When Foreign Governments Want Your Stuff (International Event)On September 28, 2018 by Carley Grace
I recently attended a seminar called When Foreign Governments Want Your Stuff: Cross Border Content Demands in the 21st Century. The speaker, Greg Nojeim, opened with a hypothetical situation. There has been a terrible murder in Germany. In order to get the evidence they need to arrest the suspect, they need access to his browsing history. Since the suspect was using Google, an American company, the German government needs to go through the US government and get a warrant to receive the data from Google. The entire process took too long and the suspect has now fled to Argentina. This has happened too many times, and now foreign governments are taking matters into their own hands.
What we now have is called the CLOUD Act. It is the set of laws US tech companies must follow when sharing data with foreign countries. It was a fairly controversial act to pass. The act grants companies the to give an individual’s personal data. Where they’ve been, what they’ve bought, who they’ve talked to, and can even gain access to private emails. The act allows countries to submit requests for information to US companies, however it is up to the company’s discretion as to whether they release the information or not. Also, countries who have filled out more requests have an advantage over countries wh0 don’t request information as often. The frequent form filling countries know exactly what the tech companies want to see, they’ve had plenty of practice. A small country that does not usually have a need for information, or that a company is not afraid of upsetting will not receive the information they want. Another perk the government gains from the CLOUD Act, is that the US government can use a warrant on any US company, even if the information is not on US soil. This part was implemented after the Microsoft-Ireland case went down. The US government wanted to access a certain piece of information that was held in Ireland. Microsoft argued the US needed to follow Irish policy to get the information. The US argued that since it is an American company, the data they had was subject to American jurisdiction, so they took it to court. Microsoft won every case until the supreme court.
This was only a fraction of what I learned. This is a big grey issue, there are a bunch sketchy ethics, possible violation of human rights, shifty under the table treaties, and all sorts of other issues the international public should know about. These are issues that affect anyone who has ever accessed the internet, yet hardly anyone even knows what foreign governments are doing with your personal data; what your own government is doing with your personal data.
I absolutely loved the seminar. As a computer science major, I’m always fascinated to see how technology plays a role in controversial issues, like crime and the government. It gave me a glimpse into how other countries treat each other in cyber-affairs and how the system is oppressive to less important countries.