SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
While the AU govt praises the new US Cloud Act, others aren't so welcoming
Tue, 10th Apr 2018
FYI, this story is more than a year old

The Australian Government has welcome the United States' move to introduce more powers for law enforcement agencies to access overseas data.

The US recently passed the Clarifying Lawful Overseas Use of Data Act (the CLOUD Act), which allows law enforcement agencies with warrants to directly access data held overseas.

Australian Minister for Law Enforcement and Cyber Security Angus Taylor says the CLOUD Act will improve law enforcement cooperation in the digital age, improve law enforcement's access to information, and strengthen data protection measures no matter where that data is held.

"Timely access to electronic data held by communications service providers is an essential component of government efforts to protect public safety and combat serious crime, including terrorism, child sex offences, and organised crime,” Taylor explains.

“Those efforts are impeded when access to important data held on servers overseas is slowed down by cumbersome processes not suited for fast-advancing communication environments, significantly delaying the investigation and prosecution of serious crimes.

The CLOUD Act also allows bilateral agreements between the United States and other countries, as well as safeguards for lawful access to data. These safeguards are apparently based on adherence to human rights and the rule of law.

The Australian Government also believes the Act will also strengthen protections for customer data held by US companies, no matter where that data is stored.

“Given the size and scale of technology and communications companies based in the US, the CLOUD Act has the potential to be of significant benefit to law enforcement.  Australia welcomes the US taking leadership on this issue,” Taylor continues.

The CLOUD Act has come under fire from some dissenters who say it gives law enforcement too much power.

The Electronic Frontier Foundation's Camille Fischer wrote a blog in February, stating that the Act enables law enforcement to access data about a person regardless of where they live and where their information is stored.

“In other words, U.S. police could compel a service provider—like Google, Facebook, or Snapchat—to hand over a user's content and metadata, even if it is stored in a foreign country, without following that foreign country's privacy laws,” Fischer explains.

Requests for data from foreign countries were previously governed by Mutual Legal Assistance Treaties (MLATs), but some fear the new Act may allow governments to bypass those treaties.

The Open Technology Institute, Amnesty International, Human Rights Watch, and the American Civil Liberties Union are also amongst the 24 agencies that have opposed the Act in a letter penned last March. You can read the letter here on the Electronic Frontier Foundation's website.