The government argued that Microsoft had to “deliver records, physical objects, and other materials” no matter where they were located, so long as they were subject to the company’s custody and control, according to court documents. The appeals court decision invalidates a key legal tool the USA government uses to apply extraterritorially.
Advertisement
Microsoft Corp. won’t be forced to turn over e-mails stored in Ireland to the US government for a drug investigation, a court said in a decision that may affect data security throughout the USA technology industry. As much as 90 per cent of Europeans personal data is processed by U.S. services and 82 per cent of Facebook’s European data passes through Ireland.
In a case closely watched by much of the tech industry, an appellate court has ruled in favor of Microsoft, finding that the company does not have to turn over the contents of an Outlook.com user’s inbox to American investigators because that user’s data is held overseas, in Ireland.
In December 2013, authorities obtained an SCA warrant, which was signed by a judge, as part of a drug investigation and served it upon Microsoft. “It’s in effect saying to the people of Ireland, their law doesn’t matter. that is not a recipe for the success of the United States technology sector, and not a recipe that people have trust in technology”.
But the judges concluded that Congress did not intend the law used in the case – the Stored Communications Act – to apply outside the US.
Circuit Judge Susan Carney, full text here, stated that warrants issued under the Stored Communications Act are applicable to data stored within the United States; U.S. service providers are not required to honor warrants seeking data stored over seas. The focus of those provisions is protection of a user’s privacy interests.
The Manhattan-based court overturned a ruling by U.S. District Judge Loretta Preska rejecting Microsoft’s challenge to the U.S. demand for the contents of a customer’s MSN.com e-mail account.
The architect of Microsoft’s legal action, told us in January that cloud providers had to win the public’s trust. To protect customer data, it has begun storing information in Germany.
Advertisement
Microsoft insists that if the United States government wanted access to the data they should pursue existing legal avenues to access the data, such as going through the European Union mechanisms for law enforcement and data transfer.
