Judge: US Search Warrants Apply To Overseas Computers

← Back to Stories (view on slashdot.org)

Judge: US Search Warrants Apply To Overseas Computers

Posted by Unknown on Friday August 1, 2014 @02:06AM from the prepare-for-extradition-to-north-korea dept.

jfruh (300774) writes Investigators in a criminal case want to see some emails stored on Microsoft's servers in Ireland. Microsoft has resisted, on the grounds that U.S. law enforcement doesn't have jurisdiction there, but a New York judge ruled against them, responding to prosecutors' worries that web service providers could just move information around the world to avoid investigation. The case will be appealed.

41 of 502 comments (clear)

Min score:

Reason:

Sort:

It's almost sane(really) by i+kan+reed · 2014-08-01 02:12 · Score: 4, Interesting

Going to take a position I know will be unpopular in this thread, but:
The leverage they have is that you're accused of committing a crime within the borders of the US, and evidence you have access to can be demanded under a warrant that covers details related to that crime. Their physical inability to seize it by force(because it's in another jurisdiction) is about as relevant as their inability to unlock your bank safe. Either way they can punish you for not turning over evidence that is covered by the warrant.
1. Re:It's almost sane(really) by Anonymous Coward · 2014-08-01 02:18 · Score: 5, Insightful
  
  It's all well and good so long as the USA don't mind, say, a Russian court issuing a warrant for data held on servers in the USA.
2. Re:It's almost sane(really) by hawguy · 2014-08-01 02:22 · Score: 5, Interesting
  
  Going to take a position I know will be unpopular in this thread, but:
  The leverage they have is that you're accused of committing a crime within the borders of the US, and evidence you have access to can be demanded under a warrant that covers details related to that crime. Their physical inability to seize it by force(because it's in another jurisdiction) is about as relevant as their inability to unlock your bank safe. Either way they can punish you for not turning over evidence that is covered by the warrant.
  Is there any circumstance where you think USA prosecutors should not be allowed to force foreign entities to hand over evidence without going through that country's legal system?
  Like if I'm arrested for smoking pot in the USA and USA prosecutors want to search my bedroom back home in Amsterdam to collect proof of my drug habit, you think its ok for USA police to force my parents to let them search my bedroom back home (or enter their home by force)? Even if my "crime" is only a crime in the USA?
3. Re:It's almost sane(really) by disposable60 · 2014-08-01 02:23 · Score: 5, Insightful
  
  Or China, Iran, Pakistan, Myanmar or North Korea - you know, countries in which dissent of (heavens!) heresy/apostasy are capital offenses.
  
  --
  You're looking for quotes? See my journal.
4. Re:It's almost sane(really) by CanHasDIY · 2014-08-01 02:27 · Score: 4, Insightful
  
  Like if I'm arrested for smoking pot in the USA and USA prosecutors want to search my bedroom back home in Amsterdam to collect proof of my drug habit, you think its ok for USA police to force my parents to let them search my bedroom back home (or enter their home by force)? Even if my "crime" is only a crime in the USA?
  I'm having trouble determining whether this is a really good analogy, or a really bad one... Leaning towards the former.
  
  --
  An enigma, wrapped in a riddle, shrouded in bacon and cheese
5. Re:It's almost sane(really) by drinkypoo · 2014-08-01 02:28 · Score: 4, Insightful
  
  It's all well and good so long as the USA don't mind, say, a Russian court issuing a warrant for data held on servers in the USA.
  There's nothing wrong with that, so long as they don't propose to use force to retrieve the data.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
6. Re:It's almost sane(really) by Anonymous Coward · 2014-08-01 02:35 · Score: 5, Insightful
  
  A Russian court issuing a warrant for data held by a Russian company on servers located in the US but controlled by the Russian company would be consistent with this ruling.
7. Re:It's almost sane(really) by silfen · 2014-08-01 02:36 · Score: 3, Informative
  
  Why would "the USA mind"? Any country is free to issue warrants for whatever it wants. But, in practice, it can only enforce them within its jurisdiction or via treaty.
  The US can enforce its warrant against Microsoft because Microsoft operates within its jurisdiction. Microsoft has to decide whether it values more operating in the US or whether it values the privacy of its foreign operations more. I think it's pretty clear how that's going to shake out.
8. Re:It's almost sane(really) by TRRosen · 2014-08-01 02:41 · Score: 5, Insightful
  
