Feb. 13, 2018
OTI's Sharon Bradford Franklin wrote for Just Security on the improvements that need to be made to the Clarifying Lawful Overseas Use of Data (CLOUD) Act in order to ensure meaningful protection for privacy and human rights:
"It is true that the Clarifying Lawful Overseas Use of Data (CLOUD) Act would moot the Microsoft-Ireland case now pending in the U.S. Supreme Court, 'and much more.' But this bill addressing cross-border access to data is not a cause for celebration as Jennifer Daskal urges, because it fails to include fundamental safeguards to protect the rights of consumers.
The CLOUD Act would make it easier for the U.S. government to demand communications data held in other countries, and for foreign governments to access electronic data held in the United States. As Jennifer Daskal reports, the first part of the bill would resolve the legal question now pending before the Supreme Court in United States v. Microsoft in favor of the government. Under current law, as argued in an amicus brief filed by New America’s Open Technology Institute (OTI) and a broad coalition of rights organizations and trade associations, Section 2703(a) of the Stored Communications Act (SCA), cannot be used by the U.S. government to compel production of data held outside the United States. The CLOUD Act would amend the SCA, which is part of the Electronic Communications Privacy Act (ECPA), to extend its reach and authorize the government to obtain communications data 'regardless of whether' the data 'is located within or outside of the United States.'"