Recently SaaS suppliers have seen a marked increase in EU customers raising concerns about disclosure of their data to US law enforcement authorities under the Patriot Act – an American anti-terrorism law – particularly where the SaaS supplier has a parent company in the USA or data is being hosted or processed in the USA. Now to add to your problems, the UK Government plans to introduce its own “Patriot Act” type law in the near future.
Proposed Increase in E-Mail and Web Monitoring in the UK
According to the BBC and Guardian websites, a controversial new English law is expected to be announced in the Queen’s speech on the 9th of May. The proposed new law will allow the UK police and security services to access the Web and Internet phone traffic of all UK residents. This will include access to all phone calls (made via the Internet), emails, social media exchanges and website visits.
Information that may be Disclosed
The proposals will grant UK police and security services the right to see:
- the time of a call, email, or website visit;
- the duration of the call or visit;
- which websites or phone numbers were called; and
- details of the sender and recipient of emails, such as IP addresses;
without any need for first obtaining a court warrant.
If a warrant is obtained, then the content of such messages will also be disclosed upon request.
Justifications for the New Law
The proposed legislation will loosen the existing surveillance arrangements set out in the Regulation of Investigatory Powers Act. The Government claims these new rights are needed to give the police and security services extended powers to enable them to investigate serious crime and terrorism. The same argument used in the USA prior to the introduction of the Patriot Act. The new law will in effect give the UK police and security services rights very similar to those granted to US authorities under the Patriot Act.
Problem for SaaS Suppliers
If this proposed new law is adopted, UK based SaaS suppliers will face increased difficulties in:
- persuading customers to move across from more traditional suppliers to the SaaS model; and
- allying customer concerns about the security and confidentiality of data.
Previous problems raised by SaaS customers over the application of the Patriot Act will fade into insignificance in comparison with these new UK rights.
Irene Bodle is an IT lawyer specialising in SaaS agreements with over 10 years experience in the IT sector. If you require assistance with any SaaS, ASP, software on demand contracts or any other IT legal issues contact me:
To register for my newsletter click here
Other related articles:
- SaaS Agreements – FAQs – Prism
- SaaS Agreements – Data Protection – Prism and US Laws
- SaaS Agreements – Data Protection – The Patriot Act
- SaaS Agreements – Data Protection – Renewed Customer Concerns About the Patriot Act
- SaaS Agreements – Data Protection – FISA Customer Concerns
- SaaS Agreements – Data Protection – Data Commissioner – UK Fines
- SaaS Agreements – Data Protection – Sub-Contractors, Model Clauses
- SaaS Agreements – Data Protection – Liability for Loss of Backup Tapes
- SaaS Agreements – Data Protection – Transfer of Data Outside the EEA
- SaaS Agreements – FAQs – Security
- SaaS Agreements – FAQs – Software Licence
- SaaS Agreements – FAQs – Source Code and Object Code
- SaaS Agreements – FAQs – Escrow
- SaaS Agreements – FAQs – Hosting
- SaaS Agreements – FAQs – Confidential Information
- SaaS Agreements – FAQs – Data Protection
- SaaS Agreements – Essential Elements
- SaaS Agreements – Essential Elements – SLAs Explained
- SaaS Agreements – SaaS, Software on Demand, Confused?
- SaaS Agreements – Cloud Computing and the Legal Cloud
- SaaS Agreements – Cloud based Technology and Services
- SaaS Agreements – Need for an NDA Prior to Signing a SaaS Agreement