Last year, we were appalled when the Department of Justice (DOJ) issued a search warrant to Microsoft demanding that it hand over the emails of an Irish drug suspect stored on a server in Ireland. The incident raised major questions about the ability of U.S. companies to operate overseas.
On the one hand, if a U.S. company faces an Irish law that prohibits release of a citizen’s private information without authorization by Ireland, the company’s ability to continue serving customers in Ireland calls for compliance with Ireland’s law. Alternately, if the same U.S. company faces a demand from a U.S. government department accustomed to rapid compliance on its warrants, resisting warrants could raise serious legal issues for the company here at home.
The DOJ would be rightly annoyed if Ireland issued an Irish search warrant seeking the private emails of a U.S. citizen on a U.S.-based server. That would be an arrogant and unproductive move. Indeed, NSA has already earned a reputation for unwelcomed violations of Europeans’ telephone and internet privacy. European resentments stemming from those privacy violations have real financial and economic consequences.
Large contracts for internet services that were held by U.S. companies are being lost as a result of NSA’s privacy violations. These high tech contracts are the source of well-paying jobs that the U.S. needs and the government should not jeopardize them through international privacy violations merely to reduce its workload in obtaining evidence. The international backlash due to NSA’s privacy violations is estimated to cost up to $180 billion per year, and as many as two million U.S. jobs. DOJ’s heavyhanded invasion of Irish sovereignty suggests it either doesn’t understand or does not care about the U.S. economy.
It would be smarter for law enforcement in both countries to coordinate on search warrants. For evidence worth having, surely a justifiable cause can be communicated between the international police forces. The justification may be as simple as a statement of compelling reasons that would lead a U.S. judge to issue a search warrant. The DOJ should not use threats to force a U.S. firm to do their dirty work.
Fortunately, some in Congress are heading in the right direction on these issues. The Law Enforcement Access to Data Stored Abroad (“LEADS”) Act, reintroduced today by Sen. Orrin Hatch (R-UT) will protect the privacy of American information stored abroad and yet establish a fair process for obtaining this data while respecting the laws of other countries. It sets up a reciprocal path for foreign law enforcement lawfully seeking their citizens’ information stored in the U.S.
LEADS will improve and facilitate the Mutual Legal Assistance Treaty process to address issues inherent in issue involving U.S. companies operating abroad, much like the case seeking an Irish citizen’s email. LEADS will also discourage countries from establishing data localization requirements, which has become a movement in reaction to privacy violation resentments. Data localization laws inhibit storing foreign individuals’ information on U.S. located severs – essentially, which would be a competitive and economic disadvantage to U.S. firms operating overseas.
This is a second attempt by Congress to pass LEADS, but setting justice straight is worth more than one attempt.
Alan Daley writes for The American Consumer Institute Center for Citizen Research, a nonprofit educational and research organization. For more information, visit www.theamericanconsumer.org.