The CLOUD Act was, for all intents and purposes, smuggled into the 2232-page US omnibus spending bill that was passed on Friday. Stipulations will drastically change internet privacy laws.
In the looming shadow of yet another potential government shutdown Friday, Congress passed and the president signed a $1.3 trillion spending bill designed to keep the US federal government funded through the end of September.
The bill, which passed both the House (256-167) and Senate (65-23) on March 23, included a repeal of the Mutual Legal Assistance Treaties (MLATs), which had previously allowed for the exchange of information between the US and foreign governments when conducting cross-border investigations.
These MLATs have now been replaced by Division V of the omnibus bill, called the “Clarifying Lawful Overseas Use of Data Act,” or CLOUD Act, which drastically expands international law enforcement powers.
Originally a stand-alone bill (S.2383), the CLOUD Act was introduced by Senator Orrin Hatch (R-UT) and Representative Doug Collins (R-GA) in February to improve access to stored electronic data by law enforcement, domestically and abroad, and “for other purposes”. The bill had not received a hearing prior to reappearing in the spending bill.
Expanded Congressional findings included in the bill are as follows:
(1) Timely access to electronic data held by communications-service providers is an essential component of government efforts to protect public safety and combat serious crime, including terrorism.
(2) Such efforts by the United States Government are being impeded by the inability to access data stored outside the United States that is in the custody, control, or possession of communications-service providers that are subject to jurisdiction of the United States.
(3) Foreign governments also increasingly seek access to electronic data held by communications-service providers in the United States for the purpose of combating serious crime.
(4) Communications-service providers face potential conflicting legal obligations when a foreign government orders production of electronic data that United States law may prohibit providers from disclosing.
(5) Foreign law may create similarly conflicting legal obligations when chapter 121 of title 18, United States Code (commonly known as the “Stored Communications Act”), requires disclosure of electronic data that foreign law prohibits communications-service providers from disclosing.
(6) International agreements provide a mechanism for resolving these potential conflicting legal obligations where the United States and the relevant foreign government share a common commitment to the rule of law and the protection of privacy and civil liberties.
Now, the CLOUD Act has come under the scrutiny of several government watchdogs. Critics, such as the Electronic Frontier Foundation (EFF) and the American Civil Liberties Union (ACLU), have sounded off on what is quickly becoming a focal point of the national conversation.
“In the final pages of the bill,” wrote the EFF’s David Ruiz, “meant only to appropriate future government spending—lawmakers snuck in a separate piece of legislation that made no mention of funds, salaries, or budget cuts. Instead, this final, tacked-on piece of legislation will erode privacy protections around the globe.”
Ruiz elaborated by saying:
“It was never reviewed or marked up by any committee in either the House or the Senate. It never received a hearing. It was robbed of a stand-alone floor vote because Congressional leadership decided, behind closed doors, to attach this un-vetted, unrelated data bill to the $1.3 trillion government spending bill. Congress has a professional responsibility to listen to the American people’s concerns, to represent their constituents, and to debate the merits and concerns of this proposal amongst themselves, and this week, they failed.”
The ACLU, which claims that the bill fails to protect and recognize the authority of the United States Constitution, took things a step further, stating, “The bill would permit foreign governments to obtain real-time intercepts (wiretaps) in the U.S. pursuant to standards under which the U.S. government is prohibited from wiretapping.”
The CLOUD Act was a cumulative effort by legal minds at Apple, Facebook, Microsoft, Google, Yahoo! and Oath, who released a joint statement regarding their support for the legislation. Microsoft’s president, Brad Smith, even released an individual statement outlining his company’s individual position on the matter.
The CLOUD Act’s passage (to say nothing of the way in which it was passed) highlights growing public concern that data privacy rights are coming to national crossroads. Many in the ecosystem are pushing for an “internet bill of rights” to protect the people in this digital age.
Jordan Daniell is a full-time staff writer for ETHNews with a passionate interest in techno-social developments and cultural evolution. Jordan enjoys the outdoors, especially astronomy, and likes to play the bag pipes and explore southern California on foot in his spare time. Jordan lives in Los Angeles and holds value in Ether.
ETHNews is committed to its Editorial Policy
Like what you read? Follow us on Twitter @ETHNews_ to receive the latest CLOUD Act, Congress or other Ethereum law and legislation news.