Reach of search warrant for emails at issue in appeals case
On the surface, the investigation was routine. Federal agents persuaded a judge to issue a warrant for a Microsoft email account they suspected was used for drug trafficking. But US-based Microsoft kept the emails on a server in Ireland. Microsoft said that meant the emails were beyond the warrant’s reach. A federal appeals court agreed. Late last month, the Trump administration asked the Supreme Court to intervene.
The case is among several legal clashes that Redmond, Washington-based Microsoft and other technology companies have had with the government over questions of digital privacy and authorities’ need for information to combat crime and extremism. Privacy law experts say the companies have been more willing to push back against the government since the leak of classified information detailing America’s surveillance programs.
Another issue highlighted in the appeal is the difficulty that judges face in trying to square decades-old laws with new technological developments. In the latest case, a suspected drug trafficker used Microsoft’s email service. In 2013, federal investigators obtained a warrant under a 1986 law for the emails themselves as well as identifying information about the user of the email account.
Conflict of law
Microsoft turned over the information, but went to court to defend its decision not to hand over the emails from Ireland. The federal appeals court in New York agreed with the company that the 1986 Stored Communications Act does not apply outside the United States. The administration’s Supreme Court appeal said the decision is damaging “hundreds if not thousands of investigations of crimes - ranging from terrorism, to child pornography, to fraud.”
The emails, the administration noted, may reside on a server somewhere, but said Microsoft can retrieve them “domestically with the click of a computer mouse.” Microsoft’s president, Brad Smith, said in a blog post following the high court appeal that the administration’s position “would put businesses in impossible conflict-of-law situations and hurt the security, jobs, and personal rights of Americans.”
Technology companies and privacy experts are among those watching the case closely. “This is a big deal in an era of a global internet. Servers are not just in the United States. They’re all over the world, and figuring out the rules for foreign-stored data is really important, not just for us, but for foreign governments,” said Orin Kerr, a George Washington University law professor whose work is cited in the appellate ruling.
One problem identified by Kerr and other privacy scholars is that courts might not be the best place to resolve these issues. Should the same rules apply to the emails of an American citizen and a foreigner? Does it matter where the person is living? “The Supreme Court can’t answer these questions in the nuanced way that’s needed,” said Jennifer Daskal, an American University law professor.
Even Judge Gerard Lynch on the New York panel that sided with Microsoft called for “congressional action to revise a badly outdated statute.” The Stored Communications Act became law long before the advent of cloud computing. To the extent personal information was kept online, it was mainly on personal computers. Today, companies build data centers around the world to keep up with their customers’ demands for speed and access.
Members of Congress have introduced legislation to update the law, but nothing has been enacted. Sen. Orrin Hatch, RUtah, opposes the administration’s appeal, but said in a statement that “Congress can and should modernize data privacy laws to ensure that law enforcement can access evidence in a timely manner.” Microsoft also supports revising the law. The company also is among those challenging “gag orders” that prevent service providers from notifying customers that their data have been turned over to the government under court order.
Companies have been more willing to assert their customers’ and their own privacy interests since former National Security Agency contractor Edward Snowden’s leak of classified US material about America’s surveillance programs, Kerr said. The technology companies wield enormous power, perhaps more than governments do, in shaping the scope of digital age privacy rights, Daskal said. The companies decide “what to retain, where to keep it, for how long, and whether to encrypt it,” she said. And when governments produce court orders for customers’ information, it’s the companies’ call about “when to comply and when to resist,” Daskal said. The justices won’t decide whether to hear US v. Microsoft, 17-2, before the fall. If they do, arguments wouldn’t occur until next year. —AP