Category Archives: Big Data

Defining the Scope of “Possession, Custody, or Control” for Privacy Issues and the CLOUD Act

With a growing number of US companies storing their electronic data across country lines, US law enforcement agencies are left with the difficult task of trying to access electronic evidence stored outside of their physical jurisdictions.

In response, Congress passed the Clarifying Lawful Overseas Use of Data Act (Cloud Act) in 2018 to provide the US government with the power to order the production of electronic evidence that is stored outside of the US if it is within a US company’s “possession, custody, or control.”

However, the Cloud Act does not define what constitutes the “possession, custody, or control” of electronic evidence, raising concerns about the scope of US authority under the Act. Through their examination of existing domestic and international jurisprudence interpreting these terms in other legal contexts, Hemmings, Srinivasan, and Swire outline the key factors courts should balance in analyzing this pivotal phrase.

Personal Information as an Attack Vector: Why Privacy Should Be an Operational Dimension of US National Security

The US government has always been keen on its ability to protect sensitive and classified information from its enemies, yet the majority of resources have focused on military and national security information, which has left other categories of information exposed.

Capt. Christopher Dearing focuses the reader on the national security implications of personal information and the detrimental impact it possesses. This article provides an analysis of current privacy law and the information landscape, while highlighting areas where the US government has failed to keep pace to protect personal information, providing a valuable target for adversaries.

In an expansive call for action, Capt. Dearing recommends eight concrete steps that the government can take to better protect and manage personal information while developing stronger procedures to identify threats and respond to them.

Gathering Intelligence: Drifting Meaning and the Modern Surveillance Apparatus

Since its implementation in 1981, Executive Order 12,333 has served as a general charter governing the structure and operations of the Intelligence Community. While legislation has imposed a degree of added judicial and congressional oversight, the executive branch continues to retain sole discretion over large swathes of foreign intelligence activity today.

Over the past several decades, and in accordance with E.O. 12,333’s mandate, members of the Intelligence Community have each created internal agency manuals to guide their foreign intelligence operations. These manuals identify and define a range of technical terms critical to determining the scope of agencies’ intelligence-gathering authority, including what information is gathered, how long that information is retained, and the uses to which it may be put. But over time, the dispersion of authority to make decisions within and across intelligence agencies has enabled drift in the meaning of these terms. Together, the manuals have created a thicket of often conflicting and unclear definitions that are difficult for Congress, the courts, and even committees within the executive branch to understand.

In this article, Diana Lee, Paulina Perlin, and Joe Schottenfeld provide the first sustained analysis of these definitional inconsistencies, their consequences, and efforts to address the problem from within and outside the executive branch. In particular, it focuses on three terms that determine when the intelligence cycle “officially” begins: “collection,” “acquisition,” and “targeting.” By analyzing these three terms, this Article demonstrates the lack of clarity that executive discretion and dispersal create. This lack of clarity, in turn, makes it difficult for meaningful oversight, such as congressional hearings, to occur. The Article concludes by offering recommendations to clarify the parameters of the government’s intelligence-gathering authority. As technological advancements continue to expand the Intelligence Community’s capacity to gather information, it is imperative that the government adopt measures to facilitate effective oversight over the executive’s foreign intelligence operations.