According to the EU Commission, electronic evidence is needed in around 85% of criminal investigations. In two-thirds of these investigations, evidence must be obtained from online service providers in other jurisdictions.
In March 2018 the U.S. Congress enacted the U.S. Cloud Act. From an EU-perspective there is significant concern that U.S. authorities might undermine the EU GDPR requirements by compelling U.S. providers to allow access to certain types of data stored outside the U.S.
It’s sink or swim for DPOs as the GDPR creates a tsunami of challenges. With the stakes high, DPOs face great personal risk if they get it wrong. Still, they lack the resources, in-house know-how and authority to pull together the necessary expertise to deal with the rising tide of urgent requests.