MLAT (Mutual Legal Assistance Treaty)

MLAT stands for Mutual Legal Assistance Treaty: bilateral or multilateral agreements that govern how one country’s law-enforcement requests for evidence held in another country are processed. The traditional path for cross-border evidence requests, structurally slow (6-18 months for a US-bound request) due to the inter-government routing through Central Authorities and judicial review at multiple stages. Increasingly bypassed by Cloud Act executive agreements and by direct-cooperation arrangements between specific allied agencies.

What it means in practice

The MLAT process exists because sovereignty and data-protection standards differ across jurisdictions. A French prosecutor seeking content held by Google in California cannot simply serve a French production order on Google; the request must travel through France’s Ministry of Justice to the US DOJ Office of International Affairs to the US prosecutor to a US court for warrant, with US Fourth Amendment standards applied to the request. The structural friction (6-18 month timelines) protected user data through procedural delay. The Cloud Act fast lane (US-UK 2022, US-Australia 2024) bypasses this for qualifying countries; the underlying MLAT framework persists for non-fast-lane jurisdictions. The 2018 Microsoft Ireland Supreme Court case, which prompted the Cloud Act, established that US warrants reach US-incorporated providers’ data regardless of where the data is physically stored, removing the foreign-data-residency defense that providers had previously asserted.

Where it shows up

Operationally relevant for: cross-border investigations involving evidence held in another jurisdiction (most international financial-crime cases, most cyber investigations, most cases where the suspect or witness is in a different country than the data), corporate-litigation discovery seeking foreign-held data, and journalism source-protection scenarios where understanding the legal-process pathway helps assess the risk of source-identification. The MLAT response time has historically been the structural defense; the Cloud Act executive-agreement framework is compressing that defense for fast-lane jurisdictions. The Predaxia operational frame: the legal-process pathway to your data depends on where you are, where the data is, and what bilateral arrangements exist between the requesting jurisdiction and the data-holding jurisdiction; the matrix is moving and the architecture-side defense (end-to-end encryption) is the only structurally stable position.

What you can change today

If your threat model includes cross-border investigative reach, three considerations. First, understand which jurisdictions are operationally fast (US-UK fast lane, US-Australia fast lane, and the additional agreements being negotiated) versus which still require the slower MLAT path. Second, prefer service providers whose architecture defeats the legal-process attack regardless of MLAT speed: end-to-end encryption that the provider cannot decrypt produces ciphertext on any production order, regardless of how fast the order was processed. Third, awareness that the framework is moving: the CLOUD Act executive agreements are expanding, the EU e-Evidence Regulation creates an EU-level fast-lane within the EU, and the operational implications shift with each new agreement; the architecture defense is the constant, the procedural defense is moving.

Related articles