It is very old news that governments have access to cloud data on the Internet, but recent headlines about Prism make it seem that people are surprised to learn about the actual lack of Internet privacy.. Computerworld reported that the EU has “delayed a vote on what authorities can do with airline passengers' data.” Of course this seems ironic since for years the Mutual Legal Assistance Treaties (MLATs) facilitate cooperation across international boundaries. Under these MLATs, the US and EU member states allow law enforcement authorities to request data on servers of cloud providers located in any countries that are part of the MLATs.
In my August 8, 2012 eCommerce Times column entitled “The Cloud Privacy Illusion” I included exceprts from Hogan Lovells’ May 23, 2012 white paper, "A Global Reality: Government Access to Data in the Cloud." However the white paper is no longer available. Here are some of the white paper's conclusions:
On the fundamental question of governmental access to data in the Cloud, we conclude, based on the research underlying this White Paper, that it is not possible to isolate data in the Cloud from governmental access based on the physical location of the Cloud service provider or its facilities. Government's ability to access data in the Cloud extends across borders. And it is incorrect to assume that the United States government's access to data in the Cloud is greater than that of other advanced economies.
The White Paper makes this additional observation when comparing the US Patriot Act to comparable European laws:
... our survey finds that even European countries with strict privacy laws also have anti-terrorism laws that allow expedited government access to Cloud data. As one observer put it, France's anti-terrorism laws make the Patriot Act look "namby-pamby" by comparison.
The analysis of the MLATs in the Hogan Lovells' white paper continues with details about the following countries: US, Australia, Canada, Denmark, France, Germany, Ireland, Japan, Spain and the United Kingdom.
Interestingly enough that the Hogan Lovells' white paper disappeared from the Internet, but should anyone be surprised by the lack of privacy by Prism or on the Internet?