In a White Paper (“A Global Reality: Governmental Access to Data in the Cloud”) published by Hogan Lowells, which you can find HERE, a not so surprising conclusion arises:
The White Paper reveals that every jurisdiction examined vests authority in the government to require a Cloud service provider to disclose customer data. It explains why the access provisions of the USA Patriot Act are narrower than commonly thought.
The White Paper also reveals that, unlike in the United States where the law specifically protects cloud data from access by the government without legal process, data stored in the Cloud may be disclosed to governmental authorities voluntarily in some jurisdictions, without legal process and protections.
You can find the original news HERE.
I have no idea if the US government had anything to do with this study, but it’s definitely worth to have a look into the White Paper. It is indeed the US government that most of the privacy aware individuals accuse of being over-intrusive, especially after the enactment of the Patriot Act. However, it comes with no surprise that other governments have wide access to data stored in Clouds.
On the other hand, it remains a fact that the US has no unitary legal mechanism for protection of personal data, unlike the European countries analyzed in this report, which are bound by several European Union directives and by Art. 8 of the Charter of Fundamental Rights of the European Union to protect the right to the protection of personal data. This right of course has its limitations, and public interest in various forms is the most important one. There are also exceptions regarding journalistic purposes or research purposes.
It should also be noted that the Obama administration has made some efforts into this direction, by publishing this year the Consumers Privacy Bill of Rights, even though its provisions are not directly applied in disputes but are meant to guide the enactment of further legislation in this field and self-regulatory statues of companies.