Feeds

Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers

They're not emails, they're business records, says court

Top 5 reasons to deploy VMware with Tegile

Microsoft has lost the first round in its fight to stop the US authorities from seizing customer data stored inside its overseas data centers.

Following a two-hour hearing before the US District Court for the Southern District of New York on Thursday, District Judge Loretta Preska ruled that a US warrant ordering Microsoft to hand over its customers' emails and other data was valid, even though the data in question was stored on servers in Dublin, Ireland.

Redmond had argued that because the data was managed by one of its foreign subsidiaries, local law and not US law should apply. Judge Preska disagreed.

"It is a question of control, not a question of the location of that information," she said.

Among US tech companies, Microsoft has been one of the most vocal in opposing US government requests for customer information, particularly where those requests are accompanied by gag orders preventing Redmond from discussing them with the customers in question.

In May, the software giant revealed that it had successfully challenged a so-called National Security Letter issued by the FBI, and it pledged that it would continue to challenge any future such letters demanding data about its enterprise and government customers.

Thursday's hearing involved a case where Microsoft received a search warrant seeking access to one of its European customers' emails as part of a narcotics investigation. Which agency issued the warrant is unknown because all documents related to the matter are sealed.

During the hearing, Redmond argued that under US law a warrant cannot reach beyond US shores, and that to flout this requirement for electronic communications would set a dangerous precedent.

"If the US government prevails in reaching into other countries' data centers, other governments are sure to follow," Microsoft general counsel Brad Smith wrote in an editorial in the Wall Street Journal on Tuesday.

"One already is. Earlier this month the British government passed a law asserting its right to require tech companies to produce emails stored anywhere in the world. This would include emails stored in the U.S. by Americans who have never been to the U.K."

But lawyers for the US Justice Department successfully argued on Thursday that US law already recognizes warrants for certain kinds of foreign-held information, such as financial records stored overseas by US banks. Because Microsoft is a US company and it "controls" the data held in its overseas servers, they reasoned, the same rules apply.

Redmond, on the other hand, contended that emails are the sole property of their recipients, like postal letters, and that as such they deserve greater privacy protections than do business records – an argument that apparently failed to persuade Judge Preska.

Microsoft's Smith issued a brief statement following Thursday's ruling, saying, "The only issue that was certain this morning was that the District Court's decision would not represent the final step in this process. We will appeal promptly and continue to advocate that people's email deserves strong privacy protection in the U.S. and around the world."

Judge Preska has already agreed to suspend her ruling until Microsoft challenges it in the Second US Circuit Court of Appeals. ®

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
NSA SOURCE CODE LEAK: Information slurp tools to appear online
Now you can run your own intelligence agency
Azure TITSUP caused by INFINITE LOOP
Fat fingered geo-block kept Aussies in the dark
NASA launches new climate model at SC14
75 days of supercomputing later ...
Yahoo! blames! MONSTER! email! OUTAGE! on! CUT! CABLE! bungle!
Weekend woe for BT as telco struggles to restore service
Cloud unicorns are extinct so DiData cloud mess was YOUR fault
Applications need to be built to handle TITSUP incidents
BOFH: WHERE did this 'fax-enabled' printer UPGRADE come from?
Don't worry about that cable, it's part of the config
Stop the IoT revolution! We need to figure out packet sizes first
Researchers test 802.15.4 and find we know nuh-think! about large scale sensor network ops
SanDisk vows: We'll have a 16TB SSD WHOPPER by 2016
Flash WORM has a serious use for archived photos and videos
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
prev story

Whitepapers

Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Website security in corporate America
Find out how you rank among other IT managers testing your website's vulnerabilities.