<https://www.eff.org/deeplinks/2018/02/cloud-act-dangerous-expansion-police-s...> The Clarifying Overseas Use of Data (CLOUD <https://www.hatch.senate.gov/public/_cache/files/6ba62ebd-52ca-4cf8-9bd0-818...>) Act expands American and foreign law enforcement’s ability to target and access people’s data across international borders in two ways. First, the bill creates an explicit provision for U.S. law enforcement (from a local police department to federal agents in Immigration and Customs Enforcement) to access “the contents of a wire or electronic communication and any record or other information” about a person regardless of where they live or where that information is located on the globe. In other words, U.S. police could compel a service provider—like Google, Facebook, or Snapchat—to hand over a user’s content and metadata, even if it is stored in a foreign country, without following that foreign country’s privacy laws.[1] <https://www.eff.org/deeplinks/2018/02/cloud-act-dangerous-expansion-police-s...> Second, the bill would allow the President to enter into “executive agreements” with foreign governments that would allow each government to acquire users’ data stored in the other country, without following each other’s privacy laws. For example, because U.S.-based companies host and carry much of the world’s Internet traffic, a foreign country that enters one of these executive agreements with the U.S. to could potentially wiretap people located anywhere on the globe (so long as the target of the wiretap is not a U.S. person or located in the United States) without the procedural safeguards of U.S. law typically given to data stored in the United States, such as a warrant, or even notice to the U.S. government. This is an enormous erosion of current data privacy laws. This bill would also moot legal proceedings now before the U.S. Supreme Court. In the spring, the Court will decide whether or not current U.S. data privacy laws allow U.S. law enforcement to serve warrants for information stored outside the United States. The case, /United States v. Microsoft/ <http://www.scotusblog.com/case-files/cases/united-states-v-microsoft-corp/> (often called “Microsoft Ireland”), also calls into question principles of international law, such as respect for other countries territorial boundaries and their rule of law. Notably, this bill would expand law enforcement access to private email and other online content, yet the Email Privacy Act <https://www.congress.gov/bill/115th-congress/house-bill/387>, which would create a warrant-for-content requirement, has still not passed the Senate, even though it has enjoyed unanimous support <https://www.eff.org/deeplinks/2016/04/house-advances-email-privacy-act-setti...> in the House for the past two years <https://www.eff.org/deeplinks/2017/07/eff-applauds-senate-email-and-location...>. [...]