On August 27, 2021, Illinois Governor J.B. Pritzker signed into law the Protecting Household Privacy Act (“PHPA”).  The law governs how, and under what conditions, Illinois law enforcement agencies may acquire and use data from household electronic devices, commonly referred to as “smart devices” or the “internet of things.”  The PHPA will go into effect on January 1, 2022.

The PHPA applies to “household electronic data,” which the statute defines as any information or input provided by a person to any device “primarily intended for use within a household that is capable of facilitating any electronic communication,” excluding personal computing devices (such as personal computers, cell phones, smartphones, or tablets) and digital gateway devices (such as modems, routers, wireless access points, or cable set-top boxes serviced by a cable provider).  Section 5.  The law imposes several limits on Illinois law enforcement’s acquisition and use of household electronic data:

  1. Warrant Requirement: The law generally prohibits law enforcement agencies from obtaining household electronic data “or direct[ing] the acquisition of household electronic data from a private third party.”  Section 10.  This prohibition is subject to a set of exceptions, permitting such acquisition if (i) “a law enforcement agency first obtains a warrant;” (ii) the data is needed to “respond to a call for emergency services concerning the user or possessor of a household electronic device;” (iii) there is “an emergency situation;” or (iv) the data is acquired “with [the] lawful consent of the owner of the household electronic device or person in actual or constructive possession of the household electronic device.”  Section 15.  Notably, the PHPA itself does not impose any obligations on providers, as it states that the Act “shall not be construed to require a person or entity to provide household electronic data to a law enforcement agency.”  Section 35.  At the same time, compliance would be compulsory to the extent the provider is served with a warrant in accordance with the statute.
  2. Confidentiality Requirement: The law also requires that any entity disclosing household electronic data “take reasonable measures to ensure the confidentiality, integrity, and security of any household electronic data during transmission to any law enforcement agency, and to limit any production of household electronic data to information responsive to the law enforcement agency request.”  Section 40.
  3. Limited Data Retention: Finally, the PHPA limits how long law enforcement can retain household electronic data without filing criminal charges if the data was obtained pursuant to a warrant or in an emergency situation.  Section 20.  The Act requires that such data be destroyed within 60 days unless (1) “there is reasonable suspicion that the information contains evidence of criminal activity;” or (2) “the information is relevant to an ongoing investigation.”
Photo of Jim Garland Jim Garland

Jim Garland’s practice focuses on government investigations and enforcement matters, litigation, and cybersecurity. Recognized by Chambers USA as a leading practitioner in both the white collar and cybersecurity categories, Jim draws upon his experience as a former senior Justice Department official to advise…

Jim Garland’s practice focuses on government investigations and enforcement matters, litigation, and cybersecurity. Recognized by Chambers USA as a leading practitioner in both the white collar and cybersecurity categories, Jim draws upon his experience as a former senior Justice Department official to advise clients on sensitive, multidimensional disputes and investigations, often with national security implications. He previously served as co-chair of Covington’s “Band 1”-ranked White Collar and Investigations Practice Group and currently is a member of the firm’s Management and Executive Committees.

Jim regularly represents corporate and individual clients in government investigations and enforcement actions. He has successfully handled matters involving allegations of economic espionage, theft of trade secrets, terrorism-financing, sanctions and export control violations, money laundering, foreign bribery, public corruption, fraud, and obstruction of justice. He has particular expertise advising clients in connection with investigations and disputes involving electronic surveillance and law enforcement access to digital evidence.

Jim has substantial experience litigating high-stakes, multidimensional disputes for clients across a range of industries, including companies in the high-tech, financial services, defense, transportation, media and entertainment, and life sciences sectors. Many of his civil representations have substantial cross-border dimensions or involve parallel government enforcement proceedings in multiple forums.

In conjunction with his investigations and litigation practice, Jim regularly assists clients with cybersecurity preparedness and incident-response matters. He helps clients in assessing security controls and in developing policies and procedures for the protection of sensitive corporate data. He also regularly assists companies in responding to significant cybersecurity incidents, including in connection with criminal and state-sponsored attacks targeting customer and employee data, financial information, and trade secrets.

From 2009 to 2010, Jim served as Deputy Chief of Staff and Counselor to Attorney General Eric Holder at the U.S. Department of Justice. In that role, he advised the Attorney General on a range of enforcement issues, with an emphasis on criminal, cybersecurity, and surveillance matters.

