This use case is from an SME CSP that is quite advanced and knowledgeable about data access requests by authorities, and it is good to consider the do's and don’ts. Most CSPs do not know what to do if access to data is requested from a government authority and may give the government authority the wrong access without assessing such request. Generally, the scope of the formal requests to obtain access is too broad instead of a detailed scope, because the authority does not yet exactly know what kind of data they need to know. However, fishing by the government authorities is not allowed.
Cloud Service lifecycle phase: