Reforming laws:
Clarifying Lawful Overseas Use of Data (CLOUD) Act
The current U.S. law governing police access to data is more than 30 years old and does not reflect the modern realities of cloud computing. The CLOUD Act is an important step toward enhancing and protecting individual privacy rights, reducing international conflicts of law and keeping us all safer.
Late in the afternoon last Friday, U.S. President Donald Trump signed the omnibus spending bill. Buried within the bill was the Clarifying Lawful Overseas Use of Data Act, a law that will change how the U.S. government can access user data stored overseas, among other things.
Earlier this week, two dozen civil liberties-focused organizations, including the American Civil Liberties Union (ACLU), Center for Democracy and Technology (CDT), and Amnesty International USA, wrote to members of Congress to express their opposition to The CLOUD Act.
Many feel that the current MLA system is slow, cumbersome and in need of updating to handle the growth of online cloud services and the globalization of criminal evidence. The CLOUD Act provides a much-needed update.
The CLOUD Act is necessary to update the way our law enforcement deals with the borderless nature of online data. However, as some raise concerns about the bill’s ability to safeguard civil rights, we should be diligent to point out its strength in this regard.
How should law enforcement officials deal with digital data that happens to be stored in a different country? If FBI agents, pursuing a subject who committed a crime in the United States, serve a valid court order on an American company, the government shouldn’t have to wait a year because the company happens to store the information overseas. Likewise, if the London police are investigating a local murder, the fact that they are seeking phone records from a communications provider located in the United States should not block them from doing their job.
Congress is now considering long-overdue legislation that authorizes faster access to
internationally stored electronic data needed to prosecute serious crime and disrupt
terrorist plots in the United States, Britain and elsewhere. The legislation, the
Clarifying Lawful Overseas Use of Data Act, or Cloud Act, would preserve law and
order, advance the United States’ leadership in cybersecurity, ease restrictions on
American businesses and enhance privacy standards globally. This is a priority for
both of our governments.
There's a solution in Congress that will help law enforcement gather electronic evidence, often stored on servers abroad, while reducing conflicts of law facing cloud storage providers: the Clarifying Lawful Overseas Use of Data (CLOUD) Act.
Conflicts of law in cyberspace have grown worse in recent years. Multinational technology companies now regularly fight costly legal battles with the U.S. government. Both sides want to know: Can a U.S. warrant compel the disclosure of data stored abroad and subject to foreign law? Whose law takes precedence? What can be done to prevent such conflicts?
The president and chief legal officer of Microsoft, Brad Smith, argued this week before a U.S. House Judiciary Committee that current laws about government access to personal data are woefully antiquated.
Microsoft president and chief legal officer Brad Smith spoke to the U.S. House Judiciary Committee today, and he brought an antique piece of technology to prove his point.