Photo of Alexander Berengaut Alexander Berengaut

Alex Berengaut is a nationally recognized litigator and co-chair of Covington’s Government Litigation practice group. He has served as lead counsel in a range of commercial disputes and government enforcement proceedings, and currently represents several leading technology companies in litigation and compliance matters…

Alex Berengaut is a nationally recognized litigator and co-chair of Covington’s Government Litigation practice group. He has served as lead counsel in a range of commercial disputes and government enforcement proceedings, and currently represents several leading technology companies in litigation and compliance matters relating to data privacy, platform liability, artificial intelligence, and cybersecurity.

In recent years, Alex obtained a series of landmark victories against the federal government in bet-the-company disputes for technology clients. Alex represented TikTok in challenging the Trump Administration’s efforts to ban the app, delivering the winning argument that led the court to enjoin the ban hours before it was set to take effect. He also represented Xiaomi Corporation in challenging the Department of Defense designation that would have blacklisted the company from U.S. financial markets, delivering the winning argument that led the court to enjoin the designation, restoring $10 billion to Xiaomi’s market capitalization.

At the state level, Alex has successfully challenged unconstitutional state legislation and defended against state consumer protection actions. He obtained an injunction blocking Montana’s law banning the TikTok platform, and he secured the outright dismissal of multiple State AG consumer protection lawsuits relating to data privacy and security—a string of victories which resulted in Alex being recognized as Litigator of the Week

Alex has served as counsel to Microsoft Corporation in precedent-setting cases involving government surveillance issues, including Microsoft’s landmark challenge to the government’s attempt to compel disclosure of customer emails stored in Ireland using a search warrant; Microsoft’s First Amendment challenge in the Foreign Intelligence Surveillance Court to restrictions on disclosures about government surveillance; and Microsoft’s constitutional challenge to the statute that allows courts to impose gag orders on technology companies, resulting in nationwide reform of the government’s practices under the statute. 

 Alex maintains an active pro bono practice, focusing on trial-level indigent criminal defense and youth immigration matters. From 2017 to 2020, Alex represented the University of California in challenging the Trump Administration’s rescission of the Deferred Action for Childhood Arrivals (DACA) program, ultimately resulting in a 5-4 victory in the U.S. Supreme Court. See Department of Homeland Security, et al. v. Regents of the University of California et al., 140 S. Ct. 1891 (2020).

Photo of Megan Crowley Megan Crowley

Megan Crowley is a nationally recognized litigator who serves as co-chair of Covington’s Government Litigation practice. In her practice, Megan draws upon her experience at the U.S. Department of Justice where she litigated constitutional, statutory, and administrative law cases of national significance. In…

Megan Crowley is a nationally recognized litigator who serves as co-chair of Covington’s Government Litigation practice. In her practice, Megan draws upon her experience at the U.S. Department of Justice where she litigated constitutional, statutory, and administrative law cases of national significance. In addition to her federal practice, Megan has extensive experience challenging unconstitutional state actions, and defending against novel uses of state consumer protection laws by State Attorneys General.

Most recently, The American Lawyer named Megan “Litigator of the Week” for her successes in obtaining a preliminary injunction against the state of Montana’s ban of TikTok and securing the complete dismissal of a consumer protection lawsuit brought by the Indiana Attorney General. Megan also was a key member of the Covington team that represented TikTok in its successful challenge to the Trump Administration’s efforts to ban the app, as well as the team that represented Xiaomi Corporation in its successful challenge to the Department of Defense designation that would have banned the company from U.S. financial markets.

Megan has particular expertise representing technology companies in cutting-edge litigation relating to data privacy, and in 2022, she was named a Law360 Rising Star in Privacy. Megan also regularly represents clients in litigation under the Administrative Procedure Act, as well as disputes related to Section 230 of the Communications Decency Act, government demands for data under the Electronic Communications Privacy Act, and the First Amendment.

Megan maintains a robust pro bono practice, focused on civil rights litigation. She played a central role on the team representing the University of California in its challenge to the government’s rescission of the Deferred Action for Childhood Arrivals (DACA) program, obtaining a nationwide injunction and, ultimately, a 5-4 victory in the U.S. Supreme Court.

Photo of Chloe Goodwin Chloe Goodwin

Chloe Goodwin is a litigator and regulatory attorney focused on privacy and technology issues. She represents several leading technology companies in litigation and compliance matters relating to electronic surveillance, law enforcement access to digital evidence, cybersecurity, and data privacy.