关于Cloud Act， 本公号在【美国Cloud Act法案到底说了什么】、【如何看待“iCloud中国账户密钥将存储在中国”】、【苹果公司境内存储密钥的法律效果再分析】、【欧洲将立法允许执法跨境直接调取数据】做了初步介绍。

目前进展

目前，这个法案在美国国会有显著进展：

首先，美国众议院也有了同样的法案，编号为H.R.4943.

其次，不少美国媒体报道，Cloud Act 很可能被塞进“2018年综合拨款提案”（

Omnibus spending bill）中，不经过任何讨论就得以通过。美国的制度是这样的：许多议员会借着拨款提案必需通过的形势，要求自己支持的法案“搭便车”一并通过，否则就投票反对拨款提案。

来看看媒体是如何描述的：Cloud Act被加入“2018年综合拨款提案”的可能性非常高（highly likely）。【 A source with direct knowledge of the negotiations in the Senate told Gizmodo that it is “highly likely” that the CLOUD Act (S.2383, H.R.4943) will be included in the must-pass spending bill that Congress is cobbling together this week. 】 也就是说， Cloud Act“搭便车”的可能性非常大，也就是进入了立法直通车。如果通过，那美国最高法院在审理微软和FBI一案时，就要根据新的法律来做出判决。

而这个“2018年综合拨款提案”，将在本周浮出水面，美国众议院在本周三将进行投票，参议院也将迅速投票。如果法案到本月23号还没有通过，那美国政府又要面临关门的危机。

现在，在美国参议院，有两名参议员认为不应当在“2018年综合拨款提案”中加入Cloud Act，并认为这个法案应当经过详细的辩论。【On Thursday, Senators Ron Wyden and Rand Paul released a joint statement opposing the measure that was roundly condemned by the ACLU and nearly two dozen other human rights and privacy advocates this week. Paul and Wyden asked the leaders of the Senate Appropriations Committee to not include the legislation in the spending bill and called for extended debate before it ever becomes law.】但这两名议员的努力能够成功？是否力单势薄？

美国的一些非政府组织也发声，认为不应该通过Cloud Act。但他们的理由是：Cloud Act 允许某些外国政府直接向美国公司发出调取数据的命令，会降低对人权和言论自由的保护，而且让美国政府能够方便地绕过宪法第四修正案对美国人的保护。基本逻辑如下：“The CLOUD Act allows the president to enter an executive agreement with a foreign nation known for human rights abuses. Using its CLOUD Act powers, police from that nation inevitably will collect Americans' communications. They can share the content of those communications with the U.S. government under the flawed "significant harm" test. The U.S. government can use that content against these Americans. A judge need not approve the data collection before it is carried out. At no point need probable cause be shown. At no point need a search warrant be obtained.”显然，美国的非政府组织当然只想着美国人自己的事情，不是从咱们自己的角度来想。

美国境外的反对声音

昨天，欧洲的非政府组织发布了针对美国国会的公开信。【公开信后附】核心关切如下：

1、要求不要将Cloud Act塞入“2018年综合拨款提案”中。

2、Cloud Act应该走完完整的委员会程序，这样才能有充分的讨论机会，理清这个法案对美国国内和全球的影响。

3、Cloud Act 对 全球人权保护的影响尚不明朗。在公开信一同发出的声明中，欧洲的非政府组织提出：如果Cloud Act通过，“美国警方可以要求调取欧洲公民的数据，而且不用遵守欧洲隐私方面法律”。如果欧盟是Cloud Act中的“适格外国政府”，虽然美国公司在收到调取令后可以提出抗辩，但是欧盟公民的人权和自由就得完全依赖美国公司的抗辩，而且做出判断的是美国法院及其非常复杂的“礼让分析”。【First, executive decisions of this kind would facilitate law enforcement access to individuals’ data directly from companies. They, however, would seriously weaken and erode privacy and other rights of citizens around the world, including Europeans. For instance, under the CLOUD Act, a US police department could request access to “the contents of a wire or electronic communication and any record or other information” about a European citizen without necessarily following EU privacy laws. If the EU enters into an agreement with the US, European citizens would have to rely on the company subject to the data access request to challenge the order before a US court within 14 days following a complicated “comity” procedure whereby a US court would decide to modify or quash the legal process.】

4. 当然，欧洲的非政府组织也和美国的非政府组织一样，有类似关切，公号君就不翻译了。【Second, as currently drafted, the US CLOUD Act has no review mechanism in the event of democratic backsliding in a third country. This means that, once a government has entered into an agreement with the US Government, it would be almost impossible for the US to revoke this status. In the letter, we point out US Congress about the procedures that the European Commission initiated against Hungary and Poland and ongoing legal proceedings due to rule of law and human rights violations, including threats to judicial independence and civil society organisations. It would be problematic for the US legislator to allow such agreements to be entered into, particularly without robust mechanisms for withdrawing from them.】

最后，欧盟最高司法官员将于今天启程前往美国，讨论的议题之一便是Cloud Act. 还记得Vera前几天的表态吗？相信她会对Cloud Act提出反对意见。见【欧洲将立法允许执法跨境直接调取数据】

得抓紧行动了。