This paper addresses an important practical topic – when does the EU General Data Protection Regulation (GDPR) act as a “blocking statute,” to prohibit transfers of personal data in response to requests by non-EU law enforcement agencies? Since the GDPR went into effect in 2018, there has been considerable discussion of this issue, most notably when there is a request from US law enforcement for emails and other records held by Internet and Cloud Service Providers. [...]

Professor Theodore Christakis’s European Law Blog article 21 Thoughts and Questions about the UK-US CLOUD Act Agreement: (and an Explanation of How it Works – with Charts) unpacks, to the extent possible, the terms of the agreement not only to understand the basic mechanisms underlying it, but also to consider the International and Human Rights Law implications – including from a European Law perspective. [...]

Professors Jennifer Daskal and Peter Swire’s article The U.K.-U.S. CLOUD Act Agreement Is Finally Here, Containing New Safeguards examines the long-awaited data-sharing agreement and the first of the executive agreements envisioned by the CLOUD Act.  The article assesses what’s new about the agreement; what’s surprising; and why—despite the critics—the authors continue to view these agreements as positive developments that protect privacy and civil liberties, accommodate divergent norms across borders, and respond to the reality that digital evidence critical even to [...]