On March 8, 2013, the German government published a response to a formal inquiry from one of the German Parliament’s parties on the international security, data protection and surveillance implications of cloud computing. The response describes international cooperation between German and foreign law enforcement agencies that have used mutual legal assistance treaties to obtain cloud data in foreign jurisdictions. An earlier study by the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs considered the scope of U.S. laws that allow surveillance of non-U.S. residents in a cloud computing context. The German government’s response now provides information on how German law enforcement agencies obtain data from clouds outside their jurisdiction (e.g., in the United States) pursuant to mutual legal assistance treaties.

Other topics covered in the response include:

  • the various national and international initiatives under which German law enforcement agencies and other international agencies and institutions explore surveillance options for cloud computing;
  • certain provisions under German law that permit the surveillance of telecommunications; and
  • the hardware and software that German law enforcement agencies have available to bypass security measures such as passwords.