Hunton Andrews Kurth writes:
Earlier this month, the U.S. Department of Justice (“DOJ”) published a white paper entitled “Promoting Public Safety, Privacy, and the Rule of Law Around the World: The Purpose and Impact of the CLOUD Act” (“White Paper”). The Clarifying Lawful Overseas Use of Data Act (the “CLOUD Act”) was enacted in March 2018 by the U.S. government to aid foreign and U.S. investigators in obtaining access to electronic information related to serious crimes and held by service providers. The CLOUD Act authorizes the U.S. to enter into bilateral agreements with foreign countries that abide by a baseline standard for rule-of-law, privacy and civil liberties protections to streamline processes for obtaining electronic evidence. The CLOUD Act also codifies the principle that a company subject to U.S. jurisdiction “can be required to produce data the company controls, regardless of where it is stored at any point in time.”
Read more on Privacy & Information Security Law Blog.
Update: Joe Cadillic submitted additional material in response to this post, and I’m moving it up here so everyone is sure to see it:
The Cloud Act Is Not a Tool for Theft of Trade Secrets:
After last year’s passage of the Clarifying Lawful Overseas Use of Data Act (Cloud Act), officials and journalists in the European Union have ramped up criticism of the American desire for extraterritorial access to electronic evidence, with some accusing the United States of being motivated by the desire to conduct economic espionage for the benefit of U.S. economic interests. A February piece from the French paper Les Echos said that “[m]any observers feel that American justice could be deploying [the Cloud Act] for purposes of economic espionage.” The article quotes the CEO of a French service provider as saying that some of his French clients come to his company specifically to avoid handing payroll information to the U.S. government or other services under U.S. control.