Obscured by Clouds or How to Address Governmental Access to Cloud Data from Abroad

Privacy Law Scholars Conference 2013

35 Pages Posted: 10 Jun 2013 Last revised: 13 Dec 2014

See all articles by Joris van Hoboken

Joris van Hoboken

University of Amsterdam

Axel Arnbak

University of Amsterdam - Institute for Information Law (IViR); Harvard University - Berkman Klein Center for Internet & Society

N.A.N.M. van Eijk

affiliation not provided to SSRN

Date Written: June 9, 2013

Abstract

Transnational surveillance is obscured by the cloud. U.S. foreign intelligence law provides a wide and relatively unchecked possibility of access to data from Europeans and other foreigners. The amendments to the Foreign Intelligence Surveillance Act in 50 USC 1881a (section 702) are of particular concern. Recent leaks around the PRISM surveillance program of the National Security Agency seem to support that these legal possibilities are used in practice on a large scale.

These developments will affect market conditions and competition, notably for U.S.-based cloud services. In addition, the possibility of foreign governmental access impacts the privacy of cloud end-users and can cause chilling effects with regard to cloud computing use.

Calls for regulatory action and termination of cloud contracts are starting to emerge – such as in cases of medical data storage in electronic patient record systems and biometric data processing in relation to passports in The Netherlands. This Article analyses regulatory solutions to the current status quo on four levels: i) the possibility of limiting surveillance in the U.S. itself; ii) international law as a framework to impose some limitations; iii) the EU General Data Protection Regulation proposals and the EU Cloud Strategy, and iv) improved oversight on transnational intelligence gathering.

If transnational intelligence remains obscured by the cloud, the various promises of the cloud, and electronic communications in general, might stall. It will be hard, but considering all the interests involved in the transition to the cloud, it must be possible to come to some agreement about restrictions on transnational intelligence gathering and stronger protections for non-U.S. persons in U.S. clouds.

Keywords: Cloud Computing, Intelligence Surveillance, Cybersecurity, Privacy

Suggested Citation

van Hoboken, Joris V. J. and Arnbak, Axel and van Eijk, N.A.N.M., Obscured by Clouds or How to Address Governmental Access to Cloud Data from Abroad (June 9, 2013). Privacy Law Scholars Conference 2013, Available at SSRN: https://ssrn.com/abstract=2276103 or http://dx.doi.org/10.2139/ssrn.2276103

Joris V. J. Van Hoboken

University of Amsterdam ( email )

Spui 21
Amsterdam, 1018 WB
Netherlands

Axel Arnbak (Contact Author)

University of Amsterdam - Institute for Information Law (IViR) ( email )

Kloveniersburgwal 48
Amsterdam, 1012 CX
Netherlands

HOME PAGE: http://www.ivir.nl/staff/arnbak.html

Harvard University - Berkman Klein Center for Internet & Society ( email )

23 Everett Street
Cambridge, MA 012138
United States

N.A.N.M. Van Eijk

affiliation not provided to SSRN

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Downloads
799
Abstract Views
7,628
Rank
62,838
PlumX Metrics