In December of 2013, the US government issued a search warrant to Microsoft, demanding access to emails stored on servers in Dublin, Ireland. Since then, Microsoft has been fighting the warrant, and taking the fight public. Microsoft’s contention is that the US has no right to issue warrants outside the US, and is using the case as a bit of a bully pulpit to get the US to examine its laws on searches, especially in a world where data sovereignty is becoming more and more important.
Yesterday, Microsoft issued a reply brief in the court battle, stating their belief that “the law is on the side of privacy” in this case. Microsoft’s General Counsel Brad Smith posted to the Microsoft on the Issues blog, again stating Microsoft’s case, and their belief that laws need to be changed, or written anew, to deal with the changing nature of data security, but that as it stands, Microsoft should not be compelled to comply with a warrant that reaches across national boundaries.
Smith goes on to reiterate Microsoft’s position that the US law they’re being held to was never intended to reach across borders to begin with:
Until U.S. law is rewritten, we believe that the court in our case should honor well-established precedents that limit the government’s reach from extending beyond U.S. borders. Looking back, there’s no indication that Congress intended to expand the geographic reach of search warrants when the statute was written in 1986, long before the dawn of the era of cloud computing. (It’s worth noting as well that the government doesn’t dispute this point.)
To the contrary, it is clear Congress’s intent was to ensure that your digital information is afforded the same legal protections as your physical documents and correspondence, a principle we at Microsoft believe should be preserved. As we’ve said before, we believe you own your data.
Microsoft’s interests are far from simple altruism, of course, and the company’s ability to protect user data (read: business data) with the likes of Azure is being watched closely by potential cloud customers. Cloud purveyors are already suffering backlash from revelations by Edward Snowden and others that call into question the US governments ability and desire to access cloud based data storage, and Microsoft needs to re-assure clients that it’s doing everything it can to keep their data safe, even from the eyes of the government. This case is offering Microsoft a chance to loudly declare their commitment to privacy and protection, so it will be interesting to see where it ends up.