Reasonable Laws to Facilitate Cross-Border Access to Extraterritorial Data Related to Criminal Offenses or Held by Service Providers
Submitted by the Homeland Security, Police Investigative Operations, and Computer Crime and Digital Evidence Committees
HSC.09.t2018
WHEREAS, many criminal investigations require access to electronic evidence that is stored in other jurisdictions, including the “cloud”; and
WHEREAS, cross-border access is one of the most pressing issues for law enforcement around the globe, particularly in the areas of sexual exploitation of children, fraud, cyberterrorism, trafficking of illicit drugs, and organized crime; and
WHEREAS, the current procedure presents challenges in terms of the voluntary collaboration of service providers, cooperation between police forces, the implementation of certain investigative techniques and the effective implementation of international mutual legal assistance in criminal matters; and
WHEREAS, the Parties to the Budapest Convention on Cybercrime agreed, on June 8, 2017, to launch the preparation of a protocol to this treaty to help law enforcement secure evidence on servers in foreign, multiple or unknown jurisdictions; and
WHEREAS, that Protocol could include provisions for elements such as:
- more effective mutual legal assistance,
- enhanced cooperation with service providers in other jurisdictions,
- a clear framework and stronger safeguards related to cross-border access to data, and;
- safeguards, including data protection requirements; and
WHEREAS, many IACP member countries are Parties to that Convention and are participating in this work; and
WHEREAS, the United States of America have enacted, on March 23, 2018, the Clarifying Lawful Overseas Use of Data Act (CLOUD Act); and
WHEREAS, this Act provides, among other things, for an alternative and expedited mutual legal assistance treaty (MLAT) procedure through bilateral executive agreements with foreign countries to provide data on United States citizens, permanent residents and corporations in a simplified manner to these countries, provided that the Attorney General, with the concurrence of the Secretary of State, is of the opinion that the foreign country has sufficient safeguards to restrict access to data concerning such persons. Now, therefore, be it
RESOLVED, the International Association of Chiefs of Police supports the negotiations on the 2nd Additional Protocol to the Budapest Convention on Cybercrime to address the challenges of cross-border access to digital evidence in criminal matters; and be it
FURTHER RESOLVED, the International Association of Chiefs of Police urges the Governments of their members to negotiate bilateral data-sharing agreements with the United States of America who are authorized to do so pursuant to the CLOUD Act; and be it
FURTHER RESOLVED, the International Association of Chiefs of Police urges member Governments to engage in meaningful consultation with their National Law Enforcement Leadership during the development of these instruments.