news

Cisco, Verizon, HP Back Microsoft in Battle With Feds Over Search Warrants

Josh LongIn an appeal that implicates consumer privacy and could have far-reaching ramifications for the technology sector, Verizon Communications, Cisco Systems and HP filed a brief this week in support of Microsoft.

Microsoft wants to reverse a federal court decision which authorized the U.S. government – through a warrant – to compel the software giant to produce a customer’s email that was stored in a data center in Dublin, Ireland.

Congress hasn’t expressed its intent in federal statutes that domestic warrants should apply to data stored outside the United States, according to Randal Milch, general counsel for Verizon. Not only do the contents of an email belong to a customer rather than a provider, U.S. law that required an American business to hand over customer data stored overseas would conflict with several other countries’ laws and encourage foreign governments to claim the right to demand data that is stored in the U.S., Milch wrote in a blog.

In an amicus brief filed before the U.S. Court of Appeals for the Second Circuit, Verizon, Cisco and HP expressed their support for Microsoft. Also joining in the brief were eBay, Infor (US) Inc. and Salesforce.com.

The dispute dates back to a warrant that Microsoft received – issued in late 2013 by a federal magistrate – authorizing the search and seizure of information related to a specific email account. The company produced non-content information that was stored on its servers in the U.S. But Microsoft declared the government lacked the right to compel the production of email stored overseas. On July 31, in the U.S. District Court for the Southern District of New York, Chief Judge Loretta Preska ruled in favor of the U.S. Justice Department and against Redmond, Washington-based Microsoft.

The amicus brief characterized the decision by the federal court as “sweeping in its scope and impact.”

“It affects not only the email service at issue in the case, but a host of other communication services, data storage providers, and technology companies,” the tech companies declared.

Over the summer, the Justice Department declared there is nothing in federal law that exempts service providers from complying with a warrant when records are stored abroad.

At issue in the case is interpretation of the Stored Communications Act, which was enacted in 1986 as part of the Electronic Communications Privacy Act. The law authorizes government to require disclosure of emails through a subpoena, court order or warrant. 

“Contrary to Microsoft’s arguments, the SCA does not contain a ‘safe harbor’ exclusion for data that a U.S. company chooses to store overseas, much less a provision limiting a court’s authority to order the disclosure of records to those maintained in a particular physical location,” government lawyers wrote in a July 9, 2014 court filing

“There is no reason to believe that the drafters of the SCA intended to abrogate longstanding precedent holding that a recipient of compulsory process in a federal criminal investigation may validly be compelled to produce any documents under its control regardless of location,” the Justice Department added.

In September, in response to the Microsoft case, three U.S. senators introduced legislation that would amend the Electronic Communications Privacy Act.

The Law Enforcement Access to Data Stored Abroad (LEADS) Act would require the government to obtain a search warrant based on probable cause in order to access stored communications such as email. It also would authorize the use of search warrants to obtain electronic data stored outside the U.S., but only where the person tied to the communications is a “United States person.” The bill has not cleared a committee, according to Gov.Track.

“The government’s position that ECPA warrants do apply abroad puts U.S. cloud providers in the position of having to break the privacy laws of foreign countries in which they do business in order to comply with U.S. law,” said Sen. Chris Coons, a Delaware Democrat who introduced the legislation, along with Sens. Orrin Hatch (R-Utah) and Dean Heller (R-Nevada), in a Sept. 18 statement. “This not only hurts our businesses’ competitiveness and costs American jobs, but it also invites reciprocal treatment by our international trading partners.”

Organizations that are rallying to support Microsoft are as varied as the U.S. Chamber of Commerce, National Association of Manufacturers, Center for Democracy & Technology, CNN and The Washington Post. In briefs submitted to the Second Circuit in New York City, organizations have cited various concerns ranging from manufacturers’ ability to compete internationally to the effect on free speech. Journalists, for instance, fret that a decision against Microsoft would erode protections that have restricted the government’s ability to search reporters’ email without the news organizations’ knowledge.

Microsoft raises a hypothetical scenario in which German authorities investing a leak to the press serve a warrant on Deutsche Bank in Frankfurt, Germany, ordering a branch manager in the United States to open the safe deposit of a New York Times reporter, who was storing private letters.

“The letters the reporter placed in a safe deposit box in Manhattan are her private correspondence, not the bank’s business records,” Microsoft declared in its appellate brief filed this month. “The seizure of that private correspondence pursuant to a warrant is a law enforcement seizure by a foreign government, executed in the United States, even if it is effected by a private party whom the government has conscripted to act on its behalf. This case presents a digital version of the same scenario, but the shoe is on the other foot.”

Microsoft said a ruling in favor of the Justice Department would have sweeping public policy implications.

“If the government prevails here, the United States will have no ground to complain when foreign agents – be they friend or foe – raid Microsoft offices in their jurisdictions and order them to download U.S. citizens’ private emails from computers located in this country,” the company said. “That would put all of our private digital information at risk, not just emails, but everything else we store on remote computers collectively called ‘the cloud’ — a veritable ‘cache of sensitive personal information’ saturated with the highest constitutional privacy rights.”

The Justice Department is scheduled to weigh in on the appeal when it files its brief next year.


Leave a comment

Your email address will not be published. Required fields are marked *

Polls

How do you approach customer MPLS networks in the age of SD-WAN?

View Results

Loading ... Loading ...
The ID is: 89355