Following its agreement with the United Kingdom, the United States announces formal negotiations are underway with Australia about joining the CLOUD Act. Although also a bi-lateral negotiation, the U.S. talks with Australia strike a more practical tone than those with the U.K.
As described in our prior post, under the CLOUD Act, governments can accelerate complex investigations by contacting technology companies in each other’s countries directly in order to compel production of personal data. Under current law, on the other hand, countries must use the mutual legal assistance process. Australia, for instance, must go through the U.S. government in order to reach the data held by providers in the U.S. – with all the bureaucratic delays that can entail.
Reducing the Burden of Production
When the U.S. and the U.K. announced that they reached the first CLOUD agreement, the governments spoke in essentially reciprocal terms about fighting serious crime more efficiently. The October 7 announcement with Australia, however, focused more on reducing the burden upon Australia to obtain data from U.S-based service providers.
Under the CLOUD Act, Australia can obtain judicial authority at home and then contact a U.S.-based company directly. This “new paradigm,” as the announcement calls it, emphasizes reducing the administrative burden on both countries caused by collecting data to be provided to Australia. In fact, the announcement makes only passing reference to the reciprocal aspect that the U.S. can approach service providers in Australia directly as well.
Legislation Needed in Australia
Bilateral talks are underway. However, legislation has “yet to be introduced” in Australia that matches the CLOUD Act. Until then, announcement of the actual agreement will have to await.