Microsoft Wins Major Privacy Victory for Data Held Overseas

Microsoft Wins Major Privacy Victory for Data Held Overseas
By Jenna McLaughlin

In a landmark decision, decision, an appellate court ruled Thursday that the U.S. government could not obtain personal data held overseas by issuing a domestic warrant.

Microsoft appealed an earlier ruling in the Southern District of New York that held the company in contempt of court because it refused to hand over data stored in Dublin, Ireland, Ireland during a narcotics investigation. The target’s citizenship wasn’t disclosed to the court.

The New York-based 2nd  York based Second Circuit Court of Appeals reversed that decision in what digital rights advocates are celebrating as a victory for privacy in an increasingly connected digital age — though age—though it’s expected the government will appeal.

“Microsoft’s victory over the U.S. government is a resounding affirmation of the endurance of privacy in an age marked by constant data transfers in the cloud, Internet of Things, Things and big data applications,” Omer Tene, vice president Omar Tene, Vice President of research and education at the International Association of Privacy Professionals, said in a statement to The Intercept.

“When, in 1986, Congress passed the Stored Communications Act as part of the broader Electronic Communications Privacy Act, its aim was to protect user privacy in the context of new technology that required a user’s interaction with a service provider,” wrote Judge Susan L. Carney in the decision.

Just because companies routinely conduct business across international borders borders, doesn’t mean a warrant is any more or less powerful, argued the unanimous panel of three judges. Judges. “Neither explicitly nor implicitly does the statute envision the application of its warrant provisions overseas.”

To access data across borders, there are other structures in place, called Mutual Legal Assistance Treaties, the court argued. Those agreements allow law enforcement to exchange information in criminal investigations — and investigations—and the U.S. has an arrangement in place with Ireland. (The U.S. government described that process as “cumbersome.”)

The U.S. and Britain are already negotiating an agreement where both partners could directly serve companies with wiretap orders and warrants — to warrants—to intercept real-time communications and to collect stored communications. But neither country has announced a formal agreement yet.

In response to the appellate decision, many are calling for legal reforms to better address the needs of law enforcement to access data overseas and to protect the privacy of citizens worldwide.

“The decision underlines the need for reform to address legitimate law enforcement demands for data stored abroad,” Greg Nojeim, the director of the Center for Democracy and Technology’s Freedom, Security, Security and Technology Project, said in a statement. “It should spur Congress to act by finally updating the Electronic Communications Privacy Act of 1986 and advancing legislation that would reform the mutual legal assistance treaty (MLAT) process.”

Sign up for The Intercept Newsletter here.

The post Microsoft Wins Major Privacy Victory for Data Held Overseas appeared first on The Intercept.

July 14, 2016 at 10:25PM
via The Intercept