Microsoft yesterday filed an appeal to a July 31 ruling by Manhattan’s U.S. District Judge Loretta Preska requiring the Redmond, Wash.-based software giant to turn over emails stored at the company’s data center in Ireland to the U.S. Department of Justice (DOJ).
Brad Smith, Microsoft’s top lawyer, announced on Dec. 8 that his company had filed a legal brief today with the U.S. Second Circuit Court of Appeals in New York seeking to reverse this summer’s court decision. In a ruling with implications for providers of globe-spanning cloud services, Judge Preska ruled that despite the fact that the Outlook.com emails in question are stored in Dublin, Ireland, as a U.S.-based company, Microsoft must produce the data.
The case sparked controversy due to the legal reasoning employed by the DOJ. Microsoft had turned over U.S.-based data pertaining to the case, but refused to hand over emails stored in Ireland on the basis that under U.S. law, warrants cannot be enforced in other countries.
Microsoft was served with a hybrid –part warrant and part subpoena—argued the DOJ. Subpeonas, unlike warrants, can be used to collect information beyond U.S. borders if subjects are notified. Complicating the matter is the possibility that Microsoft’s compliance could mean running afoul of European law.
Unsurprisingly, given the company’s stance on data privacy and particularly in the wake of the National Security Agency spying scandal, Microsoft pledged to challenge the judgment.
“The only issue that was certain this morning was that the District Court’s decision would not represent the final step in this process,” said Smith in a statement at the time. “We will appeal promptly and continue to advocate that people’s email deserves strong privacy protection in the U.S. and around the world.”
Today, Microsoft is bracing for another round.
In a 74-page legal brief, Microsoft posited a “what if” scenario, in which local law enforcement, investigating a leak to the press, arrives at the Deutsche Bank headquarters in Frankfurt, Germany, seeking a New York Times reporter’s private letters in a Deutsche Bank branch location in Manhattan.
“The bank complies by ordering the New York branch manager to open the reporter’s box with a master key, rummage through it, and fax the private letters to the Stadtpolizei,” setting off firestorm between the State Department and Germany’s Foreign Minister, according to the court document.
“This case presents a digital version of the same scenario, but the shoe is on the other foot,” argued Microsoft.
The emails being sought by the DOJ “are located exclusively on a computer in Dublin, Ireland, where they are protected by Irish and European privacy laws,” reiterated the company in the brief. “When the Government nevertheless tried to force Microsoft to access the correspondence abroad and import it into the United States, the European Commissioner of Justice reacted as our hypothetical Secretary of State did,” revealed the company.
“The power to embark on unilateral law enforcement incursions into another sovereign country has profound foreign policy consequences,” Smith said in a statement. Suggesting that the DOJ is also overstepping its authority in this matter, to “avoid just this sort of international discord, courts presume that federal statutes do not apply extraterritorially unless Congress expresses a clear intent for them to do so. And Congress expressed no such intention here,” he stated.