Worldwide governments, the tech industry, and scholars are keeping close tabs on a legal case in which the US Justice Department claims that Microsoft must produce e-mail data stored in Dublin, Ireland.
What the case boils down to is that President Barack Obama’s administration claims that any company that has a base in the US must comply with warrants for handling over stored data, even if that data is stored on overseas servers. Microsoft, among other companies such as Apple, argues that such a junction is wrong as the enforcement of US law stops at the border.
A magistrate judge has already backed the government’s stance on this issue, ruling in April that “the basic principle that an entity lawfully obligated to produce information must do so regardless of the location of that information.”. The next case is set to be heard on July 31, following Microsoft’s appeal to a federal judge.
In a federal brief filed last week, the US government said that data and content stored online doesn’t have the same Fourth Amendment protection as data stored in the physical world. The Stored Communications Act (SCA) was cited numerous times. This regulation predates back to President Ronald Reagan’s administration:
Overseas records must be disclosed domestically when a valid subpoena, order, or warrant compels their production. The disclosure of records under such circumstances has never been considered tantamount to a physical search under Fourth Amendment principles, and Microsoft is mistaken to argue that the SCA provides for an overseas search here. As there is no overseas search or seizure, Microsoft’s reliance on principles of extra-territoriality and comity falls wide of the mark.
Microsoft’s attorneys said that this decision has troublesome, wide-ranging and global implications. “Congress has not authorized the issuance of warrants that reach outside US territory,” Microsoft’s attorneys wrote. “The government cannot seek and a court cannot issue a warrant allowing federal agents to break down the doors of Microsoft’s Dublin facility.”
Microsoft, the multi-billion-dollar, U.S.-based company, incorporated and headquartered in Redmond, Washington said that consumer trust is negative in the wake of the Edward Snowden revelations. The company told the US judge who was presiding over the case that “[t]he government’s position in this case further erodes that trust and will ultimately erode the leadership of US technologies in the global market.”
Other companies like Apple, Verizon, AT&T and Cisco have taken a similar stance. Verizon said that if a decision favoring the US’ position is taken, it would lead to “dramatic conflict with foreign data protection laws.”. Apple and Cisco have motioned similar statements, saying that the technology sector is put “at risk” of sanctions from foreign governments, suggesting that the US should seek cooperation with foreign nations via treaties and not through coercion. The US government however was in disagreement, saying that treaties are impractical.
The Department of Justice says global jurisdiction is required in an age when “electronic communications are used extensively by criminals of all types in the United States and abroad, from fraudsters to hackers to drug dealers, in furtherance of violations of US law.”
The warrant for the e-mail data sought from Microsoft by the US government is linked to a drug-trafficking investigation. Microsoft stores emails on servers that are geographically closer to the account owner.
In a recent filing, the Irish Supreme Court wrote that the most “efficient” way for the US government to obtain the concerned email data from Microsoft’s servers was through the “Mutual Legal Assistance Treaty”.
Orin Kerr, a Fourth Amendment expert at George Washington University, said, “The scope of the privacy laws around the world is now a very important question, and this is the beginning of what may be a lot of litigation on the question. So it’s a big case to watch.”
Christopher Soghoian, principal technologist at the American Civil Liberties Union says that Microsoft is legitimately fighting to maintain their foreign customers. These movements are necessary “to signal to their foreign corporate and government customers that their data remains safe in the cloud.”