Legal Access to the Global Cloud

IF 3.4 2区社会学 Q1 LAW

Columbia Law Review Pub Date : 2018-10-15 DOI:10.2139/SSRN.3008392

P. Schwartz

{"title":"Legal Access to the Global Cloud","authors":"P. Schwartz","doi":"10.2139/SSRN.3008392","DOIUrl":null,"url":null,"abstract":"Author(s): Schwartz, PM | Abstract: © 2018, Columbia Law Review Association. All rights reserved. Increased use of the cloud and its international scope raise significant challenges to traditional legal authorities that permit access to data stored outside the United States. The resulting stakes are high. This area of law affects a wide range of important matters concerning law enforcement, national security, and civil litigation. Up until now, however, policymakers in this area have failed to fully appreciate the technological distinctions between different types of data clouds. This Article develops and distinguishes between three models of cloud computing to provide greater clarity for courts when evaluating international data access requests. These models are the Data Shard, Data Localization, and Data Trust clouds. This new typology reveals how the same legal authority will lead to notably different results in data access cases depending on the technical architecture of the cloud network. To illustrate, this Article assesses the likely results for each type of cloud under the full range of American legal authorities that permit parties to seek digital information held abroad—namely, the Fourth Amendment, the Stored Communications Act, Mutual Legal Assistance Treaties, administrative or grand jury subpoenas, and the Foreign Intelligence Surveillance Act. This Article’s analysis of cloud models also points to the profound instability of current American data access rules. The writing is on the wall. Companies and individuals outside of the United States now have multiple ways, including changing their cloud management models, to shelter data beyond the exclusive reach of U.S. law, which will increase the importance of non-U.S. access rules. This trend will spell the end of unilateral decisionmaking by U.S. courts concerning the legal process to be applied when the government or civil litigants seek data stored extraterritorially. In response, this Article advances two principles for a world of omnipresent global cloud computing. First, U.S. law should treat extraterritorial data requests equally, regardless of the location of the cloud provider’s headquarters. This legal approach would foster a level playing field for global cloud companies and encourage innovation, rather than further balkanization of the internet. Second, there is a need for international cooperation to create reciprocity. The “Pax Americana” of unilateral U.S. governance in this area is ending, and the wisest course for U.S. policy is to establish new international agreements for global data access. As this Article details, the CLOUD Act of 2018 takes a major step toward incorporation of these principles in an effort to preserve the internet as a global space. But the Act also encourages a knowyour-customer regime, where the ultimate cost may be paid in users’ privacy.","PeriodicalId":51408,"journal":{"name":"Columbia Law Review","volume":null,"pages":null},"PeriodicalIF":3.4000,"publicationDate":"2018-10-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.2139/SSRN.3008392","citationCount":"14","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Columbia Law Review","FirstCategoryId":"90","ListUrlMain":"https://doi.org/10.2139/SSRN.3008392","RegionNum":2,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"LAW","Score":null,"Total":0}