  That is a completely irrelevant example. Were not talking about subpoenaing a foreign company or entity. We are talking about forcing companies operating in the US to turn over information that is in their possession (under there control).
  The basic concept here is that data does not exist in the physical world. Where the electrons are is irrelevant if the entity that controls it exists in the US.
9. Re:It's almost sane(really) by 0a100b · 2014-08-01 02:59 · Score: 5, Funny
  
  Using some force may be acceptable, like waterboarding Satya Nadella to get the data...
10. Re:It's almost sane(really) by Anonymous Coward · 2014-08-01 02:59 · Score: 5, Insightful
  
  The US should be able to get search warrants...
  wait for it...
  In Canadian courts. MIND BLOWN.
11. Re:It's almost sane(really) by Nemyst · 2014-08-01 03:02 · Score: 5, Insightful
  
  To both cases: this is why organizations like Interpol exist. So a police force from one country can work in tandem with another to solve a case that crosses national borders. If the US want data stored in an Ireland server, they should work with the police there to get it, instead of saying that their jurisdiction extends worldwide unilaterally.
12. Re:It's almost sane(really) by hawguy · 2014-08-01 03:14 · Score: 4, Insightful
  
  OK, thought of a good counter analogy:
  - You've hidden bombs on public transit all over the country, and the list of where you hid them is stored on a server in the UK; should the government be able to get a warrant for that information?
  Of course they should... Through a UK court, not a USA court.
13. Re:It's almost sane(really) by Culture20 · 2014-08-01 03:40 · Score: 4, Funny
  
  I thought Interpol existed to catch Carmen SanDiego.
14. Re:It's almost sane(really) by NatasRevol · 2014-08-01 03:42 · Score: 3, Insightful
  
  You might want to go look up what is a crime in those countries. You better be ok with ALL their laws.
  
  --
  There are two types of people in the world: Those who crave closure
15. Re:It's almost sane(really) by Dredd13 · 2014-08-01 03:42 · Score: 5, Insightful
  
  If an American citizen owns the house in Amsterdam, how is that any different than the American company owning the server in Europe?
  As an American citizen, in that revision of the analogy, be could be compelled to allow US investigators to search his Amsterdam residence.
  Would you support that? Cuz "hellz no" for my part
16. Re:It's almost sane(really) by Ghostworks · 2014-08-01 03:46 · Score: 4, Informative
  
  But this is how it already works. For example, China could say to Google "give us access to G-Mail or we'll just block it completely, may be even kick your company out". Then it's a game of chicken. But China does have the right under their laws to block G-Mail or ban Google, as well as to demand unreasonable things from resident companies as the price of doing business. Laws everywhere have always worked this way. This is not new.
  Now the question: if (beyond a certain point) businesses really have no choice but to deal with corrupt regimes, and customers have no choice but to deal with businesses that deal with corrupt regimes, what protects consumers in one jurisdiction from corruption in another? The answer is competing laws. If China imposes harsh penalties for failing to do X, but the U.S. or Europe impose equally harsh penalties for doing X, then businesses torn between them actually have some refuge through ceded responsibility.
  This is exactly how U.S. bribery laws work: "We would love grease your palms, great Poo-bah, but U.S. law says that if we do then we can't do business there, which would mean we also don't have business to do here, so please don't even ask." When there is risk of cross-corruption in the market, it is the government's responsibility to step in and throw up a wall.
  (As a side note, this notion of ceded responsibility is why there are some industries that actually petition for _stronger_ regulations. For example, it's common in some parts for large arms dealers to have to "sweeten the pot" with government buyers by agreeing to pay for side projects, such as the construction of a hospital, as a condition of sale. This is a cost arms dealers would rather avoid, so they petitioned Congress for years to have such "gifts" declared a form of illegal bribery.)
17. Re:It's almost sane(really) by JohnNemesh · 2014-08-01 03:52 · Score: 4, Insightful
  
  That is the best analogy I have seen so far. Moreover, it allows the US to search the house WITHOUT the consent or cooperation of the foreign government! The EU has laws protecting the data of it's citizens. By complying with US law, and allowing the data to be handed over to US authorities, they will be in violation of the EU laws! This puts MS (and every other American tech company) in a VERY awkward position! Do they break US law or EU law? Either way, they will be breaking SOMEONE'S laws, whether they hand over the data or not! This is also going to accelerate the decline of the use American tech overseas. Germany has already stated that they are moving to open source software, due in no small part to the NSA's overreaching spying programs...and the UK has also expressed interest in moving away from Microsoft products and services. Expect those governments, as well as other foreign and multinational corporations to move even more quickly away from US tech to keep their data secure and away from the prying eyes of the NSA, CIA and other US agencies! Another casualty here will be the "cloud". NO ONE outside of the US is going to trust their sensitive data with Amazon, Microsoft, or Google (or any others based in the US) if the US takes the position that all data, stored ANYWHERE IN THE WORLD, is subject to their laws and could be searched and/or seized at any given moment, with or without the consent, permission or knowledge of foreign governments! This court just, single-handedly, shot the entire American tech sector squarely in the balls. It's going to have ramifications that will take YEARS to sort out.
18. Re:It's almost sane(really) by Dredd13 · 2014-08-01 03:57 · Score: 3, Insightful
  
  And in my revised analogy, the residence is controlled and accessible by US entities (the US citizen who owns it).
19. Re:It's almost sane(really) by Minwee · 2014-08-01 04:14 · Score: 5, Funny
  
  - You're a serial killer in the US, but every time you murder someone you drive to your Canadian cabin in the woods to hide the body; should the US be able to get search warrants for said cabin?
  This may sound a little bit crazy, but murdering people was recently declared illegal in Canada too. All Special Agent Scully would have to do is pick up the phone and call her counterpart with the RCMP (They recently had phone service installed at both of their igloos!) who would then search the cabin for her, looking for evidence of a crime as defined by Canadian law. Once that was found it there would be some discussions at the nearest Tim Horton's over poutine and coffee (double-double, naturally) about just who would be charged and tried under what laws and whether evidence would be canoed across the border to the USA or the suspect extradited to Canada, Eh.
  It's almost as if this sort of thing has come up before. The situation gets more interesting when a US citizen does something which is only illegal in the USA but not Canada. Something like failing to volunteer to join the army, supporting an unpopular political party or copying music from CD to a tape.
20. Re:It's almost sane(really) by jbolden · 2014-08-01 04:54 · Score: 3, Insightful
  
  What if the data was in my locked briefcase in Microsoft's London office.... Do you think they should just hand it over to USA prosecutors without going through the UK's legal process?
  
  Yes. Microsoft USA has a legal obligation to get it from Microsoft UK even if the data is in the London office. Microsoft UK may not care but Microsoft USA must.
21. Re:It's almost sane(really) by jbolden · 2014-08-01 05:08 · Score: 3, Interesting
  
  The structure is this
  Microsoft Washington owns a Nevada corporation owns a Bermuda corporation owns Microsoft Ireland. The data is on Microsoft Ireland's physical servers but they hire Microsoft Washington for services and another subsidiary for licensing.
22. Re:It's almost sane(really) by Joel+Cahoon · 2014-08-01 06:25 · Score: 3, Insightful
  
  If someone physically in Russia (or China, Iran, Pakistan, Myanmar or North Korea) allegedly violates the laws of their country, and the evidence of such resides on a server in the U.S., then no, I have no problem with, nor control over, said country imposing punishment on that person if they refuse to produce this evidence when lawfully required. My opinion on the laws of another state are irrelevant in this matter, if I am to respect their sovereignty. And if I don't respect their sovereignty, this issue is of least concern.
Applies oversea or applies to local access? by Carewolf · 2014-08-01 02:13 · Score: 4, Interesting

If the local branch of Microsoft has access to and control over the servers, they only need to demand the local branch to do so, that doesn't mean they are extended juristiction. If the data could only be accessed from outside the US it would be more interesting.
1. Re:Applies oversea or applies to local access? by Anonymous Coward · 2014-08-01 02:28 · Score: 4, Interesting
  
