This post provides a link to a chapter of the book “Surveillance and Privacy in the Digital Age: European, Transatlantic, and Global Perspectives” (Bloomsbury Publishing, 2021), edited by Valsamis Mitsilegas and Niovi Vavoula, and is provided here with the permission of the publisher. Cloud computing has revolutionized the ways in which individuals, companies and governments operate in the twenty-first century.  Such progress however can also beget more sophisticated mechanisms for coordinating and executing criminal acts.  When evidence sought by one government [...]

In the IAPP piece New EU data blockage as German court would ban many cookie management providers, Dan Felz and Peter Swire examine the potential EU-wide impacts of a Wiesbaden court decision prohibiting a cookie management provider from utilizing a U.S.-based service to collect data, regardless of whether such data had ever actually been transferred out of the EU. Although the decision was made at the interim injunction stage and could thus be modified if the case proceeds to trial, its [...]

In the Monday, December 20th Lawfare article titled Towards OECD Principles for Government Access to Data: Can Democracies Show the Way?, Theodore Christakis, Kenneth Propp and Peter Swire discuss the role that democracies can play in establishing trusted international standards for cross-border data flows.  Drawing upon documents made available by the Organization for Economic Cooperation and Development (OECD) as well as interviews conducted by the team with governments, institutions, corporate bodies and academic thought leaders in the field, the authors [...]

France’s national cybersecurity agency (known as ANSSI) is revising its cybersecurity certification and labeling program (known as SecNumCloud) to disadvantage—and effectively preclude—foreign cloud firms from providing services to government agencies as well as 600-plus firms that operate “vital” and “essential” services. If put into place without changes, it would essentially make it impossible for foreign cloud firms, or firms using services from foreign cloud firms, to be considered “trusted.” The regulation includes severe, China-like restrictions that force foreign firms to [...]