President Trump has signed into law the so-called CLOUD Act, a law that will give US authorities easier access to data stored abroad.
The legislation was approved by the House of Representatives without much opposition, and will enable US authorities to demand that internet companies and cloud providers hand over emails and other personal information from the online services storing data beyond US borders.
The Act will affect Google, Microsoft, Facebook and others, who all have data centres across the world.
The Clarifying Lawful Overseas Use of Data (CLOUD) Act, to give it its full title, regulates how the US authorities can collect data stored overseas, effectively lowering the barrier for data requests. It also empowers the US government to establish agreements to pass on data stored on its soil to criminal investigators in other nations, without the requirement of court or Congressional approval.
The new law replaces the previous one that allowed for cross-border access to data, providing the requests were approved by the Senate and vetted by the US Department of Justice.
The likes of Apple, Microsoft and Google all approved the new law, as its predecessor made requesting data a cumbersome process; Microsoft's president Brad Smith noted it adds clarification to the law and creates a "modern legal framework for how law enforcement agencies can access data across borders".
Today is an important day for privacy rights around the world, for international relations, and for building trust in the technology we all rely on every day. pic.twitter.com/9afiFXmzGn— Brad Smith (@BradSmi) March 22, 2018
Tech firms can, under the new legislation, refuse to grant a data request if they believe it's going to be used by authorities to hamper opposition politicians and censor journalists. But this puts a lot of onus on the tech firms to do the right thing.
Not surprisingly, privacy advocates aren't so positive about the new law, noting that it could enable foreign authorities to commit human rights abuse by easing their access to citizens' data stored beyond their borders.
And there are concerns that the law enables agreements between national authorities that bypass the protections and oversight afforded by US courts: there would be no need to inform local governments or users when data is being accessed, thereby reducing the level of scrutiny such data requests would have.
The Electronic Frontier Foundation also claimed that the law doesn't place adequate limits on the severity of a crime that data requests can apply to either.
BREAKING: Because of failures by some lawmakers to review and markup legislation in a responsible manner, the dangerous cross-border data bill the CLOUD Act was just approved by the House of Representatives in a 256-167 vote for a massive omnibus spending bill.— EFF (@EFF) March 22, 2018
What with the Cambridge Analytica and Facebook affair in full swing, and Apple coming out in favour of new data regulations, it doesn't look like concerns over data access and sharing are going away anytime soon.
HP and Centrica are the first industry partners to sign up to the government's new Code
New ice grows faster but is also more vulnerable to weather and wind
With a crackdown on cheats is coming in November, PUBG rushes to fix matchmaking problems introduced in Update #22
New material uses carbon dioxide from the air to repair and reinforce itself