The United States Department of Justice is sitting on a backlog of more than 11,000 requests from other countries for law enforcement assistance. The requests, made under processes established by Mutual Legal Assistance Treaties (MLATs), provide formal means of exchanging evidence between countries. MLATs often include transparency provisions and privacy protections. However, the current failure of the U.S. to comply with requests pushes governments to use other means of obtaining information, including surveillance, that infringe users’ rights and risk the integrity and interoperability of the internet.
Last week, Access and a number of allies sent a letter [PDF] to Congressional leadership calling for improvements to the U.S. MLAT system. The Department of Justice office in charge of MLAT requests remains understaffed and with outdated technology due to inadequate funding. Making matters worse, U.S. companies control a significant amount of information from users around the world, making U.S. compliance with MLATs even more critical.
As an illustration of the problem, consider what would happen if law enforcement in South Africa [PDF] discovered that evidence relevant to a local criminal investigation was stored on Google’s servers in the U.S. The South African Department of Justice might then make a request to the U.S. Department of Justice, which would review the request to ensure that it complies with U.S. privacy protections. If it did, the U.S. DOJ would then forward the request to Google, which would reply back through the chain.
However, suppose that South Africa didn’t get a timely response. It might then go directly to Google or U.S. law enforcement, circumventing legal procedures that protect user rights. Or, to achieve a longer-term solution to the problem, South Africa might place restrictions on the flow of information to enable greater access by local authorities — as Russia plans to do through a “data localization” law — or pass new laws to enable surveillance.
In addition to increasing U.S. responsiveness, there are other changes that would improve the MLAT system. MLATs should be negotiated between countries where none currently exist, and they should be drafted with the privacy and transparency provisions that make MLATs desirable. The International Principles on the Application of Human Rights to Communications Surveillance, which articulate human rights obligations in the digital age, explain that MLATs should require that, in exchanging information, the legal standard in the country with higher level of protections for human rights should apply. The Global Network Initiative has also published a useful report [PDF] detailing recommendations on improving the MLAT system.
While jurisdiction in the international flow of information is a complicated issue, it is imperative that processes are developed that respect users’ rights. As a first step, Congress should provide adequate funding for the U.S. MLAT system, as our letter to Congress makes clear. We also look forward to recommendations to be made later this year by the National Action Plan on Responsible Business Conduct, aimed at making improvements to the MLAT process that will enable corporations to better respect human rights in their operations abroad.
Image credit: Loty