The CLOUD Act establishes in its “Step One” the extraterritorial reach of the Stored Communications Act (SCA) and in its “Step Two” sets up a process for the creation of bilateral executive agreements between the U.S. and foreign governments to provide reciprocal authority to make direct requests for information from cloud providers in the other’s jurisdiction. In consequence, the CLOUD Act may encourage governments to engage in an arms race for stricter data protection laws and sanctions. It may also encourage companies to localize data storage in the EU. Moreover, the CLOUD Act may be on a collision course with the GDPR. This Article proposes that the most sensible and efficient path to legal certainty for cloud providers would be an accord between the U.S. and the EU itself.

Distributed ledger technology especially in the form of publicly coordinated validation networks such as Ethereum and Bitcoin with their own monetary circles provides for a revealing litmus test for current financial regulatory schemes. After a brief introduction (I.), the article highlights the interrelation between distributed coordination and the emission of virtual currency to make sense of the function of the new monetary phenomenon (II.). It then argues for the regulation of financial services on the ground of the technology to ensure integrity standards (III.) and emphasises the shortcomings of the current EU regulatory regimes (IV.), especially the regulation frameworks regarding financial services, payment services and electronic money.

In Summer 2017, an article in this journal discussed a complaint filed with the U.S. Federal Trade Commission (“FTC” or “Commission”) against Uber Technologies, Inc. (“Uber”). The complaint alleged that Uber had “continued to track iPhone users who once had installed the Uber app even after they [the users] believed they had deleted it from their device.” The FTC has not, so far, taken any public action against Uber based upon the tracking allegations. However, the earlier article predicted, that complaint was not the end of Uber’s privacy troubles. Since the 2017 complaint was made, U.S. prosecutors and agencies at both the state and federal level have brought enforcement actions alleging that Uber failed to secure private information and concealed some of those failures from the public and the authorities. Similar actions were brought against Uber in the EU. Uber has been ordered to pay substantial amounts in settlement of some of those claims, but it is unclear whether those complaints point to a failure in Uber’s corporate culture that has yet to be resolved.