Baker & McKenzie's Global Surveillance Comparison Map The Court of Justice of the European Union (CJEU) raised the question whether the level of data protection in the USA is adequate and equivalent to the European Economic Area (EEA). The CJEU did not answer this question in its judgment of October 6, 2015, but noted concerns regarding reports of indiscriminate mass surveillance by the National Security Agency (NSA) and the Federal Bureau of Investigation (FBI) in the United States.Since then, the EU Commission has published a revised draft adequacy decision relating to the United States data protection level and a proposed new "EUU.S. Privacy Shield Program," which is accompanied by assurances by a number of U.S. government authorities regarding privacy protections relating to surveillance programs. At the same time, other institutions in the EU and scholars have analysed the state of surveillance laws in individual jurisdictions within the EEA and elsewhere. They uniformly found comparisons difficult, as actual practices of intelligence authorities are cloaked in secrecy and laws are complex and fragmented in this area. Due to constitutional limitations on the EU's jurisdiction to legislate matters of national security, the legal situation in the EEA member states is not very uniform. For example, in some EEA member states, senior police or military officers can issue search warrants. EU institutions have called for improvements in the U.S. as well as in the EEA. Companies around the world are confronted with questions on how to comply with different jurisdictions' laws and data access requests. Users and providers of cloud services, Software-as-aService and other services have to factor in government surveillance and data access practices of different countries into their business and location plans. With our surveillance law survey and heat map, we intend to contribute a global overview with broad jurisdictional scope to the discussion and corporate planning processes. See our heat maps here: Of course, the situation regarding individual data access requests and responses is more nuanced than a comparative overview survey can address. Therefore, companies cannot rely on our overview as legal advice regarding a particular situation and have to continue to assess their own individual situation based on the pertinent facts and circumstances. Please contact us with any questions or suggestions.  CJEU C-362/14 Schrems v. Data Protection Commissioner), 6.10.2015, #31.  http://ec.europa.eu/justice/data-protection/files/privacy-shield-adequacy-decision_en.pdf.  Cate/Dempsey/Rubinstein, Systematic government access to private-sector data, 2 International Data Privacy Law, 215 (2012); Schwartz, Systematic government access to private-sector data in Germany, 2 International Data Privacy Law, 289 (2012); Brown, Government access to private-sector data in the United Kingdom, 2 International Data Privacy Law, 230 (2012). Freiwald/ Métille, Reforming Surveillance Law: the Swiss Model, 28 Berkeley Tech. L. J., 1261 (2013).  See Study of the EU Agency for Fundamental Rights (FRA), Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Mapping Member States’ legal frameworks (2015), http://fra.europa.eu/en/publication/2015/surveillance-intelligence-services": A comparison between US and EU data protection legislation for law enforcement purposes, www.europarl.europa.eu/RegData/etudes/STUD/2015/536459/IPOL_STU(2015)536459_EN.pdf.  See studies cited in footnote 38. For more information, please contact Lothar Determann, Brian Hengesbaugh, Dyann Heward-Mills, Joachim Scherer or Ian Walden.