Microsoft wins appeal over US government access to data stored on foreign servers

Microsoft has won an appeal over a search warrant served under the Stored Communications Act (SCA) in the United States, which aimed to compel the company to turn over the contents of an email account stored on servers in Ireland.

In 2014, a US District Court ordered Microsoft to hand over the emails and associated data of one of its customers to US authorities as part of a narcotics investigation, despite that data being stored overseas. The company said that it would fight the order - a fight that didn't go well, at first; indeed, in September 2014, Microsoft was found to be in contempt of court after it failed to hand over the data, but insisted that it had a clear obligation to protect the privacy of its customers by disputing the decision.

The company has maintained that position ever since - and its tenacity has finally paid off.

The Court of Appeals for the Second Circuit in New York has reversed the 2014 ruling that ordered the company to hand over the data. It also overturned the contempt of court charge.

In its ruling today, it said:

We conclude that Congress did not intend the SCA’s warrant provisions to apply extraterritorially. The focus of those provisions is protection of a user’s privacy interests. Accordingly, the SCA does not authorize a US court to issue and enforce an SCA warrant against a United States‐based service provider for the contents of a customer’s electronic communications stored on servers located outside the United States. The SCA warrant in this case may not lawfully be used to compel Microsoft to produce to the government the contents of a customer’s e‐mail account stored exclusively in Ireland. Because Microsoft has otherwise complied with the Warrant, it has no remaining lawful obligation to produce materials to the government.

Microsoft President and Chief Legal Officer Brad Smith hailed the decision as a "major victory for the protection of people's privacy rights under their own laws rather than the reach of foreign governments." He added:

It makes clear that the U.S. Congress did not give the U.S. government the authority to use search warrants unilaterally to reach beyond U.S. borders. As a global company we’ve long recognized that if people around the world are to trust the technology they use, they need to have confidence that their personal information will be protected by the laws of their own country.

Smith also reiterated Microsoft's position that governments - including, but not limited to, that of the United States - must confront the need for more realistic legislation in the digital age, and consider fresh laws to deal with circumstances that simply didn't exist when many laws still in use today were first conceived. He explained:

Today’s decision means it is even more important for Congress and the executive branch to come together to modernize the law. This requires both new domestic legislation and new international treaties. We should not continue to wait. We’re confident that the technology sector will continue to roll up its sleeves to work with people in government in a constructive way. We hope that today’s decision will bring an impetus for faster government action so that both privacy and law enforcement needs can advance in a manner that respects people’s rights and laws around the world.

A spokesperson for the Department of Justice told Ars Technica: "We are disappointed with the court's decision and are considering our options."

Source: Microsoft v United States (US Court of Appeals for the Second Circuit) via Reuters

Report a problem with article
onedrive-universal
Next Article

Microsoft begins chopping down users' free OneDrive storage

dsc07231
Previous Article

Microsoft adds Interpol to Xbox One Backward Compatibility

5 Comments - Add comment

Advertisement