The fight between Microsoft Inc. (NASDAQ: MSFT) and the federal government over the privacy of digital data has reached new heights. At the heart of the matter is whether the company can be compelled to turn over emails stored on overseas servers. Both sides are now making their arguments before the Supreme Court.
In 2013, federal agents served a search warrant on Microsoft’s headquarters in Redmond, Washington for the contents of a cloud customer’s email data. They claimed the data was related to a narcotics investigation. Because the emails were stored on the company’s servers in Dublin, Ireland, Microsoft refused and said the U.S. should work with Irish authorities on the matter.
The case will have a far-reaching impact on the privacy of digital data. A win for Microsoft could create places where governments would be unable to obtain evidence of serious crimes. A victory for the government would allow any country to seek data stored anywhere in the world.
Microsoft argued before the Supreme Court that search warrants issued in the U.S. have no effect beyond U.S. borders. The company has also said that giving up information stored in other countries would make those countries hesitant to trust U.S. data providers if their own privacy laws were not respected. The company has more than 100 data centers in 40 countries and is not eager to lose any of its foreign customers.
The digital privacy law now on the books was passed in 1986. The current Stored Communications Act, part of the Electronic Communications Privacy Act, does not explicitly address if the law applies overseas. Microsoft says the law needs to be updated to reflect that technology has advanced significantly since the law was created.
A recently introduced law, called the Cloud Act, would amend the Stored Communications Act and set out a process for how to deal with law enforcement requests for customer data stored internationally. The request would be deemed legitimate if the customer it pertained to was a resident of the U.S. and it did not breach the laws of the foreign country. The provider could challenge the request if it believed it was illegal under a foreign government’s laws.