Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Privacy

Microsoft, U.S. Clash in Court on Overseas Email Warrant

Microsoft and the US government clashed Wednesday in an appellate court hearing on law enforcement access to emails stored overseas, in a case with important implications for global data protection.

Microsoft and the US government clashed Wednesday in an appellate court hearing on law enforcement access to emails stored overseas, in a case with important implications for global data protection.

Allowing the government to carry out its warrant for its emails stored in Ireland could create “a rule for global chaos,” said Joshua Rosenkranz, an attorney arguing for Microsoft in the New York federal appeals court.

Siding with the US in the case could give free rein to foreign governments to demand comparable records from US interests, Rosenkranz said.

“If we can do this to them, then they can do that to us,” Rosenkranz said. “We would go crazy if China did this to us. Why? Because this case is about sovereignty.”

US officials in December 2013 persuaded a magistrate judge to grant a warrant to access to a Microsoft-based email account that was suspected of being used in narcotics trade.

But Microsoft refused to comply, saying the records were stored at a data center in Dublin, Ireland. A US district court sided with the government.

Rosenkranz said the 1986 US law cited by the government in the case predates modern communication systems, including the use of overseas data storage, and that there is nothing in the statute that implies that it governs overseas operations.

The government has argued that the specific location of the records is irrelevant because Microsoft, as a US company, is subject to US rules.

“Under international law… the norm is that sovereigns have jurisdiction over entities before them and can compel them to produce materials,” said Justin Anderson, an assistant US attorney.

A legal brief outlining the government’s case quoted an earlier ruling on overseas records that said: “the test for production of documents is control, not location.”

Since Microsoft officials in the US maintained control over the Dublin data center, they must hand over the records, Anderson said.

Members of the three-judge panel seemed open to both sides and extended an oral argument originally scheduled for 24 minutes well past an hour.

“The implications of what we do here are obviously broad,” said appellate judge Gerard Lynch.

Microsoft has won backing from numerous tech, media and telecom heavyweights, including Apple, the Washington Post and Verizon.

The Center for Democracy and Technology, which has supported Microsoft, warned of an international “Wild West” if the warrant is upheld as foreign governments seek to seize data held in the US.

“The economic consequences of this case could be huge,” said Greg Nojeim, an attorney at CDT.

“It could make it even more difficult for US providers to sell services abroad when the US government claims special rights to access content conveyed over those services. Many potential customers will conflate such access with NSA (National Security Agency) surveillance, to the detriment of US cloud providers.”

Written By

AFP 2023

Click to comment

Expert Insights

Related Content

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Ransomware

US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Privacy

The EU's digital policy chief warned TikTok’s boss that the social media app must fall in line with tough new rules for online platforms...

Cybercrime

The owner of China-based cryptocurrency exchange Bitzlato was arrested in Miami along with five associates in Europe

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Privacy

Meta was fined an additional $5.9 million for violating EU data protection regulations with WhatsApp messaging app.

Cyberwarfare

Google Project Zero has disclosed the details of three Samsung phone vulnerabilities that have been exploited by a spyware vendor since when they still...