Professor Andrew Woods' Op-Ed Published in NY Times

December 2, 2015

Andrew Keane Woods, Assistant Professor of Law, recently had his op-ed piece, “Dark Clouds Over the Internet,” published in The New York Times. The piece focuses on the international battle to regulate personal data on the Internet, possible compromise of individuals’ privacy rights, and the rights of governments to “seek user data beyond their territorial reach.” Woods explores the dangerous possibilities of a “less secure, less efficient Internet” if international agreements aren’t negotiated. An excerpt from his op-ed is below:

But governments do have legitimate reasons to seek user data beyond their territorial reach, and privacy advocates ignore that need at their peril.

Ask a police officer anywhere outside of the United States and he’ll tell you that evidence for routine crimes — murder, theft, burglary — is very often stored in the cloud, typically in another jurisdiction. Last year alone, British law enforcement agents made nearly 54,000 requests for data from just five American firms: Facebook, Google, Microsoft, Twitter and Yahoo.

These requests often go nowhere because America’s 1986 Electronic Communications Privacy Act only allows technology firms to release American-held data in response to orders from an American judge. So if a British cop is investigating a murder in London, and he has good reason to believe that Google or Facebook has evidence about the crime, he must satisfy an American judge using an American constitutional standard to obtain the evidence. This cross-border process is notoriously slow. Requests take an average of 10 months — an eon in a criminal investigation — and many languish for years.

Exasperation with this process was a key motivation behind the Snoopers’ Charter, and Britain is hardly alone.

Because American law has made it nearly impossible to obtain digital evidence through legitimate channels, foreign police are turning to illegitimate ones. I recently attended a conference for purveyors of surveillance software — an event unofficially known as the “Wiretappers’ Ball.” I asked one vendor if he was aware of law enforcement’s frustrations with American tech firms. The salesman grinned and told me that police departments now buy his malware precisely because they’re tired of waiting for evidence through established diplomatic channels. This is alarming: Making it harder for the police to get criminal evidence lawfully may actually incentivize them to seek that data by snooping.