Australia and the United States are paving the way for better electronic data sharing after signing an agreement last year. The two governments say the deal will provide law enforcement agencies in each country with faster access to electronic data for the purpose of preventing, detecting, investigating and prosecuting serious crime.
The CLOUD Act agreement will help provide Australian and US law enforcement agencies with timely access to electronic data for the prevention, detection, investigation and prosecution of serious crime, including child sexual abuse, ransomware attacks, terrorism and the sabotage of critical infrastructure on the Internet.
Behind the agreement is the Clarifying Unlawful Overseas Use of Data (CLOUD) Act passed by the US Congress in 2018. The Act allows authorities in each country to access certain electronic data from communications service providers in the jurisdiction of the other party.
Australia-based email providers, carriers, social media platforms and cloud storage services will now respond directly to US-based agencies like the FBI.
The US Department of Justice says the number of requests from foreign agencies soliciting data from US-based communications service providers has grown rapidly in recent years.
The CLOUD Act responds to this demand and attempts to expedite access to electronic data and subsequent prosecutions.
The bilateral nature of the Bill gives the US access to electronic data held in certain foreign jurisdictions. Previously, Australia and the US have relied on mutual legal assistance treaties to hand over electronic data
In June 2021, the Australian government passed the Telecommunications Legislation (International Production Orders) Bill 2020 to facilitate cooperation with the United States under the provisions of the CLOUD Act.
Under the CLOUD Act, foreign authorities can forward their “requests” for certain electronic data directly to offshore vendors in accordance with US law, and vendors can disclose reactive data directly to foreign authorities.
“The Agreement paves the way for more efficient cross-border transfers of data between the United States and Australia, so that our governments can more effectively counter serious crime, including terrorism, while adhering to the privacy and civil liberties values that we both share,” said US Attorney General Merrick B. Garland
The Justice Department notes that the CLOUD Act does not give the government carte blanche for electronic data. The data is only accessible to obtain information relating to the prevention, detection, investigation or prosecution of serious crimes and only in response to legal proceedings.
The Justice Department says existing legal agreements and processes already allow it and other countries to access electronic data. The CLOUD Act simply speeds up the process. The United States has already signed an electronic data sharing agreement with the United Kingdom under the provisions of the CLOUD Act.
Keywords in the agreement with Australia include access to “certain” electronic data relating to “serious” crimes. Examples of serious crimes cited include child exploitation, ransomware attacks, terrorism, and cyber attacks on critical infrastructure.
Like clear is what “certain” data is and how “privacy and civil liberties” will be protected.
“By strengthening both nations’ ability to fight crime and giving our law enforcement agencies more efficient access to evidence, we’re ensuring the safety, security, and prosperity of our citizens,” said Australia’s Minister for Home Affairs, Karen Andrews.
The Australian government has previously confirmed that it remains open to negotiating further agreements with “like-minded foreign governments” on reciprocal access to communications data.