News

U.S. Supreme Court To Review Microsoft's Dublin Datacenter Case

The years-long dispute over whether Microsoft must submit to government requests for data stored in an offshore datacenter is going to the U.S. Supreme Court.

The case goes back to 2013, when Microsoft was ordered to turn over e-mails stored in its datacenter in Dublin, Ireland by U.S. authorities pursuing an unnamed person suspected of illegal drug activities. Lower courts had consistently told Microsoft to hand over the data, though Microsoft appealed those rulings with the backing of other cloud service providers, including Apple, AT&T, Cisco and Verizon.

On July 2016, the Court of Appeals for the Second Circuit determined that Microsoft did not have to turn over the e-mails. On Monday, the Supreme Court ordered a review of that ruling.

Microsoft's current stance is that "U.S. federal or state law enforcement cannot use traditional search warrants to seize emails of citizens of foreign countries that are located in data centers outside the United States," according to Brad Smith, president and chief legal officer at Microsoft, in an announcement Monday.

Microsoft also doesn't agree with the government's view that the service provider owns the e-mail data, "which would cause people to lose their rights when they go online," Smith noted.

Current U.S. laws associated with the 1986 Electronic Communications Privacy Act are outdated and inadequate in the cloud computing world, and weren't intended for use outside the United States, Smith contended. For its part, Microsoft is backing a congressional effort to address "cross-border data access" issues. The effort, International Communications Privacy Act of 2017 (S.2986), sponsored in the Senate by Orrin Hatch, defines how such warrants should be processed. It permits search warrants "only if the foreign government does not have a Law Enforcement Cooperation Agreement with the United States or, if it does have such a Law Enforcement Cooperation Agreement, the foreign government does not object to disclosure."

A Law Enforcement Cooperation Agreement means a mutual agreement or treaty, or it can be an executive agreement between the United States and "one or more countries," according to S.2986.

The bill was introduced last year and was referred to the Senate Judiciary Committee. There's also an identical bill in the House (H.R.5323).

Microsoft, being a U.S.-based company, has to follow U.S. laws, but the bill, if passed, would free service providers in general, including Microsoft, from having to side with one government over another in cases where the data are stored abroad, an important consideration for cloud service providers. The bill mostly seems to be a clarifying measure. It seems to streamline search warrants even when the U.S. government doesn't have a Law Enforcement Cooperation Agreement in place with a foreign government, although it's unclear how such warrants would be enforced.

Microsoft regularly complies with U.S. law enforcement requests for domestic data, with some challenges. However, this case could prove important for Microsoft and other service providers to gain trust internationally, especially in Europe, where data sovereignty and privacy issues are more greatly pursued than in the United States.

The case is known as United States v. Microsoft Corp., 17-2.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

  • IBM Giving Orgs a Governance Lifeline in Agentic AI Era

    Nearly overnight, organizations are facing brand-new challenges caused by self-directed AI systems (a.k.a. agentic AI). Big Blue is extending them some help.

  • Microsoft Launches Integrated E-mail Security Ecosystem for Defender for Office 365

    Microsoft is expanding its e-mail security capabilities with the launch of a new Integrated Cloud Email Security (ICES) ecosystem for Microsoft Defender for Office 365.

  • Microsoft Joins Workday's AI Agent Partner Network

    Microsoft has become a key partner in Workday's newly launched AI Agent Partner Network, aligning with other industry leaders to integrate AI agents into enterprise workforce systems.

  • LinkedIn CEO Ryan Roslansky To Lead Microsoft's Productivity Initiatives

    In a strategic leadership realignment, Microsoft has appointed LinkedIn CEO Ryan Roslansky to oversee its consumer and small business productivity software division, encompassing Microsoft 365, Teams and AI-driven tools like Copilot.