Government ‘Rewrites’ Law To Access Microsoft Emails Stored Overseas

Giuseppe Macri Tech Editor
Font Size:

In a brief filed late Wednesday, Microsoft said the federal government’s legal argument for seizing user emails stored overseas “rewrites” an almost 30-year-old law to “reinterpret” it in a way it was never meant to be used.

At the heart of the issue is a government warrant for Microsoft user emails stored on a server in Dublin, Ireland, which the government claims are relevant to an ongoing drug trafficking investigation. To justify the seizure of the data outside of U.S. territory, the government is basing its argument on legislation born out of the Reagan era.

“The statute in this case, the Electronics Communications Privacy Act, is almost 30 years old,” Brad Smith, general counsel for Microsoft, said in a blog post Thursday. “That’s an eternity in the era of information technology.”

“For an argument that purports to rest on the ‘explicit text of the statute’… the government rewrites an awful lot of it,” the brief filed late Wednesday said.

The government argues that because Microsoft is a U.S.-based company, it must comply with a valid warrant for “business records” regardless of where they’re stored.

According to Microsoft, the government’s authority does not extend outside of U.S. territory, and that lumping private communications under the definition of “business records” undermines users’ Fourth Amendment protection. The company further argues that setting such a precedent threatens public trust in Microsoft and other companies’ cloud-based services. (RELATED: Microsoft Disputes Government Request For Overseas Emails)

Microsoft argues digital records are guaranteed the same rights as physical documents under Fourth Amendment protection against unlawful search and seizure, and that for the government to obtain records stored overseas, it must go through the foreign government in question.

“Looking back, there’s no indication that Congress intended to expand the geographic reach of search warrants when the statute was written in 1986, long before the dawn of the era of cloud computing,” Smith wrote.

Beyond that, Smith said, Congress must update the law — not allow the government to twist its original intent.

“Congress already is looking at potential ideas that we believe would address the issues that the government raises in this case,” Smith wrote. “A good example is the bipartisan LEADS [Law Enforcement Access to Data Stored Abroad] Act, which has been introduced in both the House and Senate. It would address a number of the government’s concerns about the needs of law enforcement while offering strong privacy protections for people everywhere, including non-U.S. citizens and residents.”

The U.S. District Court for the Southern District of New York sided with the government last summer. Microsoft appealed the case, which goes before the U.S. Second Circuit Court of Appeals in summer 2015. (RELATED: Obama Administration Claims The Right To Access U.S. Company Data Stored Overseas)

Microsoft’s case marks a significant change in company policy and an obvious attempt to regain public trust. According to documents leaked in 2013 by National Security Agency whistleblower Edward Snowden, Microsoft was one of the intelligence agency’s closest secret collaborators, and consistently built new avenues for the government to access troves of user communications through Hotmail, Outlook, Skype and other services.

Follow Giuseppe on Twitter and Facebook