CLOUD Act bill gives foreign police access to U. S. data
WASHINGTON – Police in other countries will be able to get emails and other electronic communication more easily from their own citizens and from Americans under a bill Congress stuffed inside the $ 1.3 trillion spending deal passed last week.
Supporters said the bill, dubbed the CLOUD Act, will simplify the process for the U. S. government and its allies to get evidence of serious crimes and terrorist threats when that evidence is stored on a server in another country.
Internet providers had been able to legally stop police agencies from gaining access to their own citizens’ emails if those emails were stored in a foreign nation. Microsoft stores data in 40 countries.
“The CLOUD Act can save lives, preserve international relations, empower law enforcement and ensure justice for citizens,” said James Scott, senior fellow at the Institute for Critical Infrastructure Technology.
Opponents, including civil liberty and privacy rights groups, said the law could make it easier for nations with human rights abuses to spy on dissidents and collect data on Americans who communicate with foreign nationals.
“Tucked away in the omnibus spending bill is a provision that allows Trump, and any future president, to share Americans’ private emails and other information with countries he personally likes,” said Sen. Ron Wyden, D- Ore. “That means he can strike deals with Russia or Turkey with nearly zero congressional involvement and no oversight by U.S. courts.”
In a letter to Congress, the American Civil Liberties Union, the Electronic Frontier Foundation, Human Rights Watch and other civil liberties groups said the CLOUD Act allows foreign governments to wiretap on American soil, using standards that don’t comply with U. S. law, and gives the executive branch power to enter into agreements with nations without congressional approval.
The 24 groups said the law permits foreign police agencies to obtain information about people in the United States without having to follow the search- and- seizure rules imposed by the U. S. Constitution, and it could give foreign governments access to information they could use to torture their opponents.
Microsoft President and Chief Legal Officer Brad Smith said in a blog post Wednesday that congressional passage of the CLOUD Act “is a critical step forward in resolving an issue that has been the subject of litigation for over four years.”
At the same time, Smith wrote, the law will prevent governments from requiring U. S. companies to create “backdoors” around encrypted data, helping to protect users.
The CLOUD Act is an attempt to update a 32- year- old law that was passed before the Web existed. That obsolete law, the Stored Communications Act, is the subject of a case before the U. S. Supreme Court — a case that is moot because of Congress’ approval of the new law.
The case, which pitted the federal government against Microsoft, centered on an attempt by U. S. law enforcement to obtain emails in a drugtrafficking case thatwere stored on a Microsoft server in Dublin.
Microsoft argued that it shouldn’t have to turn over its users’ emails because they were outside the USA and beyond the reach of law.