Tuesday, March 28, 2017
Check out this recent post from the Lawfare blog. I've read the regulations to which it refers, and the post describes them accurately. Frankly, if I had given the matter any thought before this, I would have assumed that Chinese investigative authorities were already doing this whenever they wanted to.
Note to the "everybody does it" chorus: The blog post is also accurate in stating that this is not the normal practice of domestic police authorities, including in the United States; they seek permission from the foreign sovereign the same way they would seek permission for sending agents abroad to rifle through someone's file cabinet. Not that China necessarily has to follow the crowd in everything, but China would undoubtedly consider it the gravest violation of its sovereignty were foreign criminal investigators to hack into Chinese servers without permission in a search for evidence.
Here's the relevant language from Art. 9 of the regs: