Hogan Lovells today published an update to the White Paper A Sober Look at National Security Access to Data in the Cloud, which compares national security access to data stored with Cloud service providers in a number of countries. The White Paper adds analyses of the laws of Brazil, Italy, and Spain, and reflects the April 2014 opinion of the European Court of Justice invalidating the EU Data Retention Directive. The updated paper now compares the national security access laws of the United States, Australia, Brazil, Canada, France, Germany, Italy, Spain, and the United Kingdom.
As with the previous version – originally published in May 2013 just weeks before The Guardian published its first article based on information provided by former NSA contractor Edward Snowden – the updated White Paper concludes, notwithstanding legitimate questions about the scope and extent of U.S. foreign intelligence surveillance, that U.S. law imposes at least as much, if not more, due process and oversight on foreign intelligence surveillance than other countries afford in similar circumstances.
- Pan-American Governmental Access to Data in the Cloud (July 2014), comparing the mechanisms that that the United States and governments in Latin America (Argentina, Brazil, Chile, Colombia, Mexico, Panama, and Peru) can use to access Cloud data during the course of law enforcement activities.
- Individual Rights to Challenge Government Access to Data in the Cloud (September 2013), comparing the ability of citizens and non-citizens to challenge government access to data in the U.S., France, Germany, the UK, and Australia.
- An Analysis of Service Provider Transparency Reports on Government Requests for Data (August 2013), comparing the number of government access requests to Cloud service providers who have published those numbers. Since we published the paper, more service providers have released transparency reports, so we may update this over the summer.
- A Global Reality: Governmental Access to Data in the Cloud (May 2012), similar to Pan-American Governmental Access, comparing the mechanisms that law enforcement in the United States and other countries around the world (Australia, Canada, Denmark, France, Germany, Ireland, Japan, Spain, and the United Kingdom) can use to access data in the Cloud.