Microsoft Defies Court Order, Will Not Give Emails To US Government

← Back to Stories (view on slashdot.org)

Microsoft Defies Court Order, Will Not Give Emails To US Government

Posted by Soulskill on Saturday August 30, 2014 @12:02PM from the you-didn't-say-pretty-please dept.

schwit1 sends this excerpt from a report about Microsoft: Despite a federal court order directing Microsoft to turn overseas-held email data to federal authorities, the software giant said Friday it will continue to withhold that information as it waits for the case to wind through the appeals process. The judge has now ordered both Microsoft and federal prosecutors to advise her how to proceed by next Friday, September 5.

Let there be no doubt that Microsoft's actions in this controversial case are customer-centric. The firm isn't just standing up to the US government on moral principles. It's now defying a federal court order. "Microsoft will not be turning over the email and plans to appeal," a Microsoft statement notes. "Everyone agrees this case can and will proceed to the appeals court. This is simply about finding the appropriate procedure for that to happen."

67 of 419 comments (clear)

Min score:

Reason:

Sort:

That's nice, but... by SternisheFan · 2014-08-30 12:04 · Score: 5, Interesting

Isn't there a NSA backdoor to MS?
1. Re:That's nice, but... by Anonymous Coward · 2014-08-30 12:06 · Score: 4, Interesting
  
  What, is this all just for show? Why would the Feds want to make news over them demanding the data from Microsoft?
  Is this just to make us believe they can't get the data without Microsoft's cooperation?
2. Re:That's nice, but... by PPH · 2014-08-30 13:18 · Score: 5, Interesting
  
  What, is this all just for show?
  Its either plausible deniability or the need to demonstrate an unbroken and untainted chain of evidence. The NSA may in fact already have access to this data. But acting like they don't, or even loosing a minor case might set other criminals at ease about the security of their data within the Microsoft infrastructure. And they won't switch to a more secure platform. The chain of evidence might be needed to keep a subsequent trial from being thrown out due to tainted evidence. The NSA may already have the evidence (through questionable means), but getting a clean copy removes issues of it being fruit of the poisonous tree.
  
  --
  Have gnu, will travel.
3. Re:That's nice, but... by russotto · 2014-08-30 13:47 · Score: 4, Insightful
  
  The government could almost certainly get this data by going through the proper procedures in Ireland. That they can also get it surreptitiously doesn't matter; they're trying to establish precedent that they can legally get any data held by any US company anywhere in the world without involving any other government; that precedent is the important part, not the particular data involved.
4. Re:That's nice, but... by ShanghaiBill · 2014-08-30 14:47 · Score: 5, Informative
  
  The government could almost certainly get this data by going through the proper procedures in Ireland.
  Maybe not. If the Irish government caves in to American pressure, then data centers will start leaving Ireland, taking money and jobs with them, just like they are already leaving America. If Microsoft loses this case, and the extra-territorial reach of American Law is upheld, then, if you want privacy, you will need to not only store your data outside America, but not even with a company that does business there. The American government cares more about reading our mail than about keeping our jobs.
5. Re:That's nice, but... by s.petry · 2014-08-30 15:00 · Score: 4, Insightful
  
  Dunno, the Russian FSB has actually wrung Windows code reviews out of Microsoft so if they didn't find any back door in that code I'd say there are none to find..
  A viable alternative is that they found and use the same back doors available to the NSA. It's speculation either way, because there are no independent reviews of Microsoft's source code and shipped binaries. The released binaries may not even match the source they provided for review.
  
  --
  -The wise argue that there are few absolutes, the fool argues that there are no probabilities.
6. Re:That's nice, but... by Charliemopps · 2014-08-30 22:27 · Score: 4, Interesting
  
  Isn't there a NSA backdoor to MS?
  They do. The feds already have the data but cannot use it in court. Getting the companies in question to play ball is essential for legal procedures, not for the actual data acquisition.
7. Re:That's nice, but... by mad_minstrel · 2014-08-30 23:39 · Score: 2
  
  N00b question: Can't you just compare the hashes of the shipped binaries and the ones you compiled from the sources you're reviewing to check that they match?
  
