The U.S. PATRIOT Act in 2001 was a very controversial piece of legislation to begin with – giving the executive branch of the U.S. government and a number of related institutions sweeping powers to wire-tap, search, and demand personal data and communication information from a wide range of sources – often in direct violation of long-standing laws and civil liberties protected by the U.S. constitution.
Since then, the U.S. government has been accessing private records of banks, insurances, telecom companies, health care providers, and many more, mining vast amounts of sensitive data from potentially hundreds of millions of people in America in the process – with little or no democratic oversight or checks and balances.
Yeah, OK, that’s in America – not here, right? Think again.
First, it’s becoming increasingly clear that there is a secret version of the PATRIOT Act – the way the U.S. Department of Justice is interpreting the law, which appears significantly more invasive and far-reaching than many lawmakers and the public have been lead to believe. And, because it’s classified, there is no public discussion over the true extent of the law or abuses.
Second, it turns out – as Microsoft just recently admitted (and this is true for the entire IT industry) – there is no way for U.S. companies to stop the U.S. authorities from applying the PATRIOT Act to all subsidiaries of U.S. companies worldwide. This means, essentially, that the U.S. is riding rough shot over the sovereign data and privacy protection laws of foreign countries.
Pretty much any data that is stored or processed by a subsidiary of a U.S. company and falls within the PATRIOT Act, anywhere in the world, can be demanded and collected by U.S. authorities at any time and without your knowledge, in direct violation of the laws of your own country. Mind you, this does not only apply to U.S. citizens. It applies to everyone.
Hard to believe? Yes. But the more you dig into it, the worse it gets.