引用次数: 14

Abstract

Author(s): Schwartz, PM | Abstract: © 2018, Columbia Law Review Association. All rights reserved. Increased use of the cloud and its international scope raise significant challenges to traditional legal authorities that permit access to data stored outside the United States. The resulting stakes are high. This area of law affects a wide range of important matters concerning law enforcement, national security, and civil litigation. Up until now, however, policymakers in this area have failed to fully appreciate the technological distinctions between different types of data clouds. This Article develops and distinguishes between three models of cloud computing to provide greater clarity for courts when evaluating international data access requests. These models are the Data Shard, Data Localization, and Data Trust clouds. This new typology reveals how the same legal authority will lead to notably different results in data access cases depending on the technical architecture of the cloud network. To illustrate, this Article assesses the likely results for each type of cloud under the full range of American legal authorities that permit parties to seek digital information held abroad—namely, the Fourth Amendment, the Stored Communications Act, Mutual Legal Assistance Treaties, administrative or grand jury subpoenas, and the Foreign Intelligence Surveillance Act. This Article’s analysis of cloud models also points to the profound instability of current American data access rules. The writing is on the wall. Companies and individuals outside of the United States now have multiple ways, including changing their cloud management models, to shelter data beyond the exclusive reach of U.S. law, which will increase the importance of non-U.S. access rules. This trend will spell the end of unilateral decisionmaking by U.S. courts concerning the legal process to be applied when the government or civil litigants seek data stored extraterritorially. In response, this Article advances two principles for a world of omnipresent global cloud computing. First, U.S. law should treat extraterritorial data requests equally, regardless of the location of the cloud provider’s headquarters. This legal approach would foster a level playing field for global cloud companies and encourage innovation, rather than further balkanization of the internet. Second, there is a need for international cooperation to create reciprocity. The “Pax Americana” of unilateral U.S. governance in this area is ending, and the wisest course for U.S. policy is to establish new international agreements for global data access. As this Article details, the CLOUD Act of 2018 takes a major step toward incorporation of these principles in an effort to preserve the internet as a global space. But the Act also encourages a knowyour-customer regime, where the ultimate cost may be paid in users’ privacy.

查看原文本刊更多论文

合法访问全球云

作者：Schwartz，PM |摘要：©2018，哥伦比亚法律评论协会。保留所有权利。云的使用及其国际范围的增加对允许访问美国境外存储的数据的传统法律机构提出了重大挑战。由此产生的风险很高。这一法律领域涉及执法、国家安全和民事诉讼等一系列重要事项。然而，到目前为止，该领域的政策制定者未能充分认识到不同类型数据云之间的技术差异。本条开发并区分了云计算的三种模型，以使法院在评估国际数据访问请求时更加清晰。这些模型是数据共享、数据本地化和数据信任云。这种新的类型揭示了同一法律权威如何根据云网络的技术架构在数据访问案件中导致明显不同的结果。为了说明这一点，本文评估了在允许各方寻求海外数字信息的美国法律授权范围内，每种云的可能结果，即《第四修正案》、《存储通信法》、《司法协助条约》、行政或大陪审团传票以及《外国情报监视法》。本文对云模型的分析也指出了当前美国数据访问规则的深刻不稳定性。文字在墙上。美国以外的公司和个人现在有多种方式，包括改变他们的云管理模式，以保护美国法律专属范围之外的数据，这将增加非美国访问规则的重要性。这一趋势将意味着，当政府或民事诉讼当事人寻求域外存储的数据时，美国法院就适用的法律程序做出的单方面决定将结束。作为回应，本文针对无所不在的全球云计算世界提出了两条原则。首先，无论云提供商总部位于何处，美国法律都应平等对待域外数据请求。这种法律方法将为全球云公司创造一个公平的竞争环境，鼓励创新，而不是互联网的进一步分裂。第二，需要开展国际合作，创造互惠。美国在这一领域单方面治理的“美国和平”正在结束，美国政策最明智的做法是为全球数据访问建立新的国际协议。正如本文所详述的，2018年的《云法案》朝着将这些原则纳入其中迈出了重要一步，以保护互联网作为一个全球空间。但该法案也鼓励“了解你的客户”制度，即最终成本可能以用户隐私为代价。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Columbia Law Review LAW-

CiteScore

3.00

自引率

6.90%

发文量

期刊介绍： The Columbia Law Review is one of the world"s leading publications of legal scholarship. Founded in 1901, the Review is an independent nonprofit corporation that produces a law journal edited and published entirely by students at Columbia Law School. It is one of a handful of student-edited law journals in the nation that publish eight issues a year. The Review is the third most widely distributed and cited law review in the country. It receives about 2,000 submissions per year and selects approximately 20-25 manuscripts for publication annually, in addition to student Notes. In 2008, the Review expanded its audience with the launch of Sidebar, an online supplement to the Review.