  --
  May the source be with you.
8. Re:That's nice, but... by Kijori · 2014-08-31 00:27 · Score: 4, Insightful
  
  Will they? There are a lot of advantages to running this in Ireland: low tax rates without the negative publicity of operating in a tax haven, other favourable financial and tax rules that allow foreign companies to book their profits there to further reduce their tax bills, a skilled workforce, good infrastructure, and all the up-front costs that come from building and equipping the data centre in the first place have been paid already. Call me cynical, but I'm not convinced that many data centres will move if Irish law allows the authorities to get this data.
9. Re:That's nice, but... by neumayr · 2014-08-31 01:10 · Score: 2
  
  That relies on using exactly the same tools for the entire build chain. Which might be hard or impossible to get, and of course also need to be trusted.
  
  --
  Truth arises more readily from error than from confusion. -Francis Bacon
10. Re:That's nice, but... by PPH · 2014-08-31 04:17 · Score: 5, Informative
  
  Could you give an example of a more secure platform?
  Sure. Any e-mail system which has users encrypt/decrypt their content locally and then use the storage and transport system solely for storage and transport Slap some directory and key management for (public keys only) on top of that and there you go.
  You (the gov't) subpoena the content from the service provider? Sure, here's an encrypted copy. We don't have anything else. Need that decryption key? Go see the sender or recipient. We don't have that.
  
  --
  Have gnu, will travel.
customer-centric by TubeSteak · 2014-08-30 12:06 · Score: 5, Insightful

Microsoft's actions might seem "customer-centric," but really they're fighting for their lives.
If MS can be forced to give up European data, stored on European servers, that's game over for them.
Lawsuits and investigations will flourish in Europe, because their data protection laws are much stronger/stricter than ours.
This could kill MS's European business.

--
[Fuck Beta]
o0t!
1. Re:customer-centric by Anonymous Coward · 2014-08-30 12:29 · Score: 5, Insightful
  
  You mean "Kill every company on the internet's business that serves customers in Europe and America."
  Legal precedent would compel Google, and everyone else, to do the same stupid thing this judge has ordered, who is apparently unaware of international laws and seems to assume that US law is the only thing that exists or even should exist. If MS loses, everyone loses.
2. Re:customer-centric by rtb61 · 2014-08-30 12:33 · Score: 4, Insightful
  
  It's all just a matter of legal principle. Can any internet company be publicly ordered to break laws in other countries, regardless of where it is based. So M$ is challenging the order to publicly establish a principle and protect it and all other internet companies in this regard. Technically speaking all other internet companies are now getting a free ride on M$'s dime, so it seems sometimes they do pay back to the industry. This is an important principle of law and something the US Federal government should be paying attention to and legislating to ensure the future of all US internet companies is not severely threatened.
  
  --
  Chaos - everything, everywhere, everywhen
3. Re:customer-centric by Anonymous Coward · 2014-08-30 12:40 · Score: 2, Insightful
  
  judge has ordered, who is apparently unaware of international laws and seems to assume that US law is the only thing that exists or even should exist
  A judge is demanding a United States company to play by the rules of the United States? And you have a problem with that? US law is and should be the only law the judge needs to consider. If US laws are incompatible with other nation's laws, then don't blame it on the judge, complain to your legislators.
4. Re:customer-centric by PPH · 2014-08-30 13:07 · Score: 5, Insightful
  
  Its an American's data stored under a European account in European servers.
  Perhaps. But if it was an American, residing on European soil, there would be extradition procedures to follow. And those would involve having the local (EU) police generate their own warrant and make their own arrest based upon a formal request. The aprehended suspect would then be turned over to the requesting country.
  The same sort of thing should happen here. The USA should make a formal request to the Irish court to secure the evidence and turn it over to US authorities.
  