  If the local branch of Microsoft has access to and control over the servers, they only need to demand the local branch to do so, that doesn't mean they are extended juristiction.
  That could make it more difficult for multinationals to operate though. One of the reasons why companies put data centers in Ireland is to comply with EU rules about the locations of personal information. If the US can pierce EU rules regarding personal information simply because someone in the US has access to the servers, then that could lead to EU rules prohibiting such access.
  During an earlier discussion I thought someone said that the information involved was owned by a US person or organization that was trying to hide by putting it in the EU. That would matter more to me than whether Microsoft had domestic access to the servers.
  I'm not sure that a US court should be deciding this though. It might make more sense to have to appeal to an EU court to pierce this particular veil. That would support EU rights in protecting their data while offering a method for US litigants to gain rightful access to data. Of course, it would also be rather clumsy. But I would rather put clumsiness on litigants than on multinational businesses.
2. Re:Applies oversea or applies to local access? by Trepidity · 2014-08-01 02:37 · Score: 5, Insightful
  
  That appears to be the argument, yes. The court isn't claiming authority to send police officers to Ireland and physically seize the data, or authority to force Irish police to conduct a search. Instead they're demanding that Microsoft (a U.S.-based company) produce the requested evidence, if indeed its U.S. staff have access to it (which they probably do).
  I think it's problematic from a practical perspective, but I could see how someone could reach that conclusion. Usually jurisdiction of U.S. persons does extend to their overseas assets, e.g. in an investigation of fraud a U.S. court can demand that you turn over your Swiss bank account records, even though these accounts are (of course) in Switzerland.
  The main problem IMO is that it puts companies operating in multiple jurisdictions in a bit of a bind. For example, Microsoft Ireland may have responsibility under EU law to not release data except in certain cases, while Microsoft U.S. is required to release it, meaning the company will violate the law somewhere no matter what they do. I'm not sure whether it's possible to avoid that by really firewalling the access, e.g. make Microsoft Ireland an operationally separate subsidiary whose servers cannot be directly accessed by Microsoft USA staff. But that would certainly complicate operations in other ways.
  
  --
  10 PRINT CHR$(205.5+RND(1)); : GOTO 10
Re:Finally! by i+kan+reed · 2014-08-01 02:13 · Score: 4, Insightful

Unfortunately, no. Jurisdiction for the crime isn't the same as jurisdiction for evidence.
Cuts both ways by jmv · 2014-08-01 02:22 · Score: 3, Interesting

It's going to be interesting when the Chinese government issues Google a warrant to get data from the US.

--
Opus: the Swiss army knife of audio codec
Bye bye US cloud by johanw · 2014-08-01 02:22 · Score: 5, Insightful

Microsoft always sold their cloudservices in the EU with the argument that the data is physically located outside the US so the Patriot Act doesn't apply. Now that this has been proven false, EU-based cloudfirms will use this argument to choose a non-US based firm even more in their commercials than they do already. Good for the non-US based firms.
Re:Finally! by LordLimecat · 2014-08-01 02:24 · Score: 4, Informative

So would you be in favor of China being able to subpoena any / all of Microsofts records, regardless of where they are stored?
Murica by korbulon · 2014-08-01 02:31 · Score: 4, Insightful

I never fail to find the bravado and hubris underlying American exceptionalism... exceptional.
Land of the free... as long as you're not in one of our many many prisons ( http://nomadcapitalist.com/201... ), which has a higher per capita incarceration rate than Cuba, which is second on the list. Oh, and speaking of Cuba, there's always http://en.wikipedia.org/wiki/G....
Home of the brave... because you'd be pretty brave too if your military budget was larger than the nearest eight other countries combined ( http://pgpf.org/Chart-Archive/... )
Where all men are created equal... except, of course, when they're not ( http://www.pbs.org/newshour/ru... ) and a man can make something from himself even if he starts out life with nothing (but probably not): http://money.cnn.com/2013/12/0... )
And where the rule of law is universal and sacrosanct... except in those cases where it's not convenient ( https://www.globalpolicy.org/u... ) and ( https://www.eff.org/nsa-spying... )
Oh well, enjoy your "freedoms".
1. Re:Murica by thaylin · 2014-08-01 03:40 · Score: 3, Informative
  
  After looking at the source material for those wiki article, particularly the Urugauy one, I see why wiki is not a reliable source. After all sourcing proposed laws as enforced laws are exactly the same thing..
  But of course the US also has anti-hate speech:
  In 1942, the Supreme Court sustained the conviction of a Jehovah's witness who addressed a police officer as a "God dammed racketeer" and "a damned facist" (Chaplinksy v. New Hampshire). The Court's opinion in the case stated that there was a category of face-to-face epithets, or "fighting words," that was wholly outside of the protection of the First Amendment: those words "which by their very utterance inflict injury" and which "are no essential part of any exposition of ideas."
  
