How Are Canadians Affected By The USA Patriot Act And Cloud Computing?

How Are Canadians Affected By The USA Patriot Act And Cloud Computing?

Whether Canadians like it or not, they are affected by the US Patriot Act. While some of the previous issues have been settled already, some new issues are already popping up – issues with cloud computing. The US Patriot Act, otherwise known as the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act, was passed after the World Trade Center attack in September 2011. The law provided a way for US law enforcement agencies to seize business records and block electronic communications. Under this law, any law enforcement official can ask an electronic communication service provider to provide them with information without first letting the affected organizations or individuals know. By issuing a National Security Letter, the service provider can easily hand over any information.

In section 215 of the Act, the Federal Bureau of Investigation (FBI) can ask a federal judge to issue an order which requires parties to produce any tangible items so that the FBI can investigate any clandestine intelligence or international terrorism activities. Said provision is also believed to cover electronic business records. Because of cloud computing, any data from Canada can be mixed with other data from across the globe and housed in a datacenter which is located in the United States of America. As a result, Canadian data can be accessed by the US because it is under the jurisdiction of the USA and, as such, subject to US law. This can pose a Canadian privacy dilemma because under the privacy laws of the Canadian federal and provincial states, any organization which collects data is primarily responsible for data security. Such responsibility is even included in the privacy policy of the organization, as well as in the terms of service or contract.

Canadian organizations themselves are not precluded from tapping cloud services based in the USA if they are only servicing the private sector. The privacy laws of Canada do not prohibit any personal information transfer for storage and processing as long as the said transfer doesn’t make use of the personal information in any manner which wasn’t agreed upon by the organization and its clients; the organization maintains accountability for the personal information protection; the organization will provide the same level of data security as is required by Canadian law; and the said arrangement is disclosed to the client.

In 2009, the Office of the Privacy Commissioner of Canada conducted a survey, which compared Canadian surveillance laws with those of France, the UK, and the US. From 1990 up to the present, the US and Canada have had a Treaty on Mutual Legal Assistance in Criminal Matters wherein both countries have committed to helping each other with criminal investigations – even the Canadian Security and Intelligence Service Act issues secret warrants for the seizure and interception of electronic data. Communications relating to foreign parties can be intercepted by the Canadian Communications Security Establishment upon the order of the Minister of Defense, acting on the powers provided to the minister by the National Defense Act. The Criminal Code of Canada also allows electronic data seizures.

However, when an organization is servicing the public sector in Nova Scotia or British Columbia, it must seek legal advice. There are laws in Alberta, Nova Scotia, and British Columbia which prohibit data storage outside Canada.

By Florence de Borja

Sorry, comments are closed for this post.

Comic
The Lighter Side Of The Cloud – Data Merge

The Lighter Side Of The Cloud – Data Merge

By Christian Mirra Please feel free to share our comics via social media networks such as Twitter, Facebook, LinkedIn, Instagram, Pinterest. Clear attribution (Twitter example: via @cloudtweaks) to our original comic sources is greatly appreciated.

The Rise Of Threat Intelligence Sharing

The Rise Of Threat Intelligence Sharing

Threat Intelligence Sharing  Security has been discussed often on CloudTweaks and for good reason. It is one of the most sought after topics of information in the technology industry.  It is virtually impossible to wake up and not read a headline that involves the words “Breached, Hacked, Compromised or Extorted (Ransomware)“. Included (below) is an…

Moving Your Email To The Cloud? Beware Of Unintentional Data Spoliation!

Moving Your Email To The Cloud? Beware Of Unintentional Data Spoliation!

