client which can be derived from the scanning of the client’s email communications
Oklahoma E-Mail Communication Content Privacy Protection Act, Sec 2.9.
It doesn’t help that they don’t actually define “email client,” but I think that we can safely assume that it means “a person using an email service” as opposed to the mail user agent (like Outlook or Thunderbird). But, making this assumption, the text appears to be aimed mainly at the large webmail providers who use some basic scanning of a message to display relevant ads to their users.
That said, the prohibition is pretty large. While the term “scanning” seems to narrow itself to what we might refer to as “Personally Identifiable Information” (or “PII”), it is important to note that this is inclusive language: “acquire information about the email client which includes personal information…” Thus, we should note that the intent here is not just to prohibit “scanning” messages to find PII which might be used by the provider, but rather to prohibit the gathering of ANY data from the message which might be useful for any purpose.
What I’m really uncertain of at the moment is how this bill would play with the long-standing Electronic Communications Privacy Act which seems to already prohibit the interception and unauthorized use of stored communications.
This is certainly a bill that I’ll be watching this year.
Bibliography
- Oklahoma E-Mail Communication Content Privacy Protection Act, Collin Walke (2020, January 13). Retrieved January 22, 2020 from https://legiscan.com/OK/sponsors/HB2810/2020.
- Facebook post, Collin Walke (2020, January 14). Retrieved January 22, 2020 from https://www.facebook.com/Walkefor87/posts/2657786940984444.
- Electronic Communications Privacy Act (n.d.). Retrieved from https://www.law.cornell.edu/uscode/text/18/part-I/chapter-119.
Archives
- November 2021
- July 2020
- June 2020
- March 2020
- February 2020
- January 2020
- November 2018
- February 2018
- January 2018
- December 2017
- January 2017
- August 2016
- June 2016
- April 2016
- March 2016
- February 2016
- July 2015
- June 2015
- March 2015
- February 2015
- November 2014
- June 2014
- April 2014
- February 2014
- December 2013
- November 2013
- September 2013
- May 2013
- June 2012
- April 2012
- September 2011
- August 2011
- March 2011
- January 2011
- November 2010
- July 2010
- May 2010
- April 2010
- March 2010
- February 2010
- December 2009
- November 2009
- October 2009
- July 2009
- June 2009
- May 2009
- March 2009
- January 2009
- October 2008
- September 2008
- April 2008