  --
  When you cant win, ad hominem.
Re:Finally! by retchdog · 2014-08-01 02:31 · Score: 5, Insightful

yeah, i would. it would be a nice reminder about why not to do business with totalitarian states.
and, yes, i also think that this case is a nice reminder for other countries not to do business with the US for exactly the same reason.

--
"They were pure niggers." – Noam Chomsky
Don't do business with the USA by green1 · 2014-08-01 02:45 · Score: 4, Insightful

This is one more reason to make extra sure that companies that you deal with have zero US presence. In fact in many jurisdictions it would be illegal to follow these US laws due local privacy laws. By doing business in the US, any data on individuals that you have, even stored in other jurisdictions is subject to their laws, meaning you'll often have the choice of breaking US law, or breaking the laws of the country you're in.
Much safer to just avoid all dealings with the USA.
Yet Microsoft spies for the gov by jader3rd · 2014-08-01 02:46 · Score: 3, Funny

As a reader of Slashdot, I know that Microsoft only exists for the sole purpose of spying on behalf of the US government. So I know that this story is pure fiction. I mean whoever made it up didn't even put much effort into good names; Brad Smith? Come on, that's so generic.
Re:Moving information for Freedom.... by thaylin · 2014-08-01 02:55 · Score: 3, Insightful

Most defiantly yes. The government does not have free reign to just enter into our lives when it wants to and how it wants to, it has to follow local and global laws. Getting a warrant in the US is crazy easy, and there is little oversight. Requiring them to actually follow the law is not a bad thing. The law is there to protect the citizens, and allowing them to break it adds to the probably that innocents will be harmed.

--
When you cant win, ad hominem.
Re:Like extradition, but for evidence by silas_moeckel · 2014-08-01 03:00 · Score: 4, Insightful

Yea it's called asking a judge in Ireland.

--
No sir I dont like it.
Re:Moving information for Freedom.... by Anonymous Coward · 2014-08-01 03:02 · Score: 3, Insightful

What you keep missing is that what if I live in multiple different countries and travel between them frequently?
When I'm in the USA I can legally watch porn.
When I'm in Amsterdam I can legally smoke pot.
When In a Muslim country both are things that would get me killed.
So just because I live in all these countries at various times in the year doesn't mean the Muslim country gets to search my US computer for porn and suddenly sentence me to death. Then the US country searches my Amsterdam computer and finds images of me smoking pot there....
The point was that the document (evidence) would be in the country where I'm doing the stuff..... (where it's legal). I'm not intentionally moving anything around. I just do whats legal in the place I currently am.
According to this ruling, now my perfectly legal activities abroad, are subject to US law. Essentially no escaping their grasp now.
Re:In other news... by Jason+Levine · 2014-08-01 03:18 · Score: 3, Interesting

Sadly, North Korea, Iran, Saudi Arabia, and a bunch of other countries have wanted this for awhile. They want the "law of the Internet" to be that if you do X and you doing X is visible in their country where X is illegal, you've broken the law and can be prosecuted. They drool at the thought of being able to force their laws on the Internet at large. Sadly, this US judge is only helping their plan with his short-sighted ruling.

--
My sci-fi novel, Ghost Thief, is now available from Amazon.com.
Re:Finally! by ai4px · 2014-08-01 04:13 · Score: 3, Interesting

You say loopholes and evade taxes. It's like you've presupposed they are doing evil. Despite what they use being called a loophole, if it's legal, don't blame them for playing by the rules. Blame the idiots who poorly crafted a law.
A certain paper company used a green energy law that said if you use alternative fuels you can get a tax credit. The paper industry has been burning black liquor since the 1930s and in 2008 figured out they could get the tax credit if they /added/ diesel fuel to their alternative fuel. Congress fixed it within a year. The company did nothing except follow the rules (which are like walking thru a minefield.)
Clearly you're not Canadian. by BitterOak · 2014-08-01 06:29 · Score: 4, Informative

The parent post was clearly not written by a Canadian, as any good Canadian knows that Tim Horton's does NOT serve poutine. Otherwise though, your post is spot on.

--
If I can be modded down for being a troll, can I be modded up for being an orc, or a balrog?