Do You Know Where Your Data Is?

Do You Know Where Your Data Is?

A major concern which drives us at Panavisor is this — do you know where your data is? How can you know if you are PCI or HIPPA compliant if you don’t know where your data is? Maybe you have tax reasons to know where your data is. Reiterating that the “cloud” is not an ethereal wisp dissociated from the realities of physical location, on April 11, 2014, the United States Court of Appeals for the Third Circuit overturned the hacking conviction of Andres Auernheimer. Where does a cybercrime take place? Is the internet ubiquitous — being everywhere and no where? This is an important question of Constitutional law because Article III of the Constitution requires that “the Trial of all Crimes . . . shall be held in the State where the said Crimes shall have been committed.” U.S. Const. art. III, § 2, cl. 3. The Sixth Amendment further provides that “[i]n all criminal prosecutions, the accused shall enjoy the right to a speedy and public trial, by an impartial jury of the State and district wherein the crime shall have been committed.” The Court found:

Venue issues are animated in part by the “danger of allowing the [G]overnment to choose its forum free from any external constraints.” The ever-increasing ubiquity of the Internet only amplifies this concern. As we progress technologically, we must remain mindful that cybercrimes do not happen in some metaphysical location that justifies disregarding constitutional limits on venue. People and computers still exist in identifiable places in the physical world. When people commit crimes, we have the ability and obligation to ensure that they do not stand to account for those crimes in forums in which they performed no “essential conduct element” of the crimes charged. (Citations omitted)