Professor Dan Svantesson (pictured) is the only Aussie among an international team of 19 legal experts who have been invited to develop a voluntary framework to manage data access requests on a global scale.
The expert team was convened by the Secretariat of the Policy Network and has proposed various options and components for the voluntary framework.
Professor Svantesson said that the international contact group was established to look at various legal options on governing requests for cross-border access to data.
“Criminal investigations increasingly require access to information about users and digital evidence that is stored by private companies in overseas jurisdictions,” he said.
“As can be seen by the Microsoft case, many of the relevant laws were written at a time before anyone even considered the possibility of data stored in the ‘cloud’.”
The eyes of the world are currently on United States of America v Microsoft Corporation case, which Professor Svantesson explained involved the enforcement of a search warrant in a criminal matter and attempts to force Microsoft to hand over emails held on the company’s servers outside America.
“Basically, the Department of Justice is trying to enforce a search warrant in a drug trafficking case, ordering Microsoft to hand over emails which are held on the company’s servers in Ireland.”
He added that the case outcome would impact the security of private emails and other data held in ‘cloud’ services, which were operated by predominantly American companies such as Amazon, Google, IBM and Microsoft.
“The case has been going on since 2014, based on the question of whether the Department of Justice’s search warrants reach beyond US borders,” Professor Svantesson said.
“It has attracted court briefs and petitions from interested parties all over the world, including Privacy International, the New Zealand Privacy Commission and more than 50 leading computer scientists.”
Professor Svantesson, who also serves as the co-director of Bond University’s Centre for Commercial Law, said that figuring out an acceptable way for governments and enforcement agencies to access internet data across borders was a most pertinent issue – especially in light of an ongoing battle in the US Supreme Court.
“These sorts of multi-jurisdictional battles are becoming increasingly common as we embrace a more globalised marketplace, so it is vital that governments and legal experts work together to find practical solutions,” Professor Svantesson said.
“The problem is further compounded by the difficulties of determining location and jurisdictional nexus in investigations, while ensuring that we maintain suitable levels of protection for fundamental rights such as data privacy.”
Over the last 18 months, Professor Svantesson’s work with other members of the Secretariat of the Internet and Jurisdiction Policy Network’s experts group, has considered how content restrictions, domain suspension and cross-border access to user data may affect its proposed framework.
This week, a report outlining the scheme has been the focus of the Global Internet and Jurisdiction Conference hosted by the Secretariat in Canada.
“It has been fascinating to work with people from so many different perspectives and backgrounds,” Professor Svantesson said.
“And it will be interesting to see the comments and feedback now from the broader network and to consider how we can work together to develop some practical and workable solutions.”