Earlier this year, a US judge ordered Microsoft to hand over details of a customer’s email conversations.
Why so controversial? Because the contents of those emails were stored on servers located in Dublin, Ireland.
Check out this video that Microsoft published yesterday. It’s the latest salvo in Microsoft’s PR campaign to protect the privacy of its users from over-reaching governments.
The above video summarises Microsoft’s objections clearly:
“Microsoft is resisting this warrant on the grounds that digital content should have the same privacy protections as physical content. The US government would not attempt to travel to another country and execute a search warrant. The approach shouldn’t change just because that content is stored digitally.”
Microsoft’s deputy general counsel, David Howard, summarised the company’s objection to the judge’s ruling in a blog post earlier this year:
“The US government doesn’t have the power to search a home in another country, nor should it have the power to search the content of email stored overseas.”
“A US prosecutor cannot obtain a US warrant to search someone’s home located in another country, just as another country’s prosecutor cannot obtain a court order in her home country to conduct a search in the United States.”
In an appeal filed last week by Microsoft, the company claimed that the US government’s move was comparable to the German Stadtpolizei serving a warrant on the Deutsche Bank headquarters in Germany to obtain records that an American reporter has stashed in a safety deposit box at a New York bank:
Imagine this scenario. Officers of the local Stadtpolizei investigating a suspected leak to the press descend on Deutsche Bank headquarters in Frankfurt, Germany. They serve a warrant to seize a bundle of private letters that a New York Times reporter is storing in a safe deposit box at a Deutsche Bank USA branch in Manhattan. The bank complies by ordering the New York branch manager to open the reporter’s box with a master key, rummage through it, and fax the private letters to the Stadtpolizei.
The US Secretary of State fumes: “We are outraged by the decision to bypass existing formal procedures that the European Union and the United States have agreed on for bilateral cooperation, and to embark instead on extraterritorial law enforcement activity on American soil in violation of international law and our own privacy laws.”
Germany’s Foreign Minister responds: “We did not conduct an extraterritorial search—in fact we didn’t search anything at all. No German officer ever set foot in the United States. The Stadtpolizei merely ordered a German company to produce its own business records, which were in its own possession, custody, and control. The American reporter’s privacy interests were fully protected, because the Stadtpolizei secured a warrant from a neutral magistrate.”
No way would that response satisfy the US Government. The letters the reporter placed in a safe deposit box in Manhattan are her private correspondence, not the bank’s business records. The seizure of that private correspondence pursuant to a warrant is a law enforcement seizure by a foreign government, executed in the United States, even if it is effected by a private party whom the government has conscripted to act on its behalf.
I can hardly imagine the United States being happy with Germany’s response in that hypothetical scenario. So why should America be allowed to get away with it in real life?
Microsoft deserves our support and whole-hearted thanks for playing hard ball with the US authorities on this important privacy issue.
To find out more, visit the Digital Constitution website.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.