Since the Edward Snowden revelations of 2013, foreign governments have raised concern about the safety of their citizens’ data stored by American Internet companies.
They believe U.S. law enforcement authorities have access to any cloud-based data — and it’s putting the $174 billion industry at risk.
Alert to these fears, a bipartisan coalition in Congress is working to ensure American companies can assuage these concerns. Their solution is the Law Enforcement Access to Data Stored Abroad Act introduced by Sens. Chris Coons, Orrin G. Hatch and Dean Heller, and in the House by Reps. Suzan DelBene and Tom Marino.
The legislation effectively balances law enforcement investigative authority with updated data privacy protections that reflect our transition to a mobile economy. Most importantly, it demonstrates to our trading partners that we respect their sovereignty within their borders. The need for this measure is urgent.
Already, the vast majority of global commerce has moved to the cloud. Companies remotely store data where it can be accessed at any physical site or by employees anywhere in the world. Cloud computing is essential to the customer interactions and business-to-business transactions of today.
The emergence of the cloud has also revolutionized how we communicate and access content. Services we take for granted such as Web-based email, apps, streaming movies and digital music owe their successes to the cloud.
Nearly everything we do on smartphones is a cloud-based service. It’s where people store data that’s important to them — from sensitive medical and financial information to family pictures and email.
The cloud vastly improves convenience and efficiency, but its success is dependent upon confidence in data security. It’s hard to dismiss the privacy concerns expressed by our foreign trading partners when they know the U.S. monitors the phones of their heads of state.
The revelations of U.S. surveillance have led to a steep drop in confidence in American Internet companies, with European leaders even proposing a Europe-only cloud. And these proposals aren’t coming from fringe actors. German Chancellor Angela Merkel and former European Commission Vice President Neelie Kroes are among the leading voices calling for these drastic steps.
Unfortunately, recent actions by the U.S. government are making things worse. In a case now winding its way through the courts, the Department of Justice claims it can legally access personal data stored anywhere in the world by an American company.
In other words, the DOJ can compel any U.S. company to violate the privacy laws of the countries in which they operate. This sends the message that U.S. companies will not respect the sovereignty of countries where they have overseas operations. It should come as no surprise that this overreach sparks outrage.
What is regrettable is this is entirely unnecessary. Congress has ratified Mutual Legal Assistance Treaties with many of our trading partners to facilitate cooperation on criminal investigations. There is an MLAT treaty in place that DOJ could have used to work with the host country to serve a warrant instead of bringing an American company to court.
This warrant case only encourages foreign leaders who argue American companies should be excluded from providing cloud services within their borders. That would shut out companies such as Microsoft, Amazon, Apple, Cisco and Google. If these companies were banned from foreign markets, it would have a devastating impact on the U.S. technology industry.
Such actions would have significant consequences for the $87 billion mobile app industry. App companies are found in every congressional district, and make a large portion of their revenue from overseas sales through the Apple App Store, Google Play and Microsoft’s Windows Phone store. If those companies are restricted from operating in foreign markets, app makers would be left without a marketplace.
The Snowden revelations aren’t a genie we can stuff back in the bottle. And the DOJ is continuing to pursue its warrant case. But Congress can address those concerns and ensure that American Internet companies can safely store critical data abroad. Passage of the LEADS Act will strengthen consumer privacy rights, clearly define the framework for law enforcement and allow American technology companies to continue innovating.
Morgan Reed is executive director of ACT | The App Association.