March 5, 2018 | Opinion, by Lisa Monaco and John Carlin
How should law enforcement officials deal with digital data that happens to be stored in a different country? If FBI agents, pursuing a subject who committed a crime in the United States, serve a valid court order on an American company, the government shouldn’t have to wait a year because the company happens to store the information overseas. Likewise, if the London police are investigating a local murder, the fact that they are seeking phone records from a communications provider located in the United States should not block them from doing their job.
That sounds like simple common sense. But in the modern world, law enforcement and national-security professionals are too often forced to use 19th- century tools in a global, 21st-century world.
Currently, for too many cases, the only option for police and prosecutors trying to do their jobs is to use mutual legal assistance treaties. That cumbersome model dates back decades and is not designed for a digital age, when even purely local crimes might involve evidence located overseas. The process requires lengthy reviews at both ends; picture layers of lawyers and diplomats, memorandums with multiple official seals and the occasional broken fax machine. For example, the average response time for a routine request to Ireland — a country where many U.S. tech companies store their data — is 15 to 18 months. Worse, as data storage moves across the cloud, and where one email can consist of data stored in multiple places at once, it can be difficult or impossible to determine exactly where information resides at any given moment…