Cybersecurity, Legislation & Lobbying

The CLOUD Act: New freedom or unlawful snooping?

The technicalities of applying US law to international computer servers came into question recently amidst a stormy background of legal battles between technology companies and the American government.

Following an ongoing debate surrounding the Stored Communications Act (1986) a motion passed decades before the internet was a feature of modern life, a proposed alternative act which was submitted to the Senate last month has now also been put in the firing line – leaving the dispute between technology companies, governments and the access to internationally located intelligence in a deadlock.

The Clarifying Lawful Overseas Use of Data, better known as The CLOUD Act, is a bipartisan bill that would allow foreign governments to access American data collected on foreign individuals, as well as enhance U.S cross-border information. The act proposed by Senators Hatch, Graham, Coons and Whitehouse aims to amend the current Stored Communications Act in response to the United States vs. Microsoft legal battle which took place this February. This court dispute centres around the American Government’s request to access personal emails linked to a former drug-trafficking investigation. Though Microsoft handed over American data, they refused to provide the government with access to the accused’s emails as they were stored on a server located in Ireland, where the account was set up. Although the outcome of this ruling is yet to be decided, the new and ‘improved’ bill would allow governments to weave around such restrictions, modify the legal barriers and gain access to private or sensitive information that is relevant to legal cases which could apply both to foreign governments as well as the American judicial system.

Like with the majority of issues relating to delicate personal data and access to too much information, the bill has already raised some eyebrows. A number of groups across the country initially challenge the bill’s connection to the Fourth Amendment, arguing that the law ultimately undermines, ‘the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures’.

The American Civil Liberties Union (ACLU) for instance, have referred to the fluffy cloud bill as a threat, suggesting, it ‘threatens activists abroad, individuals here in the U.S., and would empower Attorney General Sessions in new disturbing ways. And, now, some members of Congress may be working behind the scenes to sneak it into a gargantuan spending bill that Congress will shortly consider’.

These sentiments are also reiterated by the Electronic Frontier Foundation (EFF)  and expresses fear at providing the government with an overarching access around legal boundaries, arguing ‘the breadth of such unilateral extraterritorial access creates a dangerous precedent for other countries who may want to access information stored outside their own borders, including data stored in the United States’. They paint a picture of a terrifying, totalitarian image where no information is safe.

Despite a number of advocacy groups fearing this new bill will weaken security, others look at the new proposals with optimism and welcome the update to security laws that are clearly outdated.  The Lawfare publications set out an argument for embracing the legislation, arguing that ‘the bill sets critically important baseline substantive and procedural protections while doing so in a way that is achievable and understandable to other rights-respecting nations.’ As well as looking at the bill’s benefits, allowing governments to work together and essentially close the gap of online criminal activity, there is also the belief that civil liberties would remain protected through checks and balances.

In reality, not enough is known about the CLOUD act, nor have we seen it put in practice to understand the repercussions just yet. While unlocking the internet globally seems only natural in terms of technical progression and in enhancing relationships between law-abiding countries, the fear of the abuse of such access remains rife. A curveball, of course, comes in the form of the  United States vs. Microsoft case, a ruling that might render the act devoid if it leans in the favour of the American government.

Previous ArticleNext Article

Leave a Reply

Your email address will not be published. Required fields are marked *