American technology companies must turn over customer data pursuant to a federal search warrant, even if that data is stored overseas, a federal magistrate ruled on Friday.
The opinion, believed to be the first of its kind dealing with the seizure of data stored in a foreign country, will almost certainly add to the debate of the U.S. government’s tactics with regard to gathering digital intelligence over the Internet for use in surveillance matters and criminal cases.
The decision came following months of opposition by Washington-based Microsoft Corporation, whose lawyers were attempting to fight a federal search warrant seeking email records for an Outlook user stored in Dublin, Ireland. Microsoft argued that the government had no jurisdiction over the data since federal search warrants are generally limited to seizing tangible things within the borders of the United States.
“The U.S. government doesn’t have the power to search a home in another country, nor should it have the power to search the content of email stored overseas,” Microsoft’s deputy general counsel, David Howard, wrote in a blog post.
But U.S. Magistrate Judge James Francis disagreed on Friday, ruling Microsoft had to comply with the search warrant because digital content such as email records were not governed the same way as physical goods. Francis’s interpretation of the Stored Communications Act holds that email records must be turned over to law enforcement under what he called a “hybrid” order, regardless of where that data is held.
Francis also expressed concern over the length of time it would take law enforcement officials in the U.S. to cooperate with their overseas counterparts, saying the delay could impede criminal investigations by placing a substantial “burden” on investigators.
Microsoft is not backing down, calling Friday’s ruling “the first step toward getting this issue in front of courts that have the authority to correct the government’s longstanding views on the application of search warrants to content stored digitally outside the United States.” The company says it is likely the issue will be seen before a federal judge or even an appellate court in the future.
Microsoft has been one of several American tech companies at the center of public discourse over the federal government’s intelligence gathering efforts since last June’s disclosure of clandestine surveillance programs operated by the National Security Agency. According to documents leaked by former contractor Edward Snowden, Microsoft is one of several U.S.-based companies whose products and services had been compromised by NSA agents seeking to collect intelligence on foreign targets.
Though key American politicians and intelligence officials have repeatedly stated that the surveillance efforts of the NSA do not target “ordinary people,” classified documents released online by journalists show otherwise. According to reports, German Chancellor Angela Merkel’s cell phone was once bugged by the agency, and now it appears the communications of several German ministers have been surveilled as well.
Documents detailing the NSA’s bulk collection of telephone records revealed that the agency was gathering content on all American telephone subscribers, including “ordinary people” who had no known ties to terrorist groups. Furthermore, reports indicate that the NSA routinely passed along information it obtained through its surveillance programs to domestic law enforcement agencies, including the Federal Bureau of Investigations and the Drug Enforcement Agency, as part of their investigations — agents who received information from the NSA were ordered to re-create investigations so as not to blow the whistle on the secret programs, according to a report by Reuters.
For its part, Microsoft says its challenge against the government warrant it received is part of the company’s ongoing commitment to preserving customer privacy. However, those privacy tactics were challenged in April when it was revealed that a Syria-based hacker group had obtained documents showing Microsoft employees regularly complied with federal warrants by sending customer data to law enforcement agencies over the Internet.
The hackers, part of a group known as the Syrian Electronic Army, posted content on Twitter that presumed to show, among other things, “packages Microsoft made available to law enforcement,” according to The Washington Post. A separate investigation on the topic by the news website Daily Dot found that Microsoft charges the FBI tens of thousands of dollars monthly to comply with federal warrants for customer data.
A Microsoft spokesperson acknowledged in January that a hacking group had compromised some email accounts of its employees, but said it would not comment on the legitimacy of any documents released by the group.