Microsoft is going head-to-head against a federal court ordered warrant that compels the technology company to release information about a customer's email content stored in one of its servers in Dublin, Ireland.
This is the first time a U.S. company has openly challenged a search warrant requiring it to disclose digital information found overseas regarding an undisclosed Outlook.com email account owned by a person allegedly involved in drug dealing and money laundering. Microsoft provided data about the account, including address book information, but refused to hand over content of the email.
In a legal briefing (pdf) filed in the New York branch of the U.S. federal district court last week, Microsoft argued that the warrant approving the government's request for data regarding the user's email content is not justified by the Constitution and that the government has to honor its mutual legal assistance treaty (MLAT) with Ireland to obtain the data requested. An MLAT requires the requesting government to comply with all local laws to receive assistance. Under Irish law, an Irish district court judge must provide authorization prior to accessing a user's email information.
Microsoft's lawyers wrote in its brief that there is no legal basis for the court to issue a warrant that allows "federal agents to break down the doors of Microsoft's Dublin facility." They also argued that the warrant is too broad and vague to abide by the Fourth Amendment's particularity requirement, which states that a search warrant must include the specific information requested. Brad Smith, general counsel for Microsoft, likened the warrant to one issued back in the Colonial days and described it as "the broadest possible warrant that one literally can imagine in the 21st century."
But the government argues that Microsoft's emphasis of the particularity requirement is "misguided" and that companies cannot avoid data requests "simply by storing the data abroad." U.S. attorney for the Southern District of New York Preet Bharara said that this could set a dangerous precedent for criminals who could circumvent the law by having their data stored in servers outside of the U.S.
"The scope of privacy laws around the world is now a very important question," says Orin S. Kerr, law professor at George Washington University. "And this is the beginning of what may be a lot of litigation on the question."
Kerr also adds that this is one of those instances where the law cannot adequately cover what technology has achieved and that Congress needs to update the Electronic Communications Privacy Act (ECPA), which was passed in 1986, when dial-up was considered state-of-the-art.
The legal battle between Microsoft and the government stems from a warrant issued by New York magistrate judge James Francis, who agrees with the government and said that the order was more of a cross between a warrant and a subpoena, a hybrid that was created by the ECPA as a means of protecting citizens' privacy. It was issued on the grounds that there was probable cause that the content of the email can lead to evidence of the crime, but it was served on Microsoft without having federal agents search the company's servers physically.
Microsoft and other major technology companies in the U.S. are increasingly growing more concerned about losing big business from foreign governments after former National Security Agency contractor Edward Snowden's leaks about the extent of U.S. government surveillance.
