Oi, force Microsoft to cough up emails on Irish servers to the Feds, US states urge Supremes

AGs pressure America's top court to make Redmond hand over overseas messages

By Rebecca Hill

Posted in Cloud, 15th December 2017 18:55 GMT

Microsoft should not be able to “shield evidence” held on Irish servers from US prosecutors, a group of 35 US state attorneys general has argued.

The group – which represents Vermont, New Jersey, Illinois, Florida among other states – submitted an amicus brief to the US Supreme Court backing the US Department of Justice’s appeal in its long-running battle against the Windows giant.

The legal wrangling began in 2014, when American prosecutors took Microsoft to court to force it to hand over crime suspects' emails that were stored overseas on Microsoft servers in Ireland. The Feds demanded the private messages, citing section 2703 of the US Stored Communications Act, and Redmond refused to play ball.

We'll drag Microsoft in front of Supremes over Irish email spat – DoJ

READ MORE

Microsoft argued that the search warrant Uncle Sam obtained from a New York court for the emails couldn’t reach beyond US borders. In other words, in Microsoft's view, the Feds should have gone to the Irish courts for the warrant, rather than getting one in the US and trying to apply it overseas. The prosectors argued Microsoft is an American corporation and therefore should obey an order from an American judge; where the data sought existed was immaterial – it could be accessed from Redmond's US offices.

In July 2016, the United States Court of Appeals for the Second Circuit ruled in Microsoft's favour. The DoJ appealed to the Supreme Court, and in October, was told the Supremes would hear the case.

In their written submission to the court this month, the attorneys general described the lower court’s decision as “remarkable,” and called for it to be reversed. “The court reached this conclusion even though Microsoft could easily access the stored data from its United States offices,” the group said, echoing a key argument in the DoJ’s case against Microsoft.

They argued that it means US internet service providers and hosting companies can thwart US government attempts to access emails by storing them on a server in a foreign country, and claim the case is already having a knock-on effect in their jurisdictions.

“In recent months, in state and federal courts around the country, providers have relied on the decision [in the lower court] to refuse to comply with search warrants issued under the Stored Communications Act and its state law counterparts,” the brief stated.

This pushback, we're told, has occurred even when a court has found probable cause that an email account sought by investigators was used in connection with a crime: even though the account holder and the provider are both on US soil, the crimes were allegedly committed in America, and the data can be accessed from the US, companies have argued the information is offshore and therefore out of bounds to US courts.

The brief stated that these refusals “have had a very real and detrimental impact on Amici States’ ability to investigate crimes in their jurisdictions and to protect the safety of their residents”.

The UK government has also submitted a brief [PDF] to the Supreme Court, and said it is in support of neither party in the legal war.

However, in its argument, Blighty's officials said that a "solely location-based approach to law enforcement access to data no longer makes sense in the digital age," where companies can choose to store electronic communications in multiple nations. They went on:

Because of such storage policies, and due to technological change and the global nature of the communications environment, the U.K. does not believe that the geographic storage location of data should be the determining factor for whether or not a nation may gain access to such communications.

The Brit government added that the Second Circuit’s decision “disrupts” the cooperative process between nations and acts as an “impediment to other bilateral agreements” between the two nations.

Meanwhile, the Irish government – which has lent its support to Microsoft – submitted a brief [PDF] that is in support of neither party.

It said that it “does not accept any implication that it is required to intervene into foreign court proceedings to protect its sovereignty” and that it “continues to facilitate cooperation with other states… in the fight against crime.”

Other submissions include one from the European Commission, which last week said it planned to submit to make sure European data protection laws are “correctly understood” on both sides of the Pond. ®

Sign up to our NewsletterGet IT in your inbox daily

86 Comments

More from The Register

TalkTalk ups the (dis)satisfaction ante as UK folk wake up to borked email

New approach to dealing with complaints working wonders

'Every little helps'... unless you want email: Tesco to kill free service

Maintained for 3 years since Brit supermarket quit the ISP game

HMRC dev support team cc blurtfest: Over 1,400 email addresses blabbed

Developers find out who else is testing HMRC's tools

Finally: Historic Eudora email code goes open source

'Member that innocent, pre-Zuckerberg time?

Law forcing Feds to get warrants for email slurping is sneaked into US military budget

House slips privacy rules into Senate's files, crosses fingers

Former FBI boss Comey used private email for official business – DoJ

'I did not have an unclassified FBI connection at home that worked'

Will the defendant please rise? Utah State Bar hunts for sender of topless email

Mormons miffed by mammary missive

You've got pr0n: Yes, smut by email is latest workaround for UK's looming cock block

Automated filth shows plan just grist to the privacy activists' mill

S/MIME artists: EFAIL email app flaws menace PGP-encrypted chats

If a hacker can get into your inbox of ciphered messages, they may be able to read the content

Uni staffer's health info blabbed in email list snafu

University leaks personal data for 2nd time in 5 months