Latest in Politics

Image credit: Vincent Kessler / Reuters

EU may follow US push for easier data sharing across borders

A proposal would let European authorities request data delivered in days, not months.
278 Shares
Share
Tweet
Share
Save

Sponsored Links

Vincent Kessler / Reuters

Last month, US lawmakers passed legislation updating how law enforcement gets access to native companies' data held overseas. The new CLOUD Act, as it's called, had its supporters (big tech corporations like Apple, Google and Engadget's parent company Oath) and detractors (privacy advocates like the EFF) and redefines how the US negotiates with other nations for corporate information -- including text messages, emails and documents. Now the European Commission has proposed its own version of those rules to speed law enforcement access to data.

Ideally, this will smooth over a process that was so slow and unwieldy that it's lead to conflict between US and EU authorities, as happened when American authorities unsuccessfully tried to wrest data from Microsoft that was located in Ireland. While the tech titan won that legal challenge, as it happens, the Supreme Court dropped the appeal-in-process earlier this week, as the CLOUD Act essentially ensured Microsoft and other companies won't be able to enact the same defense next time. Per the new law, US authorities can request that information.

Under the EU proposal, online service providers would be required to respond to authorities' requests within ten days -- or, in emergencies, within six hours. Both are far quicker than the 120-day limit for the existing European Investigation Order used to ask for data. Authorities would also be able to command companies not to delete certain information while the request is being processed. Compliance is mandatory; The existing 'voluntary cooperation' model created too many challenges for companies and increased the uncertainty of law enforcement data requests.

The EU proposal only allows requests for 'electronic evidence,' which includes everything from communications to subscriber and traffic data, that is relevant to criminal investigations. Crucially, it only applies to stored information, not intercepting it in transit. Much like the US CLOUD Act, it establishes safeguards to protect user privacy. But according to the proposal's FAQ, the judge allowing the request will likely have to make the final call about whether it violates laws and interests of the country hosting the data.

The European Parliament needs to vote on the proposal before it becomes law, and may amend it along the way.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
278 Shares
Share
Tweet
Share
Save

Popular on Engadget

The 2019 Engadget Holiday Gift Guide

The 2019 Engadget Holiday Gift Guide

View
Nike will no longer sell its shoes and apparel on Amazon

Nike will no longer sell its shoes and apparel on Amazon

View
Japan's Hayabusa2 is returning to Earth with asteroid samples

Japan's Hayabusa2 is returning to Earth with asteroid samples

View
Google's patient data project 'Nightingale' is under investigation

Google's patient data project 'Nightingale' is under investigation

View
Traeger WiFi grills monitor your wood pellet supply with an $80 sensor

Traeger WiFi grills monitor your wood pellet supply with an $80 sensor

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr