Obama Administration Says the World's Servers Are Ours

← Back to Stories (view on slashdot.org)

Obama Administration Says the World's Servers Are Ours

Posted by samzenpus on Monday July 14, 2014 @10:18AM from the all-your-data-are-belong-to-us dept.

An anonymous reader points out this story about the U.S. Justice Department's claim that companies served with valid warrants for data must produce that data even if the data is not stored in the U.S. Global governments, the tech sector, and scholars are closely following a legal flap in which the US Justice Department claims that Microsoft must hand over e-mail stored in Dublin, Ireland. In essence, President Barack Obama's administration claims that any company with operations in the United States must comply with valid warrants for data, even if the content is stored overseas. It's a position Microsoft and companies like Apple say is wrong, arguing that the enforcement of US law stops at the border. A magistrate judge has already sided with the government's position, ruling in April that "the basic principle that an entity lawfully obligated to produce information must do so regardless of the location of that information." Microsoft appealed to a federal judge, and the case is set to be heard on July 31.

32 of 749 comments (clear)

Min score:

Reason:

Sort:

Maybe, maybe not. by Frosty+Piss · 2014-07-14 10:18 · Score: 4, Interesting

Microsoft is based in the United States, so there may be some valid argument here that as an American company, Microsoft data regardless of where "in the cloud" it is stored is subject to American legal rulings.
The *real* question is what about companies that do business here but are based in other countries?

--
If you want news from today, you have to come back tomorrow.
1. Re: Maybe, maybe not. by mSparks43 · 2014-07-14 10:23 · Score: 5, Interesting
  
  Someone pointed out that governments don't really matter anymore.
  Doesn't matter how true it is. They are gonna bitch scream and stamp their feet till mommy buys them what they want.
2. Re:Maybe, maybe not. by Anonymous+Psychopath · 2014-07-14 10:34 · Score: 5, Insightful
  
  Microsoft is based in the United States, so there may be some valid argument here that as an American company, Microsoft data regardless of where "in the cloud" it is stored is subject to American legal rulings.
  The *real* question is what about companies that do business here but are based in other countries?
  There must be precedents or applicable laws for physical analogies. If a company operating in the US happens to store physical records somewhere outside the US, and those records are pertinent to the case, would those not be covered by a US subpoena? If the company has access to them and the ability to procure them, what does the physical location of the records or their headquarters matter?
  
  --
  Eagles may soar, but weasels don't get sucked into jet engines.
3. Re: Maybe, maybe not. by mSparks43 · 2014-07-14 10:41 · Score: 4, Insightful
  
  You cannot serve warrents to search property in other countries.
  Simple as that.
  Servers and data fundamentally don't obey those rules.
  The internet doesn't live in the real world. Its rediculous to try and impose real world rules on it.
  But fun to watch them try.
4. Re:Maybe, maybe not. by bloodhawk · 2014-07-14 10:44 · Score: 4, Interesting
  
  The huge MASSIVE problem with that position is that many other countries have VERY specific laws about data, especially privacy data leaving the borders. This puts international companies in a hugely awkward position where they must break one law or the other, either of which potentially could result in huge fines or Jail time. The US doesn't get to determine what other countries laws are and they definitely do not get to override them.
5. Re:Maybe, maybe not. by bloodhawk · 2014-07-14 10:57 · Score: 4, Interesting
  
  there is a LOT to see here, this is definitely not a non-issue. This inherently makes US companies a danger to do business with many countries for hosting/cloud services where many countries have laws and/or industries with regulatory requirements that demand data cannot be taken out of the country. This ruling if upheld will make US companies like Amazon, MS, Apple, Google et al a no go when it comes to hosting, the financial ramifications are rather massive.
6. Re: Maybe, maybe not. by craigminah · 2014-07-14 10:57 · Score: 5, Insightful
  
  If this does hold up, and Microsoft releases the data stored in another country (which is ludicrous), then how long will it take for every other country in the world to buy equipment from a non-American or solely domestic company? This may backfire...like most of our administration's policies...
7. Re: Maybe, maybe not. by fustakrakich · 2014-07-14 11:00 · Score: 5, Insightful
  
  The internet doesn't live in the real world.
  You mean there are no servers and cables? Everything is just... there?
  
  --
  “He’s not deformed, he’s just drunk!”
8. Re:Maybe, maybe not. by roman_mir · 2014-07-14 11:09 · Score: 4, Interesting
  
  Again, the foreign companies are not USA citizens and foreign companies are not subject to USA law on their own land. However if you are an American then you are a SECOND CLASS CITIZEN today (or lower) because foreign banks that have any presence in the USA whatsoever DENY your request to open a bank account :)
  If you think this is normal and that is how all countries operate, think again. When you are in Switzerland if you are from India or from China or from Russia or from Germany or from UK or from Brazil or from Uganda you are not going to be prevented from opening a bank account. However if you are from good old US of A you will not be able to open a bank account if you do not have another passport, that's what it is like today to be an American. USA government turned USA citizens into persona non grata for foreign businesses.
  By the way, USA is the only of 2 or 3 countries in the world that tax 'world income', as in even if you are not a resident in the country, you are forced to file income taxes every year and above certain income you are forced to pay USA related income taxes :) Great success building that 'independence' and 'freedom'. USA was created to escape this type of persecution, now it is one of the worst offenders against human rights in the world and when I say human rights I am talking about the right to be an individual, the right to self determination, the right not to be a slave to a collective.
  By the way, there is 0% wrong with having foreign bank accounts all over the world. AFAIC in today's society everybody needs to have more than one passport and many many many bank accounts and business investments around the world not tied to their country of residence. Of-course you don't have to do it, but then you are owned, aren't you?
  
  --
  You can't handle the truth.
9. Re: Maybe, maybe not. by Luckyo · 2014-07-14 11:22 · Score: 5, Informative
  
  This gets more warped. It would likely be illlegal to produce certain data on EU citizens like this according to EU privacy directive. Company would be forced to choose to either follow US law or EU law, as these would be at odds with one another.
  I can see policy like this bringing current globalization trend to a screeching halt as companies would split to have daughter companies incorporated and operating only in certain countries to shield them against this kind of abuse.
10. Re:Maybe, maybe not. by physicsphairy · 2014-07-14 11:28 · Score: 5, Interesting
  
  if a country's legal system has a valid case for something, and issues a court order ordering you to turn something over, you can't just avoid a court order by saying "it's in my summer home in another country!"
  That's fine. I'm perfectly okay with saying Microsoft has to produce all of their financial information, legal analysis, etc., when required, no matter where it is stored, as a provision of being legally incorporated in the United States.
  Where this gets pernicious is that the data they are being required to present is *not* their data. They are a third party holding the data on someone else's behalf. Note the courts specifically say that this would not be okay if it was a physical document, their reasoning for being allowed to subpoena an electronic document is essentially that it's trivial for them to get away with it.
  From the article:
  
  The e-mail the US authorities are seeking from Microsoft concerns a drug-trafficking investigation. Microsoft often stores e-mail on servers closest to the account holder.
  So presumably this data belongs to someone in Ireland. It's data which was created in Ireland. It may be data which has never left Ireland. But because they made the mistake of dealing with a US company, the data of an Irish citizen sitting in a room in Ireland where Irish law prevails is now being exported to America without Irish courts having any say in the matter.
  
  --
  When things get complex, multiply by the complex conjugate.
11. Re: Maybe, maybe not. by HornWumpus · 2014-07-14 11:56 · Score: 4, Insightful
  
  It's all sorts of things. But only people outside the jurisdiction of the courts are obstructing American justice. Where it's called 'being in compliance with local data privacy laws'.
  Did the subpoena prevent you from informing your foreign employer of what was happening? More practically did it prevent corporate legal from informing their foreign bosses. What if the data is protected by their data privacy laws? What if you don't 'know that for sure'. What if your local lawyer 'was certainly unaware of that' (once made aware, he will be dirty and have to move on.)
  
  --
  John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
12. Re:Maybe, maybe not. by physicsphairy · 2014-07-14 12:04 · Score: 4, Insightful
  
  If the company has access to them and the ability to procure them, what does the physical location of the records or their headquarters matter?
  Because they are storing someone else's data. That someone else (and their locally stored property) should receive the full protection of their local laws when dealing with a local subsidiary of an international company. This is not an embassy, it is not considered a territorial extension of the United States. The server is owned and taxed as Irish property. It should require an Irish court order to forcibly extract data off of it, same as it would taking letters out of an Irish safety deposit box (even if the bank had an American presence).
  Would we be comfortable with courts in China being able to subpoena any US held data from companies with a Chinese presence? "Sorry Yahoo but as part of your incorporation in China we need you to produce any emails from the personal accounts of Boeing employees held on your US owned servers."
  
  --
  When things get complex, multiply by the complex conjugate.
13. Re:Maybe, maybe not. by DamnOregonian · 2014-07-14 12:22 · Score: 5, Interesting
  
  This is why the data should never have been in Microsoft's possession to begin with, and why it matters what companies you do business with, and what countries they operate in/what laws they are subject to in the various jurisdictions they're incorporated in.
14. Re:Maybe, maybe not. by DamnOregonian · 2014-07-14 12:25 · Score: 4, Insightful
  
  Google is an incorporated entity in the United States of America.
  The IRS most certainly *can* bring suit against them in a US court, and demand that they turn over records for their tax-haven bank accounts.
  The jurisdiction applies between the plaintiff and the defendant, borders matter not.
  
  Where jurisdiction comes in, is we can't fly a team of cops over to the Bahamas and raid the offices of the bank to produce the data, the worst we can do is levy sanctions against the defendant.
  
  This is *completely normal*, all over the goddamn world.
15. Re: Maybe, maybe not. by I'm+New+Around+Here · 2014-07-14 12:31 · Score: 4, Funny
  
  Nonsense. A company is a totally fictitious entity. The government created it and the government can make it do whatever they want.
  (As it turns out, the corporation is also able to control the government, but that's another topic.)
  Well, the government is also a totally fictitious entity itself. So, it's not surprising that fictitious entities are controlling each other.
  
  --
  If you think I voted for Trump because of this post, you're wrong. I voted for Dr. Jill Stein of the Green Party. Again.
16. Re: Maybe, maybe not. by jhol13 · 2014-07-14 12:36 · Score: 4, Interesting
  
  Suppose that the data resides in Swizerland (Swiss privacy laws prohibit moving data overseas - don't know exact details, but the idea should be obvious). Suppose the credentials to give the data is only on the hands of a swiss administrator - no american has access to the data/server/credentials in Swizerland. In this case no matter who in the company orders to give him the credentials, the administrator in Swizerland cannot give them or he would be breaking the Swiss law.
17. Re:Maybe, maybe not. by davecb · 2014-07-14 13:29 · Score: 4, Informative
  
  The criteria is "the company that has the power to demand the data, has to do so if ordered by their country's courts". This probably dates back to the 16th century or earlier. Some time around the Hanseatic League...
  A Canadian company with data in Outer Mongolia has to produce the data if it can. If the Outer Mongols prohibit the Canadian company from demanding it normally, the Canadians can't be ordered to produce it, because the data isn't in the Canadian company's control. If they allow it to be demanded normally, a Canadian court can get it. They have to do it via the Mongolian branch, they can't just issue court orders in Mongolia.
  Your suspicion is correct: a Canadian company that controls data in the U.S. can indeed be ordered by a Canadian court to produce it .
  --dave
  
  --
  davecb@spamcop.net
18. Re: Maybe, maybe not. by Immerman · 2014-07-14 14:34 · Score: 4, Interesting
  
  So if I say to my foreign counterpart "give me this data that I have been subpoenaed to provide" I am obstructing justice? You could argue that the foreign branch is obstructing US justice when they implement the policy of automatic refusal unless/until a local subpoena complying with local legal requirements is received, but nobody there is personally bound by US law, so it's not particularly relevant unless they want to travel to the US in the future. Meanwhile they might very well be in violation of local law by supplying said data without the appropriate local legal authorization.
  I'm not happy with this - it seems like an issue where there's no good solution: The US can't be allowed to be "world cops" to this degree - we've proven repeatedly that we've lost whatever moral superiority *might* have once entitled us to such a position - call me paranoid but handing more power to the gestapo-in-training seems to always go badly for the common man. Meanwhile *without* such authority I can easily imagine elaborate corporate data shell games where all sensitive data is inaccessible to any government. The only answer I can see is international treaties bringing corporations to heel, but I suspect those would be tricky in the extreme to get right, even if the self-same megacorps didn't already have pretty much all the relevant politicians in their pocket.
  
  --
  --- Most topics have many sides worth arguing, allow me to take one opposite you.
Easy solution by Anonymous Coward · 2014-07-14 10:20 · Score: 5, Insightful

Just claim the data was lost due to a "hard drive crash." I mean, it worked for the IRS, right?
Goodbye foreign markets by Anonymous Coward · 2014-07-14 10:24 · Score: 5, Insightful

If this holds, US companies will have trouble competing abroad. Information belonging to a US firm's foreign customer company could be seized without possible recourse, unless the customer hires a US counsel.
Will this affect overseas profits tax evasion? by swb · 2014-07-14 10:25 · Score: 5, Insightful

Will this influence the tax gimmick where the HQ is overseas so the profits don't have to have taxes paid on them?
Why is it the money can evade the government but the data can't?
1. Re:Will this affect overseas profits tax evasion? by Anonymous+Psychopath · 2014-07-14 10:36 · Score: 5, Interesting
  
  Will this influence the tax gimmick where the HQ is overseas so the profits don't have to have taxes paid on them?
  Why is it the money can evade the government but the data can't?
  Tax evasion is illegal. Tax avoidance, which is what these companies are practicing, is not. There's no criminal wrongdoing taking place.
  Even though the politicians bluster on and on about the problem, they always forget to mention that they are the ones with the power to fix it, if they chose to.
  
  --
  Eagles may soar, but weasels don't get sucked into jet engines.
2. Re:Will this affect overseas profits tax evasion? by Dynedain · 2014-07-14 11:13 · Score: 4, Insightful
  
  Tax avoidance is by definition, figuring out what is legal, what is not, and adjusting accordingly.
  Claiming your charitable donations on your tax return (which you're supposed to do) is tax avoidance. If the laws allow for undesirable tax avoidance behaviors, then they should be changed.
  
  --
  I'm out of my mind right now, but feel free to leave a message.....
Curious by aevan · 2014-07-14 10:41 · Score: 5, Insightful

Does this mean that the US Gov is fine with those same companies turning over all their data to China if a Chinese official decides he wants it? Wonder what other companies this fun can extend to.
It's corporations we're talking about by jgotts · 2014-07-14 10:44 · Score: 4, Insightful

Effectively, though perhaps not in the strict legal definition, the purpose of a corporation is to make a profit.
As we can plainly see from Microsoft's conduct over the years, they will break whatever laws they can get away with to make that profit. This lawsuit isn't about Hotmail users' e-mail messages, this is about illegal or otherwise objectionable behavior that they are trying to shield in other countries.
If you're worried about your e-mail and data stored on Microsoft's servers, then let's not mix that up with a corporation's ability to hide illegal, unethical, or immoral behavior within a more compliant state's physical borders.
Re:I think USA is right... by Rich0 · 2014-07-14 10:46 · Score: 4, Insightful

And the reaction will be that all high tech companies will just leave the USA.
The ruling pertains to anybody who does business in the US. So, they can leave the USA, as long as they don't sell anything in the USA.
what a headline by maliqua · 2014-07-14 10:52 · Score: 4, Informative

That's not got an agenda behind it at all. what it means to say is US owns data of US companies/citizens even if they hide it outside the USA that seems some what reasonable.
Re:Simple rule, actually by PopeRatzo · 2014-07-14 11:05 · Score: 5, Informative

It's interesting that right at this moment, the Obama Adminstration is pushing an international treaty that will make it so that corporations do not have to comply with a country's laws. It's called "TISA" and it's so bad that it was supposed to be secret for five years after it's ratified and put into action. We only know about it because Wikileaks released a leaked portion of it.
Secret laws being adjudicated in secret courts. All at the behest of corporations who then want (like Microsoft) to not have to comply. It's a pretty ugly type of fascism.

--
You are welcome on my lawn.
You have this backwards. by IBitOBear · 2014-07-14 12:14 · Score: 5, Insightful

Microsoft is trying the "you can't hold me responsible for yesterday's shooting because the gun is in my other pants" defense.
The law has _always_ held that if you are before the court, everything relevant to the case is before the court.
If this were not the case then the Tobacco and Asbestos companies could have just said "all those meeting minutes and research records are stored in our warehouse in mexico so ha ha, you all lose." Any company or person, on any issue, could just mail the evidence out of state or out of country and get off scott free.
That just never happened.
Just because the evidence is "on a computer" instead of "printed on paper" doesn't make the "other pants" defense viable.
The court is not reaching across a border. Microsoft is _here_. Microsoft does business _here_. The complaint is _here_, and the court is _here_. The proper legal response to "the other pants" gambit is to tell the guy in his shorts to send someone to go get whatever it is from those pants and bring it back.
Criminals don't just "move" their assets to other countries, they "hide" them because if it can be found it's on the table.
Every court. Every country. Every topic. From the beginning of time.
This is no different.

--
Innocent people shouldn't be forced to pay for inferior software development.
--"Code Complete" Microsoft Press
1. Re:You have this backwards. by forand · 2014-07-14 13:17 · Score: 5, Insightful
  
  I agree with everything you have stated. However, the situation is not one of Microsoft being required to produce their own documents, they are being required to produce other's documents. So the analogy would be that Microsoft has a rental storage facility in Ireland and the US wants them to riffle through a unit and send some documents they find. That is far less reasonable and clear cut as your summary.
Re:Simple rule, actually by PopeRatzo · 2014-07-14 13:48 · Score: 4, Informative

The TISA is classified so investment groups wouldn't take advantage of it before it went into effect, thus screwing you and I over.
For five years after it becomes law?

Also, it's been in negotiation for 2 fucking decade, so not really 'Obama'.
Exactly right. This treaty, which creates corporate sovereignty, is being negotiated in secret...from us. Do you really believe for a moment that it's also secret from the companies that will benefit, like Goldman Sachs?
Every president for the past 30 years has been playing for the same team. And the team does not include us.

--
You are welcome on my lawn.