A monumental court case resumed Wednesday between Microsoft and the U.S. Department of Justice that will set critical precedent in determining the legality of data collection from domestic companies abroad.
The case in question – which is being heard in the Second Circuit Court of Appeals – involves concerns regarding a search warrant that the feds say should compel the tech company to retrieve emails held on a Hotmail server in Ireland.
In opening statements, the Justice Dept. had the hubris to tell the appeals court that it has “the right to demand the emails of anyone in the world from any email provider headquartered within U.S. borders” – and asserts that the emails should be treated as “business records” which would only require a search warrant to obtain.
Microsoft however contends that the government is overstepping its authority by demanding they hand over their customers’ emails when they’re stored on servers in data centers outside the country, and maintains that customers’ emails are “personal documents” which are exempt from third-party doctrine.
“This is an execution of law enforcement seizure on their land,” Microsoft Attorney Joshua Rosenkranz said in court. “We would go crazy if China did this to us. This notion of the government’s that private emails are Microsoft’s business records is very scary.”
Additionally, organizations like Apple, Verizon, Cisco, the government of Ireland, Fox News, NPR and the Guardian have filed amicus briefs with the court asserting that the case could enable governments around the world to seize information held in the cloud.
A win for the feds would make everyone’s data “fair game” for governments outside the U.S., Electronic Frontier Foundation Attorney Lee Tien said. “Maybe your data goes to a country where they’re not as protective of data as the United States and they decide they don’t even need a warrant.”
In Dec. 2013, Microsoft – which is based in Redmond, Washington – first received the search warrant that requested access to emails stored on servers in Ireland, and challenged the order in court last year on the grounds that an Irish data center cannot be subject to U.S. laws.
The Justice Dept. claimed they were seeking records of drug suspects involved in a trafficking investigation and said that U.S. companies are subject to U.S. laws, now matter where their offices might be located.
Microsoft lost the first ruling but appealed the decision.
“In a nutshell, this case is about how we best protect privacy, ensure that governments keep people safe, and respect national sovereignty while preserving the global nature of the internet,” Microsoft
The choice of complying with U.S. laws while breaking international ones, or following foreign laws in defiance of federal orders has not been an easy one for the company, and Smith says “there is an important debate to be held about the best way to reform the law and international relationships, and [that] there are critical policy considerations on both sides.”
If Microsoft loses the case, tech companies could lose many customers concerned about their privacy – especially in foreign countries. In the wake of the Snowden leaks in 2013, the industry suffered losses of not only trust, but billions of dollars in revenue, some estimates say.
The appeals court is comprised of a three-judge panel who will determine the outcome of the case in the coming months.