The tentative agreement would reportedly allow UK authorities to gather data from US communications firms, and vice-versa
The US and UK Governments have reached a tentative agreement that would allow each country’s intelligence agencies and criminal investigators to directly demand communications data, such as email and online chat data, from companies based in the other nation, according to reports.
The agreement, which would require approval by Congress, is aimed at clarifying how communications companies are permitted to act in cross-border inquiries, according to reports by The Washington Post and others citing unidentified US government officials.
Under current US law, companies are generally barred from handing over data to investigators from another country, a state of affairs that makes cross-border inquiries difficult.
The agreement would allow agencies such as MI5 or criminal investigators to serve “production orders” on US firms in cases involving UK citizens. Such orders would oblige US companies to turn over stored data such as emails or communications metadata such as email headers or records of telephone communications.
Criminals with British nationality frequently use communications providers based in the US, such as Google, Facebook and Microsoft, making it difficult for UK investigators to carry out inquiries, according to US officials cited by the Post. The agreement would reportedly also allow US investigators to serve such requests on firms based in the UK.
“The proposed agreement, which remains under discussion, would be reciprocal and would require legislation to take effect,” said an unnamed US Justice Department official cited by Reuters.
Representative Adam Schiff, the top Democrat on the US House of Representatives Intelligence Committee, told Reuters that Congress would monitor civil liberties issues, including ensuring that orders served by UK authorities would not affect US citizens.
The UK’s Foreign Office declined to comment.
The draft bill would oblige communications providers to store information such as email and telephone records for a period of 12 months and make it available to investigators upon request.
Are you a security pro? Try our quiz!