Skip to main content

US Cloud: US laws affecting EU citizens

info

heise: Wie die EU Recht anpasst, um US-Clouds trotz aller Bedenken nutzbar zu halten

WBS Legal: Können US-Behörden meine Daten abgreifen?

  • 1986: Electronic Communications Privacy Act (ECPA)

    • includes Stored Communications Act (SCA)
    • extended in 2018 by CLOUD Act
      • the location of the company is relevant, not where the data center is ( → a US based company with data centers in Europe still has to hand over data from data centers in Europe)
      • Extension was triggered when Microsoft denied hand over of data of EU citizens stored in Ireland

  • 1978: Foreign Intelligence Surveillance Act (FISA)

    • Surveillance of persons living in the US and collection of telecommunication outside the US by US intelligence service without individual approval by a judge or similar
    • Data of EU citizens on US-servers are always in principle accessible by US authorities (see heise article)