Data Responsibility

IBM’s Unwavering Commitment to Protecting Client Data

Share this post:

By Christopher A. Padilla, Vice President, IBM Government and Regulatory Affairs

In 2014, IBM was among the first American technology companies to state publicly that we were not involved in bulk data collection programs implemented by the U.S. government. That same communication to our global client base spelled out clearly the steps IBM would take to challenge U.S. government requests for access to client data, stored in other countries, that did not respect international legal agreements.

More recently, as part of our global commitment to the responsible stewardship of data, we reiterated our position addressing requests for data access made by any government.

Passage of new legislation in the United States has prompted fresh questions about the ability of law enforcement agencies to access data stored abroad. The Clarifying Lawful Overseas Use of Data – or CLOUD – Act does not provide a “backdoor” to client data stored outside the United States. It sets up a new mechanism by which governments may agree to provide lawful access to data stored under their jurisdiction to another government, under pre-agreed legal conditions and safeguards such as judicial warrants.

IBM has earned the trust of our clients over more than a century of doing business. We take seriously our obligation to preserve that trust, and this legislation in no way alters IBM’s stance on government access to client data. We have reiterated our clear, longstanding position in the following statement:

“IBM has well-established policies and practices, summarized in Data Responsibility@IBM and initially put forward in 2014, which make very clear that IBM will not provide access to client data stored outside the lawful jurisdiction of any government requesting such data, unless the request is made through internationally recognized legal channels such as mutual legal assistance treaties (MLATs).”

“The CLOUD Act establishes an additional legal channel by which governments could agree bilaterally on procedures and safeguards to handle lawful requests for data stored under each other’s legal jurisdiction.”

“In the absence of such a bilateral agreement or other internationally recognized legal channels such as an existing MLAT, IBM will take appropriate steps to challenge requests for data stored outside a government’s legal jurisdiction through judicial action or other means.”

###

Media Contact:
Adam R. Pratt
Ph: (202) 551-9625
arpratt@us.ibm.com

More Data Responsibility stories

IBM Response to National Telecommunications and Information Administration’s Proposed Approach to Consumer Privacy

IBM today issued the following comments in response to NTIA’s Request for Comment on Administration’s Proposed Approach to Consumer Privacy:

Continue reading

Strengthening the Charter of Trust for a Secure Digital World

As part of our ongoing, all-encompassing effort to build trust in data processing and storage, IBM was, in early 2018,  a founding member of the Charter of Trust for a secure digital world.

Continue reading

IBM Statement on U.S.-Mexico-Canada Agreement

Data is the lifeblood of 21st Century commerce, and the new U.S.-Mexico-Canada Agreement will ensure that data flows freely across North America.

Continue reading