How Are Canadians Affected By The USA Patriot Act And Cloud Computing?

How Are Canadians Affected By The USA Patriot Act And Cloud Computing?

Whether Canadians like it or not, they are affected by the US Patriot Act. While some of the previous issues have been settled already, some new issues are already popping up – issues with cloud computing. The US Patriot Act, otherwise known as the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act, was passed after the World Trade Center attack in September 2011. The law provided a way for US law enforcement agencies to seize business records and block electronic communications. Under this law, any law enforcement official can ask an electronic communication service provider to provide them with information without first letting the affected organizations or individuals know. By issuing a National Security Letter, the service provider can easily hand over any information.

In section 215 of the Act, the Federal Bureau of Investigation (FBI) can ask a federal judge to issue an order which requires parties to produce any tangible items so that the FBI can investigate any clandestine intelligence or international terrorism activities. Said provision is also believed to cover electronic business records. Because of cloud computing, any data from Canada can be mixed with other data from across the globe and housed in a datacenter which is located in the United States of America. As a result, Canadian data can be accessed by the US because it is under the jurisdiction of the USA and, as such, subject to US law. This can pose a Canadian privacy dilemma because under the privacy laws of the Canadian federal and provincial states, any organization which collects data is primarily responsible for data security. Such responsibility is even included in the privacy policy of the organization, as well as in the terms of service or contract.

Canadian organizations themselves are not precluded from tapping cloud services based in the USA if they are only servicing the private sector. The privacy laws of Canada do not prohibit any personal information transfer for storage and processing as long as the said transfer doesn’t make use of the personal information in any manner which wasn’t agreed upon by the organization and its clients; the organization maintains accountability for the personal information protection; the organization will provide the same level of data security as is required by Canadian law; and the said arrangement is disclosed to the client.

In 2009, the Office of the Privacy Commissioner of Canada conducted a survey, which compared Canadian surveillance laws with those of France, the UK, and the US. From 1990 up to the present, the US and Canada have had a Treaty on Mutual Legal Assistance in Criminal Matters wherein both countries have committed to helping each other with criminal investigations – even the Canadian Security and Intelligence Service Act issues secret warrants for the seizure and interception of electronic data. Communications relating to foreign parties can be intercepted by the Canadian Communications Security Establishment upon the order of the Minister of Defense, acting on the powers provided to the minister by the National Defense Act. The Criminal Code of Canada also allows electronic data seizures.

However, when an organization is servicing the public sector in Nova Scotia or British Columbia, it must seek legal advice. There are laws in Alberta, Nova Scotia, and British Columbia which prohibit data storage outside Canada.

By Florence de Borja

Sorry, comments are closed for this post.

5% Of Companies Have Embraced The Digital Innovation Fostered By Cloud Computing

5% Of Companies Have Embraced The Digital Innovation Fostered By Cloud Computing

Embracing The Cloud We love the stories of big complacent industry leaders having their positions sledge hammered by nimble cloud-based competitors. Saleforce.com chews up Oracle’s CRM business. Airbnb has a bigger market cap than Marriott. Amazon crushes Walmart (and pretty much every other retailer). We say: “How could they have not seen this coming?” But, more…

Don’t Be Intimidated By Data Governance

Don’t Be Intimidated By Data Governance

Data Governance Data governance, the understanding of the raw data of an organization is an area IT departments have historically viewed as a lose-lose proposition. Not doing anything means organizations run the risk of data loss, data breaches and data anarchy – no control, no oversight – the Wild West with IT is just hoping…

Is Machine Learning Making Your Data Scientists Obsolete?

Is Machine Learning Making Your Data Scientists Obsolete?

Machine Learning and Data Scientists In a recent study, almost all the businesses surveyed stated that big data analytics were fundamental to their business strategies. Although the field of computer and information research scientists is growing faster than any other occupation, the increasing applicability of data science across business sectors is leading to an exponential…

The Security Gap: What Is Your Core Strength?

The Security Gap: What Is Your Core Strength?

The Security Gap You’re out of your mind if you think blocking access to file sharing services is filling a security gap. You’re out of your mind if you think making people jump through hoops like Citrix and VPNs to get at content is secure. You’re out of your mind if you think putting your…

Staying on Top of Your Infrastructure-as-a-Service Security Responsibilities

Staying on Top of Your Infrastructure-as-a-Service Security Responsibilities

Infrastructure-as-a-Service Security It’s no secret many organizations rely on popular cloud providers like Amazon and Microsoft for access to computing infrastructure. The many perks of cloud services, such as the ability to quickly scale resources without the upfront cost of buying physical servers, have helped build a multibillion-dollar cloud industry that continues to grow each…

Three Reasons Cloud Adoption Can Close The Federal Government’s Tech Gap

Three Reasons Cloud Adoption Can Close The Federal Government’s Tech Gap

Federal Government Cloud Adoption No one has ever accused the U.S. government of being technologically savvy. Aging software, systems and processes, internal politics, restricted budgets and a cultural resistance to change have set the federal sector years behind its private sector counterparts. Data and information security concerns have also been a major contributing factor inhibiting the…

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

The Cloud Is Not Enough! Why Businesses Need Hybrid Solutions

Why Businesses Need Hybrid Solutions Running a cloud server is no longer the novel trend it once was. Now, the cloud is a necessary data tier that allows employees to access vital company data and maintain productivity from anywhere in the world. But it isn’t a perfect system — security and performance issues can quickly…

The Importance of Cloud Backups: Guarding Your Data Against Hackers

The Importance of Cloud Backups: Guarding Your Data Against Hackers

The Importance of Cloud Backups Cloud platforms have become a necessary part of modern business with the benefits far outweighing the risks. However, the risks are real and account for billions of dollars in losses across the globe per year. If you’ve been hacked, you’re not alone. Here are some other companies in the past…

3 Keys To Keeping Your Online Data Accessible

3 Keys To Keeping Your Online Data Accessible

Online Data Data storage is often a real headache for businesses. Additionally, the shift to the cloud in response to storage challenges has caused security teams to struggle to reorient, leaving 49 percent of organizations doubting their experts’ ability to adapt. Even so, decision makers should not put off moving from old legacy systems to…