Many of us have been using cloud computing for many years on a daily basis by using web based email, social media networks and other applications. It is only in recent years however that cloud computing has become an option for businesses and enterprises looking to take advantage of its benefits. This has resulted in a focus on the security of cloud computing services which has been driven by risk managers, governments and regulators.
As many cloud services providers use data centres in the USA, one issue that is constantly debated is the USA PATRIOT Act (the Act). It should be noted that the Act was originally named the Provide Appropriate Tools Required to Intercept and Obstruct Terrorism (PATRIOT) Act of 2001. The name was shortened to the USA PATRIOT Act by the time it was finally passed by the House and the Senate, but the original acronym goes some way to understanding its original intended purpose.
It is believed by many that the Act provides US government agencies unfettered access to data held by US companies such as cloud services providers. This paper analyses, at a very high level, the effect of the Act in the context of existing rights to access data (together with other avenues for data access such as under Mutual Assistance Treaties) specifically related to the Australian market.