When the U.S. government conducts electronic surveillance, there are a variety of legal authorities on which it relies.  The Wiretap Act, for example, authorizes the government to conduct live telephone wiretaps in certain criminal investigations; for electronic data, the Act also permits the government to acquire electronic communications in real time.  The Stored Communications Act (“SCA”) authorizes the government to obtain stored electronic data, including the content of email messages hosted online for criminal investigations.…

On Wednesday, the U.S. Department of Justice released a white paper and FAQ on the Clarifying Lawful Overseas Use of Data (“CLOUD”) Act, which was enacted in March 2018 and creates a new framework for government access to data held by technology companies worldwide.  The paper, titled “Promoting Public Safety, Privacy, and the Rule of Law Around the World: The Purpose and Impact of the CLOUD Act,” addresses the scope and purpose of…

This article originally appeared in Global Data Review on March 29, 2019 Last year, the US passed legislation expanding the geographic reach of certain legal process, including search warrants, issued to technology providers seeking customer data. Under the Clarifying Lawful Overseas Use of Data (CLOUD) Act, warrants issued by US courts can force certain types of providers to disclose customer data stored anywhere in the world. Notably, the CLOUD Act does not affect only US…

[This article also was published in Law360.] In March 2017, Rep. Tom Graves, R-Ga., introduced a draft bill titled the Active Cyber Defense Certainty Act. The bill would amend the Computer Fraud and Abuse Act to enable victims of cyberattacks to employ “limited defensive measures that exceed the boundaries of one’s network in order to monitor, identify and stop attackers.”[1] More specifically, the ACDC would empower individuals and companies to leave their own network…

Covington’s Alex Berengaut and Kate Goodloe today hosted a webinar on the Clarifying Lawful Overseas Use of Data (“CLOUD”) Act.  The CLOUD Act was signed into law in March and creates a new framework for government access to data held by technology companies worldwide.  The webinar, hosted with DataGuidance, is available here.  The webinar expands on many aspects of the CLOUD Act we previously covered on this blog.…

In a decision that defines how the Fourth Amendment applies to information collected in the digital age, the Supreme Court today held that police must use a warrant to obtain from a cell phone company records that detail the location and movements of a cell phone user.  The opinion in Carpenter v. United States limits the application of the third-party doctrine, holding that a warrant is required when an individual “has a legitimate privacy interest…