Hogan Lovells White Paper Examines National Security Access to Personal Data in the Worldwide Cloud
23 May 2013
WASHINGTON, D.C., PARIS, and BRUSSELS, 23 May 2013 – At a program presented by the Openforum Academy on the 22 May in Brussels, Hogan Lovells released a White Paper demonstrating that the limitations applied to U.S. law enforcement access to data stored in the Cloud during national security and foreign intelligence investigation in many cases surpass restrictions applied during similar investigations in other countries.
A Sober Look at National Security Access to Data in the Cloud was penned by Christopher Wolf, co-director of Hogan Lovells' Privacy and Information Management practice, and Paris office partner Winston Maxwell.
The White Paper is an update to Wolf and Maxwell’s 2012 White Paper, A Global Reality: Governmental Access to Data in the Cloud, which debunked the oft-repeated misconception of critics of the U.S. government that the 2001 USA PATRIOT Act gives U.S. law enforcement greater powers of access to data stored with a third-party Cloud computing service than governments elsewhere. Most recently, these critics have focused their attention on another law, Section 702 of the Foreign Intelligence Surveillance Act (“FISA”), enacted under the FISA Amendments Act of 2008 and codified at 50 U.S.C. § 1881a (frequently referred to just as Section 1881a), which sets out rules governing the surveillance and collection of evidence about persons suspected of being part of a terrorist organization or acting as spies for foreign governments.
“The law enforcement agencies tasked with complying with FISA are required to provide regular compliance reports to the Congressional committees with responsibility over national security,” said Wolf, who is based in Hogan Lovells’ Washington, D.C. office. “As with the Patriot Act, Section 1881a has been invoked by some in Europe as a kind of shorthand to express the belief that the United States has greater access to data in the Cloud than governments elsewhere, and that the U.S. government is the principal threat to the privacy of European citizens.”
“In general, FISA governs the surveillance of and the collection of evidence about persons suspected of being part of a terrorist organization or acting as spies for foreign governments,” added Maxwell, a partner in Hogan Lovells' Privacy and Information Management practice group. “Section 1881a does not give the U.S. government carte blanche to seize whatever information it wants from Cloud service providers. As the Supreme Court recently acknowledged, surveillance under Section 1881a is subject to statutory conditions, judicial authorization, and Congressional supervision.”