Obscured by Clouds or How to Address Governmental Access to Cloud Data from Abroad

Privacy Law Scholars Conference 2013

35 Pages Posted: 10 Jun 2013 Last revised: 13 Dec 2014

Joris van Hoboken

NYU Law School - Information Law Institute; New York University (NYU) - Information Law Institut

Axel Arnbak

University of Amsterdam - Institute for Information Law (IViR); Harvard University - Berkman Klein Center for Internet & Society

N.A.N.M. van Eijk

Institute for Information Law (IViR)

Date Written: June 9, 2013

Abstract

Transnational surveillance is obscured by the cloud. U.S. foreign intelligence law provides a wide and relatively unchecked possibility of access to data from Europeans and other foreigners. The amendments to the Foreign Intelligence Surveillance Act in 50 USC 1881a (section 702) are of particular concern. Recent leaks around the PRISM surveillance program of the National Security Agency seem to support that these legal possibilities are used in practice on a large scale.

These developments will affect market conditions and competition, notably for U.S.-based cloud services. In addition, the possibility of foreign governmental access impacts the privacy of cloud end-users and can cause chilling effects with regard to cloud computing use.

Calls for regulatory action and termination of cloud contracts are starting to emerge – such as in cases of medical data storage in electronic patient record systems and biometric data processing in relation to passports in The Netherlands. This Article analyses regulatory solutions to the current status quo on four levels: i) the possibility of limiting surveillance in the U.S. itself; ii) international law as a framework to impose some limitations; iii) the EU General Data Protection Regulation proposals and the EU Cloud Strategy, and iv) improved oversight on transnational intelligence gathering.

If transnational intelligence remains obscured by the cloud, the various promises of the cloud, and electronic communications in general, might stall. It will be hard, but considering all the interests involved in the transition to the cloud, it must be possible to come to some agreement about restrictions on transnational intelligence gathering and stronger protections for non-U.S. persons in U.S. clouds.

Keywords: Cloud Computing, Intelligence Surveillance, Cybersecurity, Privacy

Suggested Citation

van Hoboken, Joris and Arnbak, Axel and van Eijk, N.A.N.M., Obscured by Clouds or How to Address Governmental Access to Cloud Data from Abroad (June 9, 2013). Privacy Law Scholars Conference 2013. Available at SSRN: https://ssrn.com/abstract=2276103 or http://dx.doi.org/10.2139/ssrn.2276103

Joris V. J. Van Hoboken

NYU Law School - Information Law Institute ( email )

139 MacDougal Street
WILF Hall, Room 418
New York, NY 10011
United States

New York University (NYU) - Information Law Institut ( email )

40 Washington Square South
New York, NY 10012-1099
United States

Axel Arnbak (Contact Author)

University of Amsterdam - Institute for Information Law (IViR) ( email )

Kloveniersburgwal 48
Amsterdam, 1012 CX
Netherlands

HOME PAGE: http://www.ivir.nl/staff/arnbak.html

Harvard University - Berkman Klein Center for Internet & Society ( email )

23 Everett Street
Cambridge, MA 012138
United States

N.A.N.M. Van Eijk

Institute for Information Law (IViR) ( email )

Postbus 1030
Amsterdam, 1000 BA
Netherlands

HOME PAGE: http://www.ivir.nl/medewerkerpagina/eijk

Paper statistics

Downloads
595
Rank
35,304
Abstract Views
4,939