By Kate Westmoreland
Edited by Yunnan Jiang
Accessing online records and user data is an integral part of modern criminal investigations and prosecutions. However, accessing an individual’s communications, subscriber details or metadata can raise significant privacy concerns. These issues become even more complex when they involve users and governments from several different countries. Unfortunately, the legal framework that guides these decisions is out of date and unable to adequately cope with rapidly evolving technologies, cross-border interactions, and exponential growth in data collection. This means that internet providers are making important decisions about whether or not to hand over user data to law enforcement from all over the world without clear legal guidance.
This paper analyses the law controlling when U.S.-based providers can provide online user data to foreign governments. The focus is on U.S. law because current U.S. dominance of cloud-based services and internet providers means that U.S. laws and practices affect a large number of global users. The first half of this paper outlines the legal framework governing these requests. The second half of the paper highlights the gaps in the law and how individual companies’ policies fill these gaps. (more…)