What you need to know about the US CLOUD Act and the UK COPOA Act

A new data access agreement between the UK and US streamlines law enforcement’s ability to gain access to data held on foreign soil.

The UK and US governments have signed a new data sharing agreement that allows law enforcement officials quicker and easier access to data held by digital service providers in their counterpart countries. While this law doesn’t allow law enforcement to request data directly from companies on the other side of the Atlantic, data companies store in the cloud could be more easily accessed by foreign agencies.

The new agreement enacts measures first defined in the US CLOUD Act and the UK COPOA Act.

What are the US CLOUD Act and the UK COPOA Act?

Brought about partly due to difficulties the FBI faced in forcing Microsoft to hand over data stored on servers in Ireland, the Clarifying Lawful Overseas Use of Data (CLOUD Act) Act was signed into law in 2018. Under the act, US law enforcement can compel US technology companies to hand over data stored on servers, whether the data is stored in the US or on foreign soil. It also allows bilateral agreements with foreign governments to request electronic data from the US in exchange for reciprocal arrangements.

The UK Crime (Overseas Production Order) Act (COPOA) 2019, which received Royal Assent in February 2019 along with previous legal precedents, allows the UK access to seek access to data held overseas to help with investigations conducted by the Serious Fraud Office (provided the UK has an agreement with the country in which the data is held).

To continue reading this article register now

22 cybersecurity myths organizations need to stop believing in 2022