USA-CoE: Cross-border law enforcement access to data: USA CLOUD Act enacted; civil society organisations demand meaningful participation on new Council of Europe text


USA-CoE  
Cross-border law enforcement access to data: USA CLOUD Act enacted; civil society organisations demand meaningful participation on new Council of Europe text
4.4.18
Follow us: | | Tweet


"President Trump has signed the CLOUD Act, requiring internet companies to hand over personal data to U.S. law enforcement agencies, no matter where that data is stored. The Act also allows the executive branch to create agreements with foreign countries to provide direct access to personal data stored in the United States. EPIC submitted an amicus brief in United States v. Microsoft arguing that law enforcement access to data abroad should be resolved by international consensus and comply with human rights norms. Many organizations and privacy experts have endorsed the Madrid Privacy Declaration, which would establish international protections for personal data."

Source: EPIC (link)

See: Clarifying Lawful Use of Overseas Data Act (CLOUD Act) (pdf)

And: Nearly 100 Public Interest Organizations Urge Council of Europe to Ensure High Transparency Standards for Cybercrime Negotiations(EFF, link):

"EFF along with 93 civil society organizations from across the globe today sent a letter to the Secretary General of the Council of Europe, Thorbjørn Jagland. The letter requests transparency and meaningful civil society participation in the Council of Europe’s (CoE) negotiations of the draft Second Additional Protocol to the Convention on Cybercrime (also known as the “Budapest Convention”) —a new international text that will deal with cross-border access to data by law enforcement authorities. According to to the Terms of Reference for the negotiations, it may include ways to improve Mutual Legal Assistance Treaties (MLATs) and allow “direct cooperation” between law enforcement authorities and companies to access people’s “subscriber information”, order “preservation” of data, and to make “emergency requests”.

The upcoming Second Additional Protocol is currently being discussed at the Cybercrime Convention Committee (T-CY) of the Council of Europe, a committee that gathers the States Party to the Budapest Convention on Cybercrime and other observer and “ad hoc” countries and organisations. The T-CY aims to finalize the Second Additional Protocol by December 2019. While the Council of Europe has made clear its intention for “close interaction with civil society”, civil society groups are asking to be included throughout the entire process—not just during the Council of Europe’s Octopus Conferences.

(...)

In light of the passing of the CLOUD Act in the United States that undermines the rights to privacy and other rights, the forthcoming proposal of the European Union on e-evidence, and other initiatives, it is vitally important that the TC-Y listens to and engages with civil society proactively and in a timely manner. Civil society wants to engage in this process to ensure the new protocol will uphold the highest human rights standards."

See: Global civil society letter to the Council of Europe: Cybercrime negotiations and transparency (pdf)

Search our database for more articles and information or subscribe to our mailing list for regular updates from Statewatch News Online.

 

Spotted an error? If you've spotted a problem with this page, just click once to let us know.

Report error