Cloud Email Migration In today’s litigious society, preserving your company’s data is a must if you (and your legal team) want to avoid hefty fines for data spoliation. But what about when you move to the cloud? Of course, you’ve probably thought of this already. You’ll have a migration strategy in place and you’ll carefully…

Higher Education Institutions Increasing Cloud Use In Next 5 Years

Higher Education Institutions Increasing Cloud Use In Next 5 Years

Cloud Computing Advancing Edtech In a new research study by ResearchMoz it’s predicted that the global cloud computing market in higher education will grow steadily at a CAGR of 24.57% over the period 2016 to 2020. Making use of computing resources connected by either public or private networks provides the benefits of scalable infrastructure, greater…

Big Data and AI Hold Greatest Promise For Healthcare Technologies

Big Data and AI Hold Greatest Promise For Healthcare Technologies

Digital Healthcare Executives and Investors Addressed Opportunities and Challenges Facing the Industry New York City – September 21, 2016 – According to a survey of 122 founders, executives and investors in health-tech companies released today by Silicon Valley Bank, big data and artificial intelligence will have the greatest impact on the industry in the year ahead. Healthcare…

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

Why Businesses Need Hybrid Solutions Running a cloud server is no longer the novel trend it once was. Now, the cloud is a necessary data tier that allows employees to access vital company data and maintain productivity from anywhere in the world. But it isn’t a perfect system — security and performance issues can quickly…

Data Breaches: Incident Response Planning – Part 1

Data Breaches: Incident Response Planning – Part 1

Incident Response Planning – Part 1 The topic of cybersecurity has become part of the boardroom agendas in the last couple of years, and not surprisingly — these days, it’s almost impossible to read news headlines without noticing yet another story about a data breach. As cybersecurity shifts from being a strictly IT issue to…

LAVABIT, EDWARD SNOWDEN, AND THE LEGAL BATTLE FOR PRIVACY

LAVABIT, EDWARD SNOWDEN, AND THE LEGAL BATTLE FOR PRIVACY

The Legal Battle For Privacy In early June 2013, Edward Snowden made headlines around the world when he leaked information about the National Security Agency (NSA) collecting the phone records of tens of millions of Americans. It was a dramatic story. Snowden flew to Hong Kong and then Russia to avoid deportation to the US,…

Cloud Services Providers – Learning To Keep The Lights On

Cloud Services Providers – Learning To Keep The Lights On

The True Meaning of Availability What is real availability? In our line of work, cloud service providers approach availability from the inside out. And in many cases, some never make it past their own front door given how challenging it is to keep the lights on at home let alone factors that are out of…

Three Factors for Choosing Your Long-term Cloud Strategy

Three Factors for Choosing Your Long-term Cloud Strategy

Choosing Your Long-term Cloud Strategy A few weeks ago I visited the global headquarters of a large multi-national company to discuss cloud strategy with the CIO. I arrived 30 minutes early and took a tour of the area where the marketing team showcased their award winning brands. I was impressed by the digital marketing strategy…

Will Your Internet of Things Device Testify Against You?

Will Your Internet of Things Device Testify Against You?

Will Your Internet of Things Device Testify Imagine this:  Your wearable device is subpoenaed to testify against you.  You were driving when you were over the legal alcohol limit and data from a smart Breathalyzer device is used against you. Some might argue that such a use case could potentially safeguard society. However, it poses…

Mobile Connected Technologies – The Future Of The Healthcare Industry

Mobile Connected Technologies – The Future Of The Healthcare Industry

Mobile Connected Technologies Clinics, hospitals, and other healthcare facilities are embracing new mobile technologies in order to be more efficient in their daily tasks. With faster communication and better collaboration, clinicians can spend much less time handling medical devices and more time administering care to their patients. Industry experts are stating that mobile connected technologies…

M2M, IoT and Wearable Technology: Where To Next?

M2M, IoT and Wearable Technology: Where To Next?

M2M, IoT and Wearable Technology Profiling 600 companies and including 553 supporting tables and figures, recent reports into the M2M, IoT and Wearable Technology ecosystems forecast opportunities, challenges, strategies, and industry verticals for the sectors from 2015 to 2030. With many service providers looking for new ways to fit wearable technology with their M2M offerings…

How Your Startup Can Benefit From Cloud Computing And Growth Hacking

How Your Startup Can Benefit From Cloud Computing And Growth Hacking

Ambitious Startups An oft-quoted statistic, 50% of new businesses fail within five years. And the culling of startups is even more dramatic, with an estimated nine out of ten folding. But to quote Steve Jobs, “I’m convinced that about half of what separates the successful entrepreneurs from the non-successful ones is pure perseverance.” So while…