  --
  Have gnu, will travel.
5. Re:customer-centric by bloodhawk · 2014-08-30 13:16 · Score: 5, Insightful
  
  Can any internet company be publicly ordered to break laws in other countries, regardless of where it is based?
  Why shouldn't they? MS is a United States company. Why should MS, or any other corporation, be able to only abide by US law when it is convenient for them, and break it other times? If the laws of two jurisdictions are incompatible with each other, the corporation should have to make a hard choice and only operate in a single jurisdiction, and use other avenues to expand business to the other.
  This is not a case of the US trying to compel a European Company into doing something, it is compelling Microsoft, subject to US law, to turn over data it holds, albeit in a different company. If an American individual is subpoenaed for information relating to a crime, resisting turning it over because it's held in a safe deposit box abroad, is no more an acceptable excuse than "it's in my other pants".
  An individual in the United States must abide by US law even when abroad, in addition to abiding by the rules of the foreign country. It's still illegal for an American to smoke weed or solicit 14 year old prostitutes abroad, despite those being legal in some places of the world. If American persons have to play by United States rules 24x7, why should a corporation get to pick and choose?
  The US legal system starts and ENDS at the US borders. You seem to have completely misunderstood this situation, For example your safe deposit box example, if the US wanted the contents of a safe deposit box in Europe they cannot legally seize it, doing so would be a violation of europan law and the US officials doing it would be guilty of bank robbery and treated like any other common criminal. They must go through the countries legal system that holds the goods they want to seize, similarly the same applies to Data, the US can get access to it as long as it follows the appropriate laws and procedures. What the US government is trying to do is say other countries laws don't matter with data and therefore are asking a US companies to break another countries laws. You yourself said it that when in other countries you must abide by that countries rules, you cannot compel an individual or company to break the laws of another country. No one is suggesting that MS gets to ignore US laws, it is the US government saying that they get it ignore other countries laws and can compel US companies to do the same while they are in those countries.
6. Re:customer-centric by silas_moeckel · 2014-08-30 13:24 · Score: 4, Insightful
  
  Actually they data is in Europe the judge is trying to say since they have access to it from the US they need to turn it over. The data is under the control of a division incorporated in Europe.
  There is established procedure to get this it called ask the European courts.
  
  --
  No sir I dont like it.
7. Re:customer-centric by jbolden · 2014-08-30 13:26 · Score: 2
  
  Microsoft has protected themselves. Their notices indicate that giving data to Azure is agreement to exporting the data. Thus Azure cannot store data for which export is illegal. Essentially they are in a terrible bind where USA law and European law conflict and now they are pushing against both with two different strategies.
  IMHO there is no chance they win their appeal in the USA federal courts. USA courts are not going to allow court ordered subpoenas to not be binding because the entity being subpoenaed thinks they have a good reason not to hand over what the court demands.
8. Re:customer-centric by Dcnjoe60 · 2014-08-30 13:29 · Score: 5, Interesting
  
  You mean "Kill every company on the internet's business that serves customers in Europe and America."
  Legal precedent would compel Google, and everyone else, to do the same stupid thing this judge has ordered, who is apparently unaware of international laws and seems to assume that US law is the only thing that exists or even should exist. If MS loses, everyone loses.
  Actually, this same scenario happened with the banking industry and what the judge is proposing actually follows the international law and treaties that came out of it. In short, it doesn't matter where the assets are stored as to who has jurisdiction, but as to who has control over them. For instance if the IRA had deposits in Irish Allied Bank, but the cash was stored in the US, then the Irish Government could still freeze the account. So, if the data is stored somewhere else, but the company is headquartered in their land, why not the same thing?
9. Re:customer-centric by Dcnjoe60 · 2014-08-30 13:33 · Score: 3, Interesting
  
  Its an American's data stored under a European account in European servers.
  Perhaps. But if it was an American, residing on European soil, there would be extradition procedures to follow. And those would involve having the local (EU) police generate their own warrant and make their own arrest based upon a formal request. The aprehended suspect would then be turned over to the requesting country.
  The same sort of thing should happen here. The USA should make a formal request to the Irish court to secure the evidence and turn it over to US authorities.
  That is true, but it's not about an American, but an American's data that is in question. You can only extridte people. If an American only needs to store their data in a foreign country to keep from complying with a warrant, then every criminal organization will do that. What the court is saying is that jurisdiction follows whoever has control over the data, which in this case is Microsoft, but could just as easily be drug cartel or terrorist group.
10. Re:customer-centric by Atryn · 2014-08-30 13:44 · Score: 3, Insightful
  
  A judge is demanding a United States company to play by the rules of the United States? And you have a problem with that? US law is and should be the only law the judge needs to consider. If US laws are incompatible with other nation's laws, then don't blame it on the judge, complain to your legislators.
  Another great reason for an inversion besides taxes.
  
