The United States and United Kingdom on Thursday signed an agreement allowing British law enforcement authorities to quickly access data held by U.S. tech giants during criminal investigations.
The first-of-its-kind agreement is expected to reinvigorate a long-simmering debate over what kind of access police around the world should have to the reams of personal information stored by the Silicon Valley giants.
The deal announced by the Department of Justice on Thursday night will allow law enforcement agencies in the U.S. and U.K. to demand electronic data from tech giants based in each others’ country “without legal barriers,” speeding up a process that previously took up to two years.
The agreement will also allow British and American law enforcement officials to demand data pertaining to criminal investigations directly from tech companies like Facebook and Twitter rather than going through the government.
Law enforcement previously relied on mutual legal assistance agreements.
“This agreement will enhance the ability of the United States and the United Kingdom to fight serious crime — including terrorism, transnational organized crime, and child exploitation — by allowing more efficient and effective access to data needed for quick-moving investigations,” Attorney General William Barr said in a statement.
“Only by addressing the problem of timely access to electronic evidence of crime committed in one country that is stored in another, can we hope to keep pace with twenty-first century threats,” he added.
Law enforcement agencies and tech companies have long battled over how much access governments should be allowed to user data, as industry insists the companies have a mandate to protect their customers’ privacy and law enforcement argues that data can supercharge criminal investigations.
The deal reached with the U.K. is the first signed under the controversial 2018 CLOUD Act, or the Clarifying Lawful Overseas Use of Data Act, which allows the U.S. to send information from U.S. servers to criminal investigators in other countries on a case-by-case basis.
Before it was passed and signed into law, the CLOUD Act received enormous pushback from civil liberties advocates who said it could allow foreign governments to side-step Americans’ constitutional rights.
The American Civil Liberties Union (ACLU) said the legislation could “allow foreign governments to wiretap on U.S. soil under standards that do not comply with U.S. law,” among other concerns.
It was passed and signed into law as part of an omnibus spending bill last year.
Rep. Doug Collins (R-Ga.), the ranking member of the House Judiciary Committee and one of the original sponsors of the CLOUD Act, on Thursday lauded the U.S.-U.K. agreement.
“This CLOUD Act agreement between the United States and United Kingdom is an important step forward in helping law enforcement better combat crime and terrorism,” Collins said in a statement. “I am confident, as more countries update their legal processes, more governments will seek CLOUD agreements like the one signed today.”
The CLOUD Act does not give law enforcement officials the ability to access encrypted communications, a hot-button issue after Facebook has announced that it plans to completely encrypt all of its messaging services — across its WhatsApp, Instagram and Facebook Messenger units.
In an open letter released this week, the Trump administration urged Facebook to hold off on incorporating end-to-end encryption across its various messaging services until the company can address “public safety” issues with law enforcement agencies around the world.
In recent months, the Department of Justice has ramped up its anti-encryption fight as top officials have called for tech companies to build a “back door” to their encrypted communications. The so-called back door would allow law enforcement to access even those conversations meant to be hidden from government and industry.
The ACLU’s senior legislative counsel Neema Singh Guliani on Thursday called on tech companies to “resist these repeated attempts to weaken encryption that reliably protects consumers’ sensitive data from identity thieves, credit card fraud, and human rights abusers.”
And during a livestreamed Q&A on Thursday, Facebook CEO Mark Zuckerberg reiterated the company’s commitment to the encryption project, which has been touted as an effort to protect user privacy.
“I still think that the equities are generally in favor of moving towards end-to-end encryption,” he said.