Attorney General Peter F. Kilmartin today joined a bipartisan coalition of attorneys general in urging Congress to pass the Clarify Lawful Overseas Use of Data ("CLOUD") Act that would clarify when law enforcement can obtain email data stored on foreign servers. Attorney General Kilmartin was among the attorneys general of the 36 states and the National Association of Attorneys General to sign the bipartisan letter. The CLOUD Act would update and amend several provisions of the Stored Communications Act ("SCA").
Under the SCA, a law enforcement agency may obtain a warrant to search an individual's email or other online account if a reviewing court finds probable cause that the account contains evidence of a crime. Once issued, an SCA warrant is served on a service provider who must then collect the requested data and provide it to law enforcement. State and local law enforcement agencies routinely use SCA warrants to investigate all manner of local crime, from drug trafficking to murder to child sexual exploitation.
Recently, however, some service providers have argued that an SCA warrant cannot be enforced when the data being sought is stored on a foreign server, even if the provider and the customer who created the data are in the United States and that data can be accessed from the United States. The providers and others have argued that requiring compliance with an SCA warrant in this situation would be an extraterritorial application of a domestic law and would raise significant privacy and international comity concerns. This dispute has spawned litigation across the country, including the case of United States v. Microsoft, which is currently pending in the United States Supreme Court. Vermont Attorney General Donovan previously filed an amicus brief in that case on behalf of 35 states and the Commonwealth of Puerto Rico.
Today's letter urges Congress to pass the CLOUD Act as "an important step toward resolving this dispute." The CLOUD Act "both confirms law enforcement's ability to obtain probable-caused based warrants for electronic communications stored abroad and creates a clear avenue for service providers to challenge an SCA warrant that targets a foreign person and which would require a provider to violate foreign law. The Act also creates incentives for our foreign partners to enter into bilateral agreements that will facilitate cross-border criminal investigations, while ensuring that privacy and civil liberties are respected."
"With an increased use of online communications to conduct criminal activity, it is clear that United States law enforcement agencies need to be able to access individual emails and online accounts through an SCA warrant as a basic part of legitimate criminal investigations. We believe the amendments to the SCA proposed under the CLOUD Act provide a reasonable solution to obtaining foreign-stored data without compromising privacy and civil rights concerns," added Attorney General Kilmartin.
Today's letter was joined by the attorneys general of Vermont, Utah, Alabama, Alaska, Colorado, Delaware, Florida, Hawaii, Idaho, Indiana, Iowa, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Minnesota, Mississippi, Nebraska, Nevada, New Jersey, New Mexico, New York, North Carolina, North Dakota, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Carolina, South Dakota, Virginia, Washington, Wisconsin, and Wyoming. ###