5 Dec 2012
Patriot Act can “obtain” data in Europe
Three researchers from the Institute for Information Law, University of Amsterdam, have published a research paper titled “Cloud Computing in Higher Education and Research Institutions and the USA Patriot Act”.
This paper, support previous reports that the anti-terror Patriot Act could be theoretically used by U.S. law enforcement to bypass strict European privacy laws to acquire citizen data within the European Union.
Axel Arnbak, one of the authors of the research paper, said :
Most cloud providers, and certainly the market leaders, fall within the U.S. jurisdiction either because they are U.S. companies or conduct systematic business in the U.S.
The research paper says:
It is a persistent misconception that U.S. jurisdiction does not apply if the data are not stored on U.S. territory. The key criterion in this respect is whether the cloud provider conducts systematic business in the United States, for example because it is based there or is a subsidiary of a U.S.-based company that controls the data in question.