Up in the Cloud: Finding Common Ground in Providing for Law Enforcement Access to Data Held by Cloud Computing Service Providers
Cloud computing is an everyday part of the modern world; a technology that is increasingly transcending international borders. Disregarding international borders allows cloud computing to operate more efficiently and thus provides better service to users. Yet, the global nature of cloud computing raises a question—what happens if multiple countries apply facially similar laws to cloud computing providers differently? This scenario is common, especially in the context of law enforcement seeking access to cloud computing data. The United States and the United Kingdom have similar laws regarding the government’s ability to acquire users’ data. Importantly, neither law explicitly addresses the question of if and how the law can be applied in a setting where traditional physical borders are being ignored. Currently, both laws focus on the location of the cloud service provider. Instead, these laws should focus on the user’s nationality, or the location from where the data was created. This approach would alleviate some of the problems existing today, including the trend toward data localization through increased regulation of cloud computing. However, this solution will not be successful unless the Mutual Legal Assistance Treaty process is reformed as well.