The American Civil Liberties Union (ACLU) and Washington DC based Friends of Privacy have hit out at the ease with which US authorities can access data in the cloud, and elsewhere.
In a report, the two organisations allege that American law gives the government freedom to access private data stored in the cloud or anywhere else, in the name of national security.
The report said that though the Patriot Act has been the subject of debate, the most important authority available to the US government is the FISA Amendments Act of 2008 (the FAA). This, it is claimed, lets the government "engage in dragnet and suspicion less monitoring of communications between people in the US and aliens". No court is required to access the information but can authorise authorities to get year-long surveillance orders from secret courts for acquiring "foreign intelligence", a category that is ill defined.
However, the report does say that Section 215 of the Patriot Act is now used in a different way. An unnamed senator told the authors of the report that there is "a gap between what the public thinks the law says and what the American government secretly thinks the law says".
National Security Letters – subpoenas issued to ISPs, cell phone providers and credit card companies must hand over information if it relates to counterterrorism or counter intelligence investigations. The report alleges, however, that the FBI underreported its use of NSLs, and collects information about people two or three times removed from the subject of such investigations. The report alleges 22 percent of audited files contained unreported legal violations.
In brief, the ACLU and Friends of Privacy USA claim that secret interpretations of the law by some authorities "make it impossible to know how invasive its surveillance powers truly are".