Out-Law News 1 min. read
01 Aug 2014, 4:50 pm
Microsoft and other US companies had challenged the issuing of a search warrant for the emails, arguing that US authorities could not seize customer information held in other countries.
On 31 July, US district court judge Loretta Preska ruled that the warrant obtained by the US government did lawfully require the company to hand over any data it controlled, regardless of where it was stored.
However, Microsoft executive vice-president and general counsel Brad Smith said after the ruling: “The only issue that was certain this morning was that the district court’s decision would not represent the final step in this process. We will appeal promptly and continue to advocate that people’s email deserves strong privacy protection in the US and around the world.”
Judge Preska’s ruling upheld a ruling by US magistrate judge James Francis on 25 April when Francis also denied Microsoft’s attempt to quash the warrant.
In court documents posted online, judge Francis confirmed that it was he who had granted the warrant in question, on 4 December 2013. The warrant authorised the search and seizure of information “associated with a specified web-based e-mail account that is stored at premises owned, maintained, controlled or operated by Microsoft Corporation”.
The court documents in relation to the warrant said: “It is the responsibility of Microsoft’s global criminal compliance (GCC) team to respond to a search warrant seeking stored electronic information. Working from offices in California and Washington, the GCC team uses a database programme or ‘tool’ to collect the data... initially a GCC team member uses the tool to determine where the data for the target account is stored and then collects the information remotely from the server where the data is located, whether in the United States or elsewhere.”
According to the court documents in this case: “Microsoft complied with the search warrant to the extent of producing the non-content information stored on servers in the US. However, after it determined that the target account was hosted in Dublin and the content information stored there, it filed the instant motion seeking to quash the warrant to the extent that it directs the production of information stored abroad.”
In his ruling, judge Francis said: “The fact that protections against ‘interceptions and disclosures’ may not apply where those activities take place abroad hardly indicates that Congress intended to limit the ability of law enforcement agents to obtain account information from domestic service providers who happen to store that information overseas.”
Earlier this year, former EU Justice Commissioner Viviane Reding, who was elected to the European Parliament in elections held in May 2014, criticised US authorities for demanding access to data stored in Ireland by Microsoft without following agreed protocols designed to ensure privacy rights are protected.