Attorney General Loretta E. Lynch said Tuesday that recently launched transatlantic talks to enable British access to wiretap data from U.S. firms would protect privacy and human rights.
In remarks at a major cybersecurity conference in San Francisco, Lynch said that under any agreement, the British government would have to accept provisions designed to safeguard such rights.
The negotiations are aimed at establishing a framework that would permit British authorities to serve orders directly on U.S. companies for live intercepts and stored data in cases in which the investigation targets accounts not used by Americans or people in the United States.
"It would help one of our oldest and closest allies perform high-priority criminal investigations that keep its citizens safe,'' said Lynch, speaking at the RSA Conference.
The talks are the latest instance of an effort to reconcile the borderless nature of the Internet with sometimes conflicting laws created by sovereign states.
The talks, which were first reported by The Washington Post, are also aimed at easing the plight of U.S. companies, which are increasingly under pressure from foreign governments such as Britain's to comply with their orders for data in criminal and terrorism investigations. Such data might include online chats, for instance.
Congress, however, has barred U.S. firms from providing intercepts to anyone except the U.S. government after law enforcement has obtained a court order. This clash of laws has put U.S. companies in a difficult position, Lynch said. "Either they comply with a foreign order, and risk a violation of American law - or they refuse to comply, and risk a violation of foreign law," she said.
To obtain stored emails from U.S. companies, a foreign government must rely on a mutual legal assistance treaty by which the country makes a formal diplomatic request for the data, and the Justice Department then seeks a court order on its behalf - a process that can take many months.
Officials at U.S. technology firms have voiced concerns that if no resolution is reached, foreign governments, including Britain's, will force them to host their data in those countries. They also fear passage of laws requiring foreign firms to comply with surveillance orders. Britain has passed such a law, although it has not tried to enforce it against a U.S. firm.
Privacy advocates, however, are worried that the agreement will fail to adequately protect British users' privacy and human rights and permit U.S. firms to conduct wiretaps for foreign governments without the same legal standards based on probable cause that exist in the United States.
In Britain, rather than a judge approving search and wiretap warrants, the home secretary, who oversees police and internal affairs, issues the warrant if that cabinet member finds that it is "necessary" for national security or to prevent serious crime and that it is "proportionate" to the intrusion.
Lynch noted that the agreement would require action from Congress. That probably would mean amendments to laws such as the Wiretap Act. The pact is intended to be reciprocal, which, Lynch said, could help U.S. investigations in the future.
If the agreement proves successful, she said, it might be replicated with other countries "if - and only if - their laws adequately protect privacy and civil liberties."
The negotiations are expected to take months. The White House gave the Justice and State departments the go-ahead to begin the talks in January.