Soon, U.K. police will be able to target people for investigation, and gather their data from U.S. companies, without a judge’s approval—and without ever providing notice to the targets.

The data collected by U.K. police will include the private information of Americans and non-Americans alike. While U.S. persons aren’t supposed to be targeted, this deal won’t stop American communications with a targeted person from being swept up while foreign police investigate. This deal even allows, for the first time, a foreign government to perform a wiretap on a conversation involving a U.S. citizen or resident. These wiretaps won’t have the normal safeguards that a U.S. person would get if they were subject to a wiretap authorized by a U.S. court.

The deal also allows police in the U.S. to bypass U.K. sovereignty. U.S. law enforcement will be able to search and seize data on territory located in Britain and Northern Ireland, without following privacy rules in the U.K.

The US-UK agreement is the first negotiated under the Cloud Act—a federal law that allows foreign police to negotiate agreements to demand data stored in the United States and about U.S. persons. This troublesome U.S.-U.K. agreement will set a terrible precedent for similarly bad Cloud Act deals that could be struck with other nations.

The DOJ should work on speeding up existing methods of getting data across borders while maintaining judicial oversight. The U.S.-U.K. Cloud Act agreement is a bad deal for citizens of both countries, and Congress should stop it.