25
Jan 2017
CPDP: Privacy and Cross-border Requests for Data
I&J contributed
January 10, 2017
Cross-border requests for data
Several important events in 2016 have greatly impacted discussions concerning cross-border requests for user data, including the Microsoft Ireland case, the draft US-UK data sharing agreement, and sustained calls for reforming Mutual Legal Assistance (MLA) and other systems related to criminal investigations and international data processing procedures.
These and other developments were analyzed in relation to privacy and civil liberties on January 26, 2017 at the "Privacy and Government Cross-border Requests for Data" session of the annual Computer Privacy and Data Protection conference. I&J's Executive Director, Bertrand de La Chapelle chaired the session, which was moderated by Professor Peter Swire.
Discussions revolved around the following questions:
- How can we best protect the interests of data subjects while enabling legitimate law enforcement requests, in an era where data is pervasively globalized and held in other jurisdictions?
- What is driving increased policy activity on issues of cross-border access to personal data by law enforcement?
- How well does the proposed US-UK agreement for these issues protect privacy and civil liberties?
- What are the actions of the EU Commission and Council of Europe in this area, including late 2017 action items announced by the Commission?
- How well are proposed reforms applying to countries outside of the EU and US, including Brazil and India?
Participants
Cathrin Bauer-Bulst
Deputy Head of Unit, Fight Against CybercrimeDG HOME, European Commission
Jennifer Daskal
Associate ProfessorAmerican University Washington College of Law
Nicole Jones
Senior Counsel, Law Enforcement and SecurityBertrand de La Chapelle
Executive DirectorInternet & Jurisdiction Policy Network
Caroline Wilson Palow
General CounselPrivacy International
Ralf Sauer
Head of International Sector, DG JUSTEuropean Commission
Peter Swire
Professor of Law and EthicsGeorgia Tech University
Video courtesy of CPDP
MLAT and beyond
2017 marks the 10th anniversary of the annual CPDP conference. The event brings together lawyers, practitioners, policy-makers, industry leaders, and civil society from around the world to exchange ideas and discuss the latest emerging issues and trends in Internet governance. During the last CPDP conference in early 2016, Internet & Jurisdiction's Bertrand de La Chapelle highlighted jurisdictional tensions requiring structural MLAT reform, particularly when the sole nexus of connection with the US is the location of the operator.
At the Global Internet and Jurisdiction Conference in November, 2016, a diverse group of multistakeholder participants built upon related global dialogues in the Data & Jurisdiction workstream, concretely identifying several potential improvements to cross-border request systems, including:
- Standards for user notification,
- Modalities for the authentication of requests, and
- The establishment of single points of contact as potential improvements to cross-border request systems.
Additional outcomes from the Global Internet and Jurisdiction Conference can be found in the Secretariat Summary of the event.
Cross-border requests for data
Several important events in 2016 have greatly impacted discussions concerning cross-border requests for user data, including the Microsoft Ireland case, the draft US-UK data sharing agreement, and sustained calls for reforming Mutual Legal Assistance (MLA) and other systems related to criminal investigations and international data processing procedures.
These and other developments were analyzed in relation to privacy and civil liberties on January 26, 2017 at the "Privacy and Government Cross-border Requests for Data" session of the annual Computer Privacy and Data Protection conference. I&J's Executive Director, Bertrand de La Chapelle chaired the session, which was moderated by Professor Peter Swire.
Discussions revolved around the following questions:
- How can we best protect the interests of data subjects while enabling legitimate law enforcement requests, in an era where data is pervasively globalized and held in other jurisdictions?
- What is driving increased policy activity on issues of cross-border access to personal data by law enforcement?
- How well does the proposed US-UK agreement for these issues protect privacy and civil liberties?
- What are the actions of the EU Commission and Council of Europe in this area, including late 2017 action items announced by the Commission?
- How well are proposed reforms applying to countries outside of the EU and US, including Brazil and India?
Participants
Cathrin Bauer-Bulst
Deputy Head of Unit, Fight Against CybercrimeDG HOME, European Commission
Jennifer Daskal
Associate ProfessorAmerican University Washington College of Law
Nicole Jones
Senior Counsel, Law Enforcement and SecurityBertrand de La Chapelle
Executive DirectorInternet & Jurisdiction Policy Network
Caroline Wilson Palow
General CounselPrivacy International
Ralf Sauer
Head of International Sector, DG JUSTEuropean Commission
Peter Swire
Professor of Law and EthicsGeorgia Tech University
Video courtesy of CPDP
MLAT and beyond
2017 marks the 10th anniversary of the annual CPDP conference. The event brings together lawyers, practitioners, policy-makers, industry leaders, and civil society from around the world to exchange ideas and discuss the latest emerging issues and trends in Internet governance. During the last CPDP conference in early 2016, Internet & Jurisdiction's Bertrand de La Chapelle highlighted jurisdictional tensions requiring structural MLAT reform, particularly when the sole nexus of connection with the US is the location of the operator.
At the Global Internet and Jurisdiction Conference in November, 2016, a diverse group of multistakeholder participants built upon related global dialogues in the Data & Jurisdiction workstream, concretely identifying several potential improvements to cross-border request systems, including:
- Standards for user notification,
- Modalities for the authentication of requests, and
- The establishment of single points of contact as potential improvements to cross-border request systems.
Additional outcomes from the Global Internet and Jurisdiction Conference can be found in the Secretariat Summary of the event.