Don’t fall for the FUD around the Patriot Act – all governments have access powers

Businesses often assume knowledge of the laws regulating governmental access to data in their home jurisdictions, and they make further assumptions about the legal regimes abroad where cloud service providers may be located. This is according to Conor Ward, Chair of the Cloud Industry Legal Forum (CILF), the legal advisory sub-group of the Cloud Industry Forum and partner at Hogan Lovells.

“A lot of assumptions are being made about legal regimes abroad and none so controversial in Europe than the US 2001 Patriot Act cited by many as an example of where the US government has greater powers of access to personal data than any other government. This is nothing short of FUD (fear, uncertainty and doubt),” stated Conor Ward.

Governments need some degree of access to data for criminal investigations and for purposes of national security. But privacy and confidentiality also are important issues.

Conor continued: “We surveyed the legal environments of the major European countries and found that even those ones with strict privacy laws also have anti-terrorism laws that allow expedited government access to Cloud data.

“Our findings have led us to a number of conclusions. On the fundamental question of government access to data in the Cloud, we conclude that it is not possible to isolate data in the cloud from government access based on the physical location of the Cloud service provider or its facilities. Government’s ability to access data in the cloud extends across borders. And it is incorrect to assume that the US government’s access to data in the cloud is more advanced than any other advanced economy,” he added.

“The existence of Mutual Legal Assistance Treaties greatly diminishes any argument that data stored in one jurisdiction is immune from access by other governmental authorities in anther jurisdiction. Furthermore, every single country we examined vests authority in the government to require a cloud service provider to disclose customer data in certain situations and in most instances this authority enables the government to access data physically stored outside the country’s borders, provided there is some jurisdictional hook, such as the presence of a business within the country’s borders.”

Andy Burton, chair of the Cloud Industry Forum and CEO of Fasthosts added: “This research – and subsequent White Paper produced by Hogan Lovells – reveals the great myth. Businesses are misleading themselves and their customers if they contend that restricting cloud service providers to one jurisdiction better insulates data from governmental access. For many end users the message to-date has been one of fear, uncertainty and doubt, and that has had the potential to hold the market back. Now is the time to recognise that governments across the developed world have their own legal parameters within which they work either in isolation or together. The plain fact of the matter is that the existence of Mutual Legal Assistance Treaties diminishes any argument that data stored in one jurisdiction is immune from access by a government in another.”

The following two tabs change content below.


Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam dignissim magna vitae dui posuere eu feugiat augue eleifend. Fusce sed tincidunt quam. Donec varius aliquam metus ut semper. Donec augue purus, feugiat interdum malesuada vel, aliquet quis massa. Nulla facilisi. Nam vel ante quam, et tincidunt dui. Maecenas venenatis libero eu nulla tincidunt et accumsan velit sodales. Nam congue mauris et felis porttitor blandit. Nam eget tempor massa. Nullam suscipit gravida eros, ac suscipit magna feugiat sit amet.

Latest posts by admin (see all)

If you have any comments please click the link
Comments 0

Leave a Comment