Microsoft argued before the Supreme Court on Tuesday that Congress, and not the courts, must decide on an issue over law enforcement's access to data stored in other countries.
In the United States v. Microsoft Corp. case, which the company and the Department of Justice have effectively been battling over since 2013, the company argues that certain laws regarding data were essentially written before cloud computing was even an idea. The law in question is the Stored Communications Act of 1986, and the Department of Justice (DoJ) used this law in order to demand that Microsoft hand over data related to a separate criminal investigation, the data was however being physically stored in a datacenter in Ireland.
In a blog post Brad Smith, the President and Chief Legal Officer of Microsoft, summarized the company's argument in this cross border data storage dilemma:
In 2013 U.S. law enforcement served on Microsoft a search warrant for customer data stored in our datacenter in Ireland. While we don’t believe that U.S. law grants the Government the right to reach across borders to obtain private information, we do believe that the U.S. should work with the Irish government to obtain the data they want. Unilateral actions like this will undermine privacy protections of customers everywhere, and are a recipe for international tensions, conflict and chaos.
The Department of Justice argues that not handing over easily accessible data is going to hinder criminal investigations. It also says that it has not heard any complaints about data grabbing so far from its counterpart law enforcement agencies in other countries.
The Supreme Court queried why it should rule on this matter when Congress is currently considering legislation that would rectify the issue. The bi-partisan motion the Supreme Court referred to is the aptly named CLOUD Act (Clarifying Lawful Overseas Use of Data). An Act that is supported by a number of large tech firms such as Apple, Google, Facebook, and Microsoft.
The CLOUD Act, if passed, would allow cross-border data agreements between the USA and other countries, so long as the countries in question are in line with certain privacy and human rights standards.
Having heard the opening arguments and discussions, Brad Smith said he felt encouraged by the proceedings so far. He also firmly reiterated that Congress must have the final say on this issue and declared that "we need 21st century laws to protect 21st century technology".