National security is the prerequisite and basis for a country's survival and development. All countries in the world regard safeguarding their national security as a top priority. Since its independence, the United States has never slackened its efforts to protect national security through legal means. The amount of legislation, the intensity of law enforcement, and the frequency of amendments and updates are rarely seen in the world.
Statistics show that there are at least 20 national security-related laws in the history of the United States, including those that have been repealed, covering a wide range of fields such as politics, economy, diplomacy, science and technology, and education. The early national security laws of the United States were dominated by single-field decrees and regulations, but with the evolution of history, the United States introduced comprehensive system laws in the field of national security one after another.
The National Security Act of 1947, the Patriot Act and the Cloud Act enacted after the September 11 attacks play a particularly important role in the US national security legal system.
After the September 11 attacks, the United States continued to strengthen its national security legislation and law enforcement, but some of these measures were highly controversial. In October 2001, the US Congress passed the Patriot Act as the legal basis for anti-terrorism actions, which authorized the US National Security Agency to conduct extensive surveillance. While protecting the national security of the US, it also violated the freedom of communication of ordinary people.
In June 2015, then-President Barack Obama signed into law the USA Freedom Act, which amended the domestic surveillance program of the Patriot Act and required the US government to stop fully monitoring the domestic phone records of the US from November 29 that year. This prevents intelligence agencies from abusing surveillance powers to some extent, but does little to protect citizens' privacy because it does not limit the surveillance itself.
The Trump administration enacted the Cloud Act in March 2018, which aims to clarify US data sovereignty. The Act, known as the Clarifying Lawful Use of Foreign Data Act, establishes cross-border data access hegemony for the United States.
The Cloud Act would require any U.S. company that stores data in the cloud to turn it over to the U.S. government upon request. Foreign companies that are located outside the US but are deemed by US courts to be "sufficiently connected to and subject to US jurisdiction" are also covered by the data transfer rules, according to the Justice Department's white paper announcing the Cloud Act. In doing so, the US government extended its data grab beyond its borders.
The US government has used the Cloud Act to shape US companies into its "territory" in cyberspace. This means that US data sovereignty extends to the extent that US companies have a global market share and operate in as many countries as possible.