Law enforcement access to evidence via direct contact with cloud providers

Effective criminal investigation depends on reliable access to evidence. With the extensive use of cloud computing in various forms, electronic evidence of criminal activity may no longer be found with criminals or their associates themselves. Rather, the evidence resides with cloud providers, oftentimes on servers outside of the territory of the investigating law enforcement authorities (LEAs). Thus, even in otherwise completely domestic criminal investigations of crime committed domestically against a domestic victim, relevant electronic evidence may be stored in a cloud arrangement in another country. Obtaining the evidence in those situations may be difficult. In this article, we identify 16 variables and a number of fundamental and non-fundamental constraints that must be taken into account by anyone setting out to construct a framework facilitating appropriate LEA access to evidence via direct contact with cloud providers, while safeguarding the rights and interest of individuals, as well as the rights and interest of the provider, and those of other States.