eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
Microsoft’s Dec. 8 appeal to federal court orders that it turn over the contents of an email stored on servers in Ireland moves to the next stages in a case that appears destined to go all the way to the U.S. Supreme Court.
Whatever decision the U.S. Court of Appeals makes is certain to be appealed by whichever side loses. Now the only question becomes whether the Supreme Court will agree to hear the case to settle the matter once and for all.
Meanwhile in Washington, the American Enterprise Institute (AEI) is releasing a report on the effects of the current state of surveillance involving U.S. software, cloud and hardware companies, with particular focus on the Microsoft case.
The report, written by Georgetown University Professor Dr. Theodore Moran, finds that the collection of interlocking surveillance programs is endangering the ability of U.S. companies to compete abroad.
The report finds, for example, that a number of European governments will stop using products and services sold by Microsoft if the warrants seeking access to information held on European servers are upheld.
Likewise, Moran sees competing efforts by a variety of governments to protect their own companies and to allow access to U.S. data wherever it may be. These efforts could be far different, often in conflict, and would give U.S. companies no clear guidance on how to operate internationally. He warns that these trends are likely to result in the “balkanization” of IT services as foreign IT companies and governments try to use U.S. surveillance and legal policies as a lever to win competitive advantages.
While comments by a variety of government sources enumerated by Moran show that the federal government has repeatedly tried to minimize the risk and subsequent damage to U.S. companies, an insightful comparison he developed shows that in fact, there’s a lot to worry about.
The goal of the report, which is discussed at AEI on Dec. 10, is to suggest ways that will encourage the U.S. and foreign governments to develop a set of rules for interaction that are both transparent and fair to all parties. Moran suggests that the existing Mutual Legal Assistance Treaties (MLAT) provide a framework to allow surveillance where required, while in the process protecting the privacy rights of citizens.
On his way to reaching his recommendations, Professor Moran provides an exhaustive analysis of existing laws and practices involving electronic surveillance, including the practices of the federal courts and various law enforcement and intelligence agencies. This examination is in itself a remarkably valuable primer on what’s actually going on, how it works and how it impacts the various IT companies that have to deal with it.
Think Tank Warns U.S. Surveillance Efforts Undermine IT Industry
The report also details the workings of the various MLAT agreements between the U.S. and foreign governments. Perhaps most important, the report lays out what kind of protections they provide the citizens whose information is being sought.
But if there’s a weakness in the report’s analysis, it’s in how to handle situations where the U.S. government simply ignores the law, and attempts to induce the federal courts to force American companies to comply with the wishes of prosecutors in the name of expediency.
This is the situation with the Microsoft case in which the prosecutors have gained the cooperation of the federal district court in New York to create a novel hybrid warrant that’s also a subpoena—a legal creature that seems to exist nowhere in U.S. law, except in the arguments of those prosecutors.
Moran also examines the case of Apple and Google, which have released versions of their mobile operating systems that contain encryption keys that prevent anyone, including Apple and Google, from gaining access to their devices without the cooperation of the owner of the device. This has been a topic of consternation on the part of the Justice Department and the FBI, but so far no agency has found a legal way to circumvent the encryption on these devices.
What’s not mentioned is what happens if the U.S. government decides to ignore existing surveillance law and order Apple and Google to create back doors to their operating systems. Is there a way to force these companies to comply with such orders even if they’re not supported by legislation or case law?
While this may sound like a facetious question, the fact is that with the Microsoft case, the DoJ has already decided to ignore existing law in its effort to force the company to reveal the contents of an email that’s protected by European law. There is already an MLAT between the U.S. and the European Union. If the DoJ wants access to the email, there’s an existing means of gaining access legally.
But the U.S. prosecutors contend that using the existing treaty is inconvenient. It might take too long, they say. But is the real reason that the U.S. prosecutors lack sufficient probable cause that their request might not make it through the existing legal system? Are they worried that European privacy concerns might trump their efforts to run roughshod over the treaties?
Here is where it’s important to mention the fact that treaties, once signed and ratified, are the law of the land. Even if the AEI’s proposal were to be adopted, what happens when the U.S. decides to ignore the law in favor of strong-arm tactics in the name of convenience?