This article is from the Electronic Frontier Foundation, which fights for your digital freedoms, about an agreement between the US and the UK which would allow the UK police access to data held by American companies without following US privacy laws or the 4th Amendment.
Unless Congress stops it, foreign police will soon be able to collect and search data on the servers of U.S. Internet companies. They’ll be able to do it without a probable cause warrant, or any oversight from a U.S. judge. This is all happening because of a new law enforcement deal between the U.S. and the United Kingdom. And while it seeks to exclude purely domestic correspondence between U.S. citizens and residents, plenty of Americans’ data will get swept up when they communicate with targeted individuals located abroad.
This is all happening because, for the first time, the U.S. executive branch is flexing its power to enter into law enforcement agreements under the CLOUD Act. We’ve been strongly opposed to this law since it was introduced last year. The recently signed deal between the U.S. Department of Justice and the U.K. Home Office will allow U.K. police easy access to data held by American companies, regardless of where the data is stored. These U.K. data requests, including demands to collect real-time communications, do not need to meet the standards set by U.S. privacy laws or the 4th Amendment. Similarly, the deal will allow U.S. police to grab information held by British companies without following U.K. privacy laws.
This deal, negotiated by American and British law enforcement behind closed doors and without public input, will deal a hammer blow to the legal rights of citizens and residents of both countries. And the damage won’t stop there. The U.S.-U.K. Cloud Act Agreement may well become a model for further bilateral deals with other foreign governments and the United States. Earlier this month, Australian law enforcement agencies began negotiating their own deal to directly access private information held by U.S. Internet companies.
There’s still one possible path to put the brakes on this disastrous U.S.-UK deal: Congress can introduce a joint resolution of disapproval of the agreement within 180 days. This week, EFF has joined 19 other privacy, civil liberties, and human rights organizations to publish a joint letter explaining why Congress must take action to resist this deal.
No Prior Judicial Authorization
In the U.S., the standard for when law enforcement can collect stored communications content is clear: police need to get a warrant, based on probable cause. If police want to wiretap an active conversation, they have to satisfy an even higher standard, sometimes called a “super warrant,” that limits both the timing and use of a wiretap. Perhaps most importantly, stored communications warrants and wiretap warrants have to be signed by a U.S. judge, which adds an extra layer of review to whether privacy standards are met. At EFF, a core part of our work is insisting on the importance of a warrant in many different scenarios.
Judicial authorization is a critical step in the U.S. warrant process. When police search people’s private homes, offices, or devices, they must justify why the search for specific evidence outweighs the presumption that individuals remain free from government intrusion. Judicial authorization acts as a safeguard between citizens and law enforcement. Further, history has shown that police can and will abuse their powers for intimidation, or even personal gain. In colonial times, the British military used general warrants to search through colonists’ houses and seize property—actions that helped fuel a revolution, and formed the basis for the 4th Amendment to the U.S. Constitution.
Incredibly, the DOJ has just thrown those rights away. Instead of relying on probable cause, the new agreement uses an untested privacy standard that says that orders must be based on a “reasonable justification based on articulable and credible facts, particularity, legality, and severity.” No judge in any country has decided what this means. Continue reading “EFF: US-UK Agreement to Allow Warrantless Access to US Internet Servers”