Microsoft joins Justice Department in asking Supreme Court to drop data privacy case

By Dan Thorp-Lancaster
published

In a new court filing, Microsoft agrees with the Justice Department that the CLOUD Act negates the need for a ruling in a long-running data privacy case.

Microsoft logo at Ignite
Microsoft logo at Ignite (Image credit: Windows Central)

Microsoft today followed the Justice Department in calling on the U.S. Supreme Court to dismiss a privacy case it is currently considering. In a court filing, reported by Reuters, Microsoft stated that it agrees with a Justice Department filing from over the weekend that the case should be dismissed in light of a new law passed by Congress that would render the ruling moot.

"Microsoft agrees with the government that there is no longer a live case or controversy between the parties with respect to the question presented," Microsoft writes in the filing.

The legal fight in question goes back to 2013, when government served Microsoft with a domestic warrant requesting emails stored at a data center in Ireland. Microsoft argued that U.S. law doesn't grant the government the right to access private information stored abroad, and that law enforcement should work with Irish authorities instead. The government argued that Microsoft should have to comply with the warrant because it is headquartered in the U.S. In 2016, an appeals court sided with Microsoft.

However, now, both the Justice Department and Microsoft argue that the Clarifying Lawful Overseas Use of Data Act (CLOUD Act), which was recently signed into law, eliminates the need for a court ruling by providing a legal framework that clarifies the government's right to issue warrants for data stored overseas by U.S. companies. The Justice Department says that it has obtained a new warrant under the new law.

Both parties supported the CLOUD Act's, and Microsoft, in particular, was quite vocal that it was Congress' duty to take action to clarify the law. "The CLOUD Act both creates the foundation for a new generation of international agreements and preserves rights of cloud service providers like Microsoft to protect privacy rights until such agreements are in place," Microsoft President and Chief Legal Officer Brad Smith said in a blog post today. (opens in new tab)

Dan Thorp-Lancaster
Dan Thorp-Lancaster

Dan Thorp-Lancaster is the former Editor-in-Chief of Windows Central. He began working with Windows Central, Android Central, and iMore as a news writer in 2014 and is obsessed with tech of all sorts. You can follow Dan on Twitter @DthorpL and Instagram @heyitsdtl

5 Comments
  • I do not see how spending on cloud storage could be such an issue as one can argue the same about paper storage or liquid storage or even food storage. Everyone must see the valance on things and if the balance is lost than that's when the issue should be address in a properly way and not to be force as it could cost more damage to the individual.
  • This isn't about spending. The issue is clarifying the legal process in which the U. S. Government can obtain warrants for cloud data stored overseas. Laws are different in other countries and it has been argued that Cloud providers do not have to comply with US warrants, when data is stored in a different country. This is simply a matter of closing those international legal loopholes that companies use to protect the data of its customers. In my opinion, regardless of where data is stored, when it comes to criminal investigations with proper US warrants of data stored on servers in other countries, the local laws of that country should not apply. Having to work around the red tape of the laws of a particular country and dealing with local law enforcement can create an obstacle with time sensitive situations. There will be enough legal hurdles to deal with on the US side. Cloud data can be easily accessed by MS, Google, Apple or any cloud storage provider, regardless of the country. I guess the other thing to consider would be whether or not those servers are used for cloud storage of local customers or US customers. I think that might be where things can get a bit tricky legally. Laws will likely be applied differently, depending on citizenship of the person(s) being investigated. Which jurisdiction has authority and who issues the warrant? That's why there is so much debate over who is write and why MS sides with the DOJ. Our government has to work with governments in other countries to iron out when the US can and cannot issue warrants on cloud data being served in other countries.
  • I wonder if you would feel the same if the Chinese government was asking the Chinese branch of Microsoft to hand over data stored on an American server. The problem here is that data was stored in you Ireland and Ireland has much stricter data privacy laws in the US, and Washington was trying to sidestep these laws by applying for warrant in America where they don't have to provide justification for a data request.
  • It's not a loophole, it's a requirement if European law.
  • There are multiple issues to consider. The location of the entity the U.S. government thinks they have the right to spy on, their nationality (potentially multiple) and the locations of the servers storing the data (potentially multiple). There is a lot of legal mumbo jumbo that makes much of this unnecessarily complicated, and despite the hundreds of millions being spent to figure out how the current laws apply and what, if anything, must be amended, it won't change anything. Nobody trusts the U.S. government to respect U.S. citizens fourth amendment rights, much less the far stricter privacy laws in other countries. Either MS retains the ability to protect their data on forign servers, particularly data from non U.S. customers, or MS will outsource those servers entirely to third parties in countries like Germany or Switzerland, thereby protecting their customers data from themselves (and U.S. overreach). No matter what legal framework U.S. legislators establish, as long as some governments care about privacy protections, there will be ways for MS to guarantee their customer's data is private, which MS simply must if they wish to retain large international customers.