Microsoft is challenging a data request from the US government which, if it loses, could effectively kill all chances of US companies running cloud businesses anywhere else in the world.
In December 2013, the US government obtained a search warrant requesting information about an email user for an investigation apparently involving drugs and money laundering. Vole said that the data was stored in Ireland, and the company argues the US can’t force it to hand over data stored outside American soil.
The government wanted data associated with an Outlook.com email account, including the content of all emails and the identifying information of the account, according to the search warrant sent to Microsoft.
Microsoft fears that if it hands over the information it means that the US government has a right to take any information which is stored in its cloud. Since the EU would never allow that, it would mean that Microsoft’s cloud business in Europe would be threatened.
Microsoft asked the judge to throw out the request, arguing that the US government doesn’t have the authority to request data overseas with a search warrant.
However another judge in New York ruled in April that Microsoft was compelled to turn over the data regardless of where it’s stored.
In a court filing made public on Monday, Microsoft argued that a search warrant doesn’t apply overseas. Since it doesn’t give authority to “break down the doors of Microsoft’s Dublin facility,” it shouldn’t give the government authority to access data within that facility, Microsoft argued.
Vole said that the warrant was broad and vague, as it requests all content in the user’s account.
Brad Smith, Microsoft’s general counsel, said at a conference in New York it was the broadest possible warrant that one can imagine in the 21st century.
Redmond wants the government to use another, legal way to access this kind of data: a so-called mutual legal assistance treaty, or MLAT.
Under that agreement US authorities can access data in that country but, in turn, have to comply with local laws.
The US government argues that companies can’t refuse to comply legal requests “simply by storing the data abroad”.
Preet Bharara, United States attorney for the Southern District of New York, said criminals could skirt investigations by lying about their locations and thus forcing Microsoft to store data outside the US, and far from American law enforcement’s reach.
Vole has a lot of legal support for its view. Experts say the relevant law in the case, the oft-maligned 1986 Electronic Communications Privacy Act (ECPA), clearly requires warrants when accessing content information, and subpoenas have different requirements.
Microsoft said that if the US government’s position is upheld, will end up harming US citizens’ privacy interests because it will invite prosecutors abroad to conduct themselves in the same way, ignore treaty obligations, and serve some form of unilateral process on Microsoft in their countries to obtain US citizens’ data stored in the United States.