Accessing Data in the Cloud
This chapter describes the legal framework governing law enforcement access to data in a cloud environment, giving particular attention to developments in the European Union, the United States, and international law, specifically the Council of Europe Cybercrime Convention (Cybercrime Convention). The Convention addresses the investigation and prosecution of cybercrime within the domestic jurisdiction, as well as facilitating international co-operation against transborder cybercrimes. The provisions represent a certain consensus among the signatories about the appropriate exercise of law enforcement powers in cyberspace, including a cloud environment. However, the exercise of law enforcement agency (LEA) powers raises a number of jurisdictional questions. Each of these issues presents a boundary issue for LEAs, cloud service providers, and cloud users; a boundary between lawful and unlawful behaviours or regulated and unregulated activities. The chapter looks at how and when those boundaries apply and what mechanisms and procedures have been adopted, or are proposed, to address the needs of LEAs in a cloud environment.