In a landmark ruling, US based cloud companies must comply with search warrants if the federal government requests data that is housed in another country. Judge James Francis in New York recently ruled that US companies must comply with search warrants for internationally housed data.
Although a legal framework already exists for the USA to gain access to international cloud data, this ruling takes precedence because it puts the burden on the company versus what some legal experts dub as “Mutual legal assistance.” The previous framework required that the nations work together in efforts to gain access to the data in question. Judge Francis notes that the old process “generally remains slow and laborious, as it requires the cooperation of two governments and one of those governments may not prioritize the case as highly as the other.”
Francis went on to say that the old process pertains to traditional search warrants. However, under the Stored Communications Act, he contends that this act encompasses all data regardless of where the data is physically housed. In Francis’ ruling, he writes, “Even when applied to information that is stored in servers abroad, an [U.S. Stored Communications Act] Warrant does not violate the presumption against extraterritorial application of American law.”
This ruling could cause US cloud businesses to suffer. It’s no secret that the public cloud market is poised to grow at exponential rates over the next few years with many of the new clientele being international organizations. As corporations look for ways to keep their data private from both hackers and foreign government agencies, rulings such as the one made by Judge Francis will cause some international organizations to rethink their cloud strategies and seek out regional providers that can assure data privacy from foreign governments. As CloudWedge noted several weeks ago, the EU plans to create a “Great Firewall” which many analysts feel will hurt US based cloud provider’s business prospects across the pond.