Citations (1)


Footnotes (104)



Accessing Data in the Cloud: The Long Arm of the Law Enforcement Agent

Ian Walden

Queen Mary University of London, School of Law

November 14, 2011

Queen Mary School of Law Legal Studies Research Paper No. 74/2011

In an investigation involving cloud computing services, Law Enforcement Agencies (LEAs) may seek access to data held on computer systems located in foreign jurisdictions, held by foreign service providers or where the physical location of the data is unknown. A LEA investigation may focus on cloud users and/or cloud service providers through the utilisation of covert investigative techniques, such as surveillance or interception, or the exercise of coercive powers, such as search and seizure, to directly obtain the forensic material.

This article considers various forensic challenges for law enforcement in a cloud computing environment and discusses questions of vires raised by the exercise of LEA powers. When does the exercise of LEA powers in the cloud reach a jurisdictional limit, thereby becoming potentially unlawful in the LEA's domestic jurisdiction as well as in the foreign territory where they were exercised? What obligations does a service provider have to assist a LEA in an investigation, from delivering up data in response to a request, to retention of data and implementation of an intercept capability? How may LEA powers differ between obtaining data ‘at rest’ within a cloud service, as opposed to data ‘in transmission’ to, from or within the cloud service? Finally, where data is obtained ultra vires, in breach of legal rules, what impact may that have on the evidential value of such data?

For LEAs, cloud service providers and users, each of these issues presents a boundary between lawful and unlawful behaviours, or regulated and unregulated activities. This article examines how and when those boundaries apply, and what mechanisms have been adopted, or are proposed, to address the needs of LEAs in a cloud environment. This article focuses on European Union and international legal rules, particularly the Council of Europe Cybercrime Convention (2001), on obtaining data for investigative and subsequent prosecutorial purposes, and how such rules interact and potentially conflict with foreign laws and rules.

Number of Pages in PDF File: 24

Keywords: Cloud Computing, Confidentiality, Conflict of Laws, Contract, Crime, Criminal Law, Cybercrime, Data Disclosure, Data Privacy, Data Protection, Data Retention, EU, European Union, Evidence, Forensics, Interception, Internet, Jurisdiction, Law Enforcement, Law Enforcement Agencies, Legal Issues

Open PDF in Browser Download This Paper

Date posted: March 10, 2011 ; Last revised: April 11, 2015

Suggested Citation

Walden, Ian, Accessing Data in the Cloud: The Long Arm of the Law Enforcement Agent (November 14, 2011). Queen Mary School of Law Legal Studies Research Paper No. 74/2011. Available at SSRN: http://ssrn.com/abstract=1781067 or http://dx.doi.org/10.2139/ssrn.1781067

Contact Information

Ian Walden (Contact Author)
Queen Mary University of London, School of Law ( email )
Mile End Road
London, London E1 4NS
United Kingdom
Feedback to SSRN

Paper statistics
Abstract Views: 6,663
Downloads: 1,838
Download Rank: 4,908
Citations:  1
Footnotes:  104

© 2015 Social Science Electronic Publishing, Inc. All Rights Reserved.  FAQ   Terms of Use   Privacy Policy   Copyright   Contact Us
This page was processed by apollo8 in 0.453 seconds