The Long Arm of the Law: Government Demands Access to Microsoft’s Servers in Ireland

In a troubling expansion of government snooping, a New York judge ruled Thursday that Microsoft has to open its servers to federal investigators. What’s concerning in this case is that the servers in question are not on U.S. soil—they are located in Ireland. In pursuit of information from Microsoft, the federal government pulled Microsoft into court to argue over the government’s power to act through a warrant to access information stored on the company’s overseas servers.

Microsoft, like many US companies such as Google, AT&T, Verizon, and Apple, have servers around the world that store the private content of both American and foreign residents. A criminal investigation resulted in a warrant being issued to collect information held on a company server in Dublin, Ireland which Microsoft refused to comply with arguing that U.S. warrants do not apply outside of US territories.

Relying on previous rulings by courts throughout America, two conflicting precedents have been established concerning limitations on warrant jurisdiction. One found that the understood location of the data should be pinpointed to where the data is copied over, or simply, wherever the computer is geographically holding its data. The other precedent established that location is based on where the person accessing the information is sitting, for example, an individual within the United States who is tapping into files that are stored abroad. These two distinctively different definitions are further put at odds when partnered with the sitting understanding of the powers of a Stored Communication Act (SCA) warrant, the tool that the government claims to have the justified ability to employ and that which Microsoft argues is an abuse of federal power.

SCA warrants are those used by the federal government to obtain property (in this case electronic data) but are restrained by the following limitations: they may only access data (1) located within the issued district, (2) located within the district or in the close surrounding proximity where it might have been transferred, (3) involved in domestic or international terrorism investigations, or (4) located in a U.S. territory.

In its arguments, the government is blatantly ignoring these warrant limitations, claiming that the New York court is the "court of competent jurisdiction" and therefore has unchecked power to demand the release of Microsoft’s data, placing it in the hands of not only the NSA, but also federal, state, and local law enforcement. The government’s excuse for this? It is stating that the warrant is acting as a subpoena, not a search and seizure tool and that the emails are "business records" not private information, thus the limitations are not applicable. As Microsoft general counsel Brad Smith explains it, "It is, in a sense, the broadest possible warrant that one literally can imagine in the 21st century."

The threat that these contradicting definitions pose is extraordinary considering that, if government access to the data is deemed to be just, Microsoft would have to open access to their more than 100 data centers worldwide. Other companies would find themselves just as vulnerable.

"If the government’s position prevails, it would have huge detrimental impacts on American cloud companies that do business abroad," said lawyer Michael Vatis, co-author of Verizon’s friend-of-the-court brief issued in the trial.

Already these impacts are being seen as Germany takes steps toward canceling its contracts with Verizon for fear that the company would be used by the U.S. government to collect information on German citizens. The amount of international businesses that could be affected by this case are innumerable.

"They’re really, really scared about losing their foreign customers," Christopher Soghoian, principal technologist at the American Civil Liberties Union, points out. "They’re doing everything they can to signal to their foreign corporate and government customers that their data remains safe in the cloud."

In addition to these effects on American businesses, the affirmation of the court’s approval of the government snooping introduces new national security threats. If federal powers like the NSA get the green light to access the information of foreigners that is stored on these servers abroad, it can be expected that other counties will move to implement similar tactics towards acquiring the information of American citizens. The unlocking of these informational databases to governments around the globe will add a whole new element to the problems that have been highlighted recently with the National Security Agency and Snowden scandals. However, not only would Americans have to be concerned about their own government reading their emails, but now any foreign power’s ability to do it as well.

So, where does this case stand?

On July 31, 2014, upholding the magistrate judge’s opinion from December, the New York District Court ruled in favor of the U.S. government, establishing that the warrant is justified, demanding that Microsoft open its servers to the snooping of the federal investigators. In response, Microsoft has filed an appeal to the higher courts.

As Michael Vatis so candidly put it, this "is a quintessential policy decision that should be made by Congress, not by a prosecutor or a court in Manhattan." And yet, the fight will continue in the courts with Microsoft persevering against the ever-expanding take-over by the U.S. government.

If the higher court affirms the opinion set before it, international business dynamics, private property protection, and the data service provider market will forever change by being officially unhinged to any and all government intrusion.