What Microsoft Appeal Ponders U.S. Reaction to Foreign Data Demand

01:05 Thursday Dec 11, 2014


“Imagine this scenario. Officers of the local Stadtpolizei investigating a suspected leak to the press descend on Deutsche Bank headquarters in Frankfurt, Germany. They serve a warrant to seize a bundle of private letters that a New York Times reporter is storing in a safe deposit box at a Deutsche Bank USA branch in Manhattan. The bank complies by ordering the New York branch manager to open the reporter’s box with a master key, rummage through it, and fax the private letters to the Stadtpolizei.”

Microsoft v. United States of America,In the Matter of a Warrant to Search a Certain E-Mail Account Controlled and Maintained by Microsoft Corporation

So begins Microsoft’s legal brief today in New York with the U.S. Second Circuit Court of Appeals in its ongoing case challenging a U.S. government search warrant for customer data stored in Ireland. Microsoft filed the appeal after a U.S. district court judge rejected the company’s argument that the warrant is illegal because it calls for the seizure of emails stored outside the United States.

The filing begins by imagining how the U.S. government might react if the shoe were on the other foot. For example, how would the Unites States react if a foreign government attempted to sidestep international law by demanding that a foreign company with offices in the United States produce the personal communications of an American journalist? As the brief hypothesizes, the reaction might go something like this:

The U.S. Secretary of State fumes: “We are outraged by the decision to bypass existing formal procedures that the European Union and the United States have agreed on for bilateral cooperation, and to embark instead on extraterritorial law enforcement activity on American soil in violation of international law and our own privacy laws.” Germany’s Foreign Minister responds: “We did not conduct an extraterritorial search – in fact we didn’t search anything at all. No German officer ever set foot in the United States. The Stadtpolizei merely ordered a German company to produce its own business records, which were in its own possession, custody, and control. The American reporter’s privacy interests were fully protected, because the Stadtpolizei secured a warrant from a neutral magistrate.”

As the brief states, “[N]o way would that response satisfy the U.S. Government” because the documents held by the foreign company for safekeeping are private letters, not business records. And any attempt to take possession of those letters through a warrant – even one served on the company entrusted with those letters – would constitute a seizure by a foreign government of private information located in another country.

Ultimately today’s legal brief is about more than a timely and interesting story. This case involves timeless principles and their enduring importance to a future with global technology.

As the story illustrates, this case and these principles are as important to Americans as they are to people elsewhere around the world. If the Government prevails, how can it complain if foreign agents require tech companies to download emails stored in the U.S.? This is a question the Department of Justice hasn’t yet addressed, much less answered. Yet the Golden Rule applies to international relations as well as to other human interaction.

In one important sense, the issues at stake are even bigger than this. The Government puts at risk the fundamental privacy rights Americans have valued since the founding of the postal service. This is because it argues that, unlike your letters in the mail, emails you store in the cloud cease to belong exclusively to you. Instead, according to the Government, your emails become the business records of a cloud provider. Because business records have a lower level of legal protection, the Government claims it can use a different and broader legal authority to reach emails stored anywhere in the world.

Of course, this case has also raised concerns around the world for a good reason. The DOJ in effect challenges people’s ability around the world to rely on the privacy protections of their own governments and laws.

As our brief points out, the power to embark on unilateral law enforcement incursions into another sovereign country has profound foreign policy consequences. For that reason, the European Commissioner for Justice protested the lower court’s decision, stating that “it bypasses existing formal procedures that are agreed between the EU and the U.S.” and “may be in breach of international law and may impede the attainment of the protection of individuals guaranteed in the Union.” Foreign newspapers were less diplomatic, blasting the United States with headlines such as: “U.S. Wants to Rule over All Servers Globally.”

To avoid just this sort of international discord, courts presume that federal statutes do not apply extraterritorially unless Congress expresses a clear intent for them to do so. And Congress expressed no such intention here. That fundamental point is at the heart of this case.

For this reason, the case also has important implications for the separation of powers in our own Government. The DOJ risks stepping on Congress’ authority by substituting its judgment for a decision Congress exclusively is authorized to make.

By requiring Congress to speak clearly when extending U.S. law abroad, the presumption against extraterritoriality ensures that only Congress decides when to subordinate international comity to other governmental interests. Congress did not make – and, indeed, did not even consider – any such tradeoff when it enacted the statute involved here, the Electronic Communications Privacy Act (ECPA). On the contrary, ECPA’s text and history show Congress believed the law would only apply domestically. If the DOJ wants the unprecedented power it claims here, it therefore should plead its case to Congress.

To be clear, we appreciate the critical role law enforcement plays and its need to obtain evidence necessary to investigate a possible crime. Microsoft and other technology companies receive thousands of demands each year from law enforcement agencies. To accommodate its duties to both its customers and law enforcement, Microsoft complies with lawful orders from U.S. authorities. However, we believe the Government should follow the processes it has established for itself for obtaining physical evidence outside the United States. And we believe in the need to strike a better balance between security and privacy. That’s why we brought this case and why we continue to call on both the Administration and Congress to introduce reforms.

Meanwhile, the warrant issued here cannot reach emails stored in Ireland, and as we argue in our brief, we believe the lower court’s judgment should be reversed.



< Back

    Add your comment

    We aim to have healthy debate. But we won't publish comments that abuse others

    1200 characters left





    © copyright 2013 Website News. All rights reserved.






    Website News is for and about the website design, development, marketing industry. We will endeavor to bring you up-to-date news and information to help you in your work as well as give you useful information and tips for your clients and their businesses.

    We are always keen for you to submit any information you find from elsewhere, or about your business, that you feel will be relevant.





    Contact Us:

    For advertising enquiries or to submit a story, please email us at:



    Website News

    Sign-up to Website News and create your universal Woogloo ID

    Your details

    Your login details

    Your address

    Is your address not being found?


    Company address

    Yes No

    To register on the Website News website you either need to use your
    exisitng Woogloo ID or create a new one (see below).

    Sign Up

    Why sign up?

    • Get access to Registered User's priviledges, which may include hidden pages, special features and special pricing, if they exist, on this website.
    • Get access to all sites powered by Woogloo V3 without having to enter your details everytime.

    Login Error

    Forgot your password?

    Enter your email address below and click 'Reset Password' Button

    What is a Woogloo ID

    Logging in...