Tag: Cloud Act

USA and UK sign Cross Border Data Access Agreement for Criminal Electronic Data

10. October 2019

The United States and the United Kingdom have entered into the first of its kind CLOUD Act Data Access Agreement, which will allow both countries’ law enforcement authorities to demand authorized access to electronic data relating to serious crime. In both cases, the respective authorities are permitted to ask the tech companies based in the other country, for electronic data directly and without legal barriers.

At the base of this bilateral Agreement stands the U.S.A.’s Clarifying Lawful Overseas Use of Data Act (CLOUD Act), which came into effect in March 2018. It aims to improve procedures for U.S. and foreign investigators for obtaining electronic information held by service providers in the other country. In light of the growing number of mutual legal assistance requests for electronic data from U.S. service providers, the current process for access may take up to two years. The Data Access Agreement can reduce that time considerably by allowing for a more efficient and effective access to data needed, while protecting the privacy and civil liberties of the data subjects.

The Cloud Act focuses on updating legal frameworks to respond to the growing technology in electronic communications and service systems. It further enables the U.S. and other countries to enter into a mutual executive Agreement in order to use own legal authorities to access electronic evidence in the other respective country. An Agreement of this form can only be signed by rights-respecting countries, after it has been certified by the U.S. Attorney General to the U.S. Congress that their laws have robust substansive and procedural protections for privacy and civil liberties.

The Agreement between the U.K. and the U.S.A. further assures providers that the requested disclosures are compatible with data protection laws in both respective countries.

In addition to the Agreement with the United Kingdom, there have been talks between the United States and Australia on Monday, reporting negotiations for such an Agreement between the two countries. Other negotiations have also been held between the U.S. and the European Commission, representing the European Union, in regards to a Data Access Agreement.

Category: General · UK · USA
Tags: , , , ,

United States vs. Microsoft II

4. April 2018

In the USA, the “Cloud Act” (Clarifying Lawful Overseas Use of Data Act) came into force a few days ago with the signature of President Trump.

The Cloud Act stipulates that US investigators should have access to personal data located on servers outside the USA. To this end, bilateral agreements may be concluded authorizing investigators to contact the cloud provider directly.

As part of this, the US Department of Justice filed an application with the US Supreme Court to declare United States of America vs. Microsoft Corporation (New York Search Warrant Case) closed. The case dates from 2013 and has been highly controversial ever since.

The question is whether Microsoft must disclose personal data stored outside the US, here on servers in Ireland, to US authorities. The basis for this was a search warrant issued by a federal district court in New York, which was intended to oblige Microsoft to hand the data over. Microsoft complained about this. A ruling was actually expected in June of this year, but now the matter could be filed before a decision is taken.

Noel J. Francisco, the US government’s chief litigant, filed a petition with the Supreme Court, citing the Cloud Act, arguing that the Microsoft-US dispute is over and no longer needs to be heard. A new search warrant based on the Cloud Act has already been sent to Microsoft.

Category: USA
Tags: , , ,