Tech giants to U.S.: Stop overseas data snooping
U.S. companies that host services over the Internet and sell remote data storage say they stand to lose billions of dollars in business if emails and other files they house overseas are seen as vulnerable to U.S. snooping.
The Associated Press
NEW YORK — Microsoft and four other large American technology companies are using a Manhattan court case to draw a line in the cloud, saying the U.S. government has no right to seize computer data stored outside the country.
U.S. companies that host services over the Internet and sell remote data storage — a concept broadly known as “cloud computing” — say they stand to lose billions of dollars in business if emails and other files they house overseas are seen as vulnerable to U.S. snooping.
Lawyers for the companies say the perception was stoked by former National Security Agency systems analyst Edward Snowden’s revelations last year that the U.S. and other countries’ intelligence agencies routinely and indiscriminately gather and store huge amounts of data from phone calls and Internet communications.
And privacy protection was harmed again in April, they say, when a Manhattan magistrate judge concluded it was legal for the government to order Microsoft to comply with a sealed search warrant for a consumer email account it stores in Dublin.
A Microsoft vice president wrote in a court document that the company offers its cloud services in more than 100 countries and tries to keep a customer’s data — including email, calendar entries and documents — in a data center near where the customer is located for easy and cost-effective access.
Microsoft maintains data centers worldwide, including in the United States, Ireland, the Netherlands, Japan and Brazil.
The mammoth Redmond-based technology company said in court papers this month that the ruling threatens to rewrite the Constitution’s protections against illegal search and seizure, damage U.S. foreign relations and “reduce the privacy protection of everyone on the planet.”
“Over the course of the past year, Microsoft and other U.S. technology companies have faced growing mistrust and concern about their ability to protect the privacy of personal information located outside the United States,” Microsoft said. “The government’s position in this case further erodes that trust, and will ultimately erode the leadership of U.S. technology companies in the global market.”
Two phone carriers, Verizon Communications and AT&T, have joined the fight, along with Apple and Cisco Systems, submitting arguments in support of Microsoft in recent days to a district judge before a late-July hearing.
In court papers, prosecutors said Microsoft’s position that the warrant effectively authorizes law-enforcement agents to conduct a search in Ireland is “simply not so.”
They said the warrant is the functional equivalent of a subpoena compelling Microsoft to review its stored records and produce relevant material.
Microsoft’s position “serves as a dangerous impediment to the ability of law enforcement to gather evidence of criminal activity,” they said.
Microsoft lost the first round of what is likely to be a lengthy court battle in April, when the New York magistrate judge who issued the search warrant in December ruled that the Stored Communications Act in the Electronic Communications Privacy Act of 1986 gave the government authority to subpoena information on the Internet that is stored outside the country.
Magistrate Judge James Francis referred to the warrant as a “hybrid — part search warrant and part subpoena” — and said it has long been law that the recipient of a subpoena must produce information in its possession regardless of where it is stored.
Francis added that if territorial restrictions on conventional warrants were extended to cyberspace, “the burden on the government would be substantial, and law- enforcement efforts would be seriously impeded.”
With such warrants, information can be seized overseas only under terms of a Mutual Legal Assistance Treaty between the countries.
Already, Microsoft said, foreign leaders are raising concerns about the ruling. Compliance with U.S. search warrants may cause companies to violate data-protection laws in countries where the targeted data is stored, it added.
Microsoft said it has encountered “rising concerns among both current and potential customers overseas” and that some customers have cited the ruling as they chose a foreign provider to store data.
“If this trend continues, the U.S. technology sector’s business model of providing ‘cloud’ Internet-based services to enterprises, governments, and educational institutions worldwide will be substantially undermined,” Microsoft said.
Lawyers for Apple and Cisco filed a brief Friday. They said the ruling puts “Apple and other providers in the untenable situation of being forced to violate one nation’s laws to comply with another.”
In court papers last week, Verizon said the ruling, if allowed to stand, “would have an enormous detrimental impact on the international business of American companies, on international relations and on privacy.”
It said the ruling “could cost U.S. businesses billions of dollars in lost revenue, undermine international agreements and understandings, and prompt foreign governments to retaliate by forcing foreign affiliates of American companies to turn over the content of customer data stored in the United States.”
In court papers, AT&T said the ruling threatened to provide law enforcement with “a global information access tool without bounds.”