Alphabet Inc’s Google will press U.S. lawmakers on Thursday to update laws on how governments access customer data stored on servers located in other countries, hoping to address a mounting concern for both law enforcement officials and Silicon Valley. The push comes amid growing legal uncertainty, both in the United States and across the globe, about how technology firms must comply with government requests for foreign-held data. That has raised alarm that criminal and terrorism investigations are being hindered by outdated laws that make the current process for sharing information slow and burdensome. Kent Walker, Google’s senior vice president and general counsel, will announce the company’s framework during a speech in Washington, D.C., at the Heritage Foundation, a conservative think tank that wields influence in the Trump White House and Republican-controlled Congress.
The speech urges Congress to update a decades-old electronic communications law and follows similar efforts by Microsoft Corp. Both companies had previously objected in court to U.S. law enforcement efforts to use domestic search warrants for data held overseas because the practice could erode user privacy. But the tech industry and privacy advocates have also admitted the current rules for appropriate cross-border data requests are untenable. The Mountain View, California-based company calls for allowing countries that commit to baseline privacy, human rights and due process principles to directly request data from U.S. providers without the need to consult the U.S. government as an intermediary. It is intended to be reciprocal.
Countries that do not adhere to the standards, such as an oppressive regime, would not be eligible. Google did not detail specific baseline principles in its framework.”This couldn’t be a more urgent set of issues,” Walker said in an interview, noting that recent acts of terrorism in Europe underscored the need to move quickly. Current agreements that allow law enforcement access to data stored overseas, known as mutual legal assistance treaties, involve a formal diplomatic request for data and require the host country obtain a warrant on behalf of the requesting country. That can often take several months. In January, a divided federal appeals court refused to reconsider its decision from last year that said the U.S. government could not force Microsoft or other companies to hand over customer data stored abroad under a domestic warrant.
The U.S. Justice Department has until midnight on Friday to appeal that decision to the Supreme Court. It did not respond to a request for comment. U.S. judges have ruled against Google in similar recent cases, however, elevating the potential for Supreme Court review. Companies, privacy advocates and judges themselves have urged Congress to address the problem rather than leave it to courts. Google will also ask Congress to codify warrant requirements for data requests that involve content, such as the actual message found within an email. Chris Calabrese, vice president of policy at the Center for Democracy & Technology, said Google’s framework was “broadly correct” but urged caution about the process for letting countries make direct requests to providers. “We need to make sure the people in the club are the right people,” he said.