Cloud computing - cooperating with law enforcement

1,224 views

Published on

Slides for talk by Prof Ian Walden, Cloud Legal Project http://bit.ly/cloudlegal on law enforcement aspects of cloud computing at CRID workshop Brussels 24 Feb 2011 http://www.crid.be/cloudcomputing/default.htm

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,224
On SlideShare
0
From Embeds
0
Number of Embeds
34
Actions
Shares
0
Downloads
32
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Cloud computing - cooperating with law enforcement

  1. 1. Co-ope at g t a Co-operating with Law Enforcement Professor Ian Walden Institute of Computer and Communications Law I i fC dC i i L Centre for Commercial Law Studies, Queen Mary, University of London Of Counsel, Baker & McKenzie Introductory remarks edu  Law enforcement access – Covert & coercive investigative techniques cl@ccls.e  Request recipients – Cloud users – Cloud Service providers  Contracted parties & infrastructure providers  Communication providers picc  Questions of vires and regulatory boundaries – Jurisdictional reach – Obligations to assist – Evidential impact 1
  2. 2. Forensic challenges in the Cloud edu  Multiplicity cl@ccls.e – e.g. Data replication for performance, availability, back-up & redundancy  Distributed storage – e.g. ‘sharding’ and ‘partitioning’  Protected dataicc – e.g. cryptography  Identity – Establishing links LEA investigative powers edu  ‘Exercising a power’ cl@ccls.e –P Permissible & impermissible conduct i ibl i i ibl d  e.g. entrapment  Expedited preservation, retention & delivery-up – Differential authorisation procedures  Judicial, executive or administrative  Issues of legality & enforceabilityicc – Obtaining authorisation – Executing the authorisation 2
  3. 3. edu Jurisdictional reach  Within & beyond the territory cl@ccls.e – e.g. Rackspace (2004)  Service provider & requested data – ‘loss of location’  Reassembly as a proxy?  Cybercrime Convention (2001)icc – Art. 19: ‘Possession or control’ (art.19) – Art. 32: open source or lawful and voluntary consent of the person who has lawful authority to disclose  Contractual provisions International co-operation co- edu  Mutual legal assistance cl@ccls.e – Harmonisation – Or mutual recognition  EU: EEW and the EIO  Informal co-operation with foreign LEA – Proactive disclosure & 24/7 networksicc  Direct liaison with foreign service providers – Council of Europe Guidelines (2008)  e.g. Google Transparency Report  Engage directly with the material sought 3
  4. 4. edu Regulating service providers  Regulatory boundaries cl@ccls.e – ‘electronic communication services’ & ‘information society services’  Google, Skype, Facetime.....?  From SaaS to CaaS  Regulatory consequences – Directive 02/58/EC art. 5(1) & art 15(1) 02/58/EC, art art.icc  Existing capability or build obligation? – Directive 06/24/EC  Providers of ‘electronic communication services’ Cloud- Cloud-derived evidence edu  Admissibility – Statutory rules & judicial discretion cl@ccls.e  e.g. Fair trial considerations (ECHR, art. 6)  Impact of lawfulness of obtaining?  Evidence gathered under MLA  Evidential weight – Provenance issues with remote data retrievalicc  authenticity, integrity & accountability 4
  5. 5. edu Concluding remarks  Exceeding powers in application or reach cl@ccls.e – Surrendering sovereignty – Regulatory uncertainties  From formality to informality – Issues of accountability – Building a ‘culture of co-operation’!icc  e.g. Amazon & WikiLeaks  Evidential consequences 5

×