Microsoft Appeals for Data Privacy Overseas

The information age that we are living in may be better described as the battle for information age. Companies such as Elsevier are running academic paywalls that hold valuable research and discoveries for ransom, hackers are constantly coming up with more inventive ways to steal information- sometimes millions of peoples’ at a time, the copyright industry is doing all they can to censor the internet, and government agencies like the NSA and GCHQ are continually trying to expand their dragnet of information. It seems that one way or the other someone is making a grab for information. All of these issues are important, but the overreach of the NSA and GCHQ  into netizens’ daily lives and data privacy is the most personal.

Data Privacy Overseas: Whose is it?

The Snowden leaks told us not only of the trespasses of privacy that governments make on a regular basis; but it also revealed the underground fight that many of the top tech companies put up. Now that the cat is out of the bag it seems much easier for these same companies to make a public statement about the egregious demands of the spy agencies’ attempt to infringe on data privacy.

In the US, Microsoft is currently in the appeals process after challenging the legality of the latest government overstep. In December of 2013 the US Justice Department served a warrant to Microsoft. The warrant stems from a narcotics investigation and demanded access to a storage facility housed outside of the US- in Ireland. Before this, Microsoft easily complied with handing over the address book of the suspect that was stored in the US.

This warrant from a narcotics investigation may have far reaching consequences by setting a precedence of limited data privacy abroad. Not only will the DOJ be able to continue this practice, but other countries may follow suit as well. Because of this Microsoft is being backed by other tech giants such as Apple, AT&T, as well as the ACLU.

Indeed, forcing the handing over of information stored in another country seems like a bit of a reach. Joshua Rosenkranz, Microsoft’s lawyer made a valid point when he said;

We would go crazy if China did it to us. This is a matter of national sovereignty.

Politico reports that Microsoft maintains, “the emails are governed by Irish law, the same way physical letters stored in a Dublin file cabinet would be — so if the U.S. government wants them, it should ask the Irish government to obtain them and turn them over. The company also maintains that the emails belong to the customer, and that Microsoft is just storing them on his or her behalf.” This seems like the best way to look at data privacy when it is stored abroad.

According to the court papers, Microsoft urged this issue in data privacy to be brought to congress because they are best equipped to “…grapple with the question whether, and when, law enforcement should be able to compel providers like Microsoft to help it seize customer emails stored in foreign countries. Only Congress has the institutional competence and constitutional authority to balance law enforcement needs against our nation’s sovereignty, the privacy of its citizens and the competitiveness of its industry.”

However, Microsoft may not get the reprieve from Congress that they hope for. A current bipartisan bill is currently making its way through the ranks. Dubbed the Law Enforcement Access to Data Stored Abroad Act, this bill clarifies the governments ability to follow through on search warrants of US citizens who have their information stored overseas. If the US government continues to win the appeals process a worldwide debate on data privacy and the sovereignty of nations’ data stored within their borders will be inevitable and complicated.

Implications of the Loss of Overseas Data Privacy

As of now, Microsoft’s biggest argument is that complying the the DOJ’s command will spell the loss of customers. Following the Snowden leaks Microsoft, as well as several other companies like Verizon, lost large partnerships with companies from countries overseas. The concern- and rightfully so- was that US companies could not guarantee the privacy of their customers data.

Because of this, tech companies began signing contracts promising that they would not disclose their customers’ information with other governments. This basic promise of data privacy is beginning to look less and less likely to be kept. Losing another case of this nature further inhibits their ability to protect their customers and will have the same negative effect on their bottom line.

Successful prosecution of this case by the DOJ also spells uncertainty for smaller companies who manage their clients’ data through companies like Microsoft, Amazon, and Google. Given that they have no choice over where their data is housed it is not unlikely to think that they would be forced to comply with four, five, or more countries’ laws without knowing or having a say.

Google is staying out of the fight- not offering their say when Apple and AT&T supported Microsoft. But Nicole Jones, a senior law enforcement and security counsel at Google, said the company, “is obviously watching [the case] very carefully.”

If Microsoft suffers another loss during the appeals process they have vowed to take the case to the Supreme Court. Which is essential given the consequences this case has on data privacy. But having the Supreme Court hear the case is an uphill battle in itself. It’s unlikely that they would be willing to hear this case based simply on Microsoft’s bottom line.

feature image courtesy of Ben Franske

If you take your privacy as seriously as we do, then you should follow @LiquidVPN

You can follow the author @FreelanceTony

Share this article with your friends and stuff