  --
  Come play Moral Decay!
11. Re:customer-centric by niftymitch · 2014-08-30 14:04 · Score: 5, Insightful
  
  Except it isn't European data, Its an American's data stored under a European account in European servers. Small difference.
  It is not the data that is the issue.
  It is a US Judge requiring a company to reach out across international borders and
  as an agent of the judge grab the data and spirit it across international borders and
  deliver it to the judge. This something that the US judge could not require of the
  State Department, CIA or NSA any other government agency to do.
  If it was not data the rule would be more obvious. If a storage company had
  a large box of cigars perhaps from some random country close to Florida could that
  company be compelled to ship that box of cigars to the judge to determine
  if the owner of the box of cigars was engaging in the trade of and trade with
  a foreign country that the US has issues with. Only by inspection of the
  contents of the box would the judge know.
  Now it is possible that Cuban cigars are no longer the smoking gun of illegal
  trade with Cuba but the point is that this judge is forcing a company to reach out
  across international borders and do the judges bidding.
  What if the company name was Blackwater Security Consulting (since renamed Academi)
  and that company was directed by a judge to import or export anything or anyone
  at the behest of the judge (with or without payment for services BTW).
  If it was a physical container the decision in my mind is obvious
  that the judge is reaching, reaching, reaching well beyond charter and
  jurisdiction.
  It gets more interesting if the transport of the physical container crosses
  other international borders. Most nations have laws that prohibit trafficking
  in stolen goods. So a packet map showing how each and every fragment
  of this container traveled could also be a topic of a United Nations inquiry.
  Blood diamonds, ebony, ivory... trafficking in crime tainted desirables and
  this judge covets this stuff.
  
  --
  Truth is stranger than fiction, but it is because Fiction is obliged to stick to possibilities; Truth isn't. Mark Twain.
12. Re:customer-centric by Anonymous Coward · 2014-08-30 14:15 · Score: 2, Insightful
  
  The data is owned and controlled by the US division of Microsoft. The judge issued a decree that the US division of Microsoft must produce the data. If Microsoft does it from foreign servers, or local copies, or by recording the farting of the birds, no one cares. All that matters is that the US division of Microsoft must produce the data.
  The fact that the data is currently stored overseas is irrelevant.
13. Re:customer-centric by Whatsisname · 2014-08-30 14:24 · Score: 3, Interesting
  
  if the US wanted the contents of a safe deposit box in Europe they cannot legally seize it, doing so would be a violation of europan law
  They can't take the box by force, but the US can instead throw you, the owner of it, in the slammer until you cough up the requested evidence. Where the evidence is, is irrelevant.
14. Re:customer-centric by Dcnjoe60 · 2014-08-30 14:33 · Score: 4, Insightful
  
  But if an American visits a foreign country, they and their property are subject to the laws of that county. We expect the same of foreign visitors entering our country. And if that foreign countries data protection laws differ from those of the USA, they should still be honored.
  Having some foreign government insist on the right to root around in their citizens possesions while in this country, either as a tourist or a refugee would open up a human rights as well as an intellectual property can of worms. Imagine an H-1B worker's home country insisting on receiving copies of all of their work product while employed here.
  But the criminal in question didn't visit Ireland and leave his data there. Microsoft didn't visit Ireland, either, but it did send the data there. Also, this is not tangible personal property. It is a bunch of electrons.
  As for the H-1B worker, that is a strawman argument and has nothing to do with this. Here is a concrete example of what is going on here. I steal a painting in the US and send it via FedEx to Amerstam where it sits in FedEx's hangar waiting to be picked up. The feds arrest me and ask FedEx to send the painting back for evidence. Should FedEx say no, because it is now in their possession in a foreign country? Before you answer, the courts have already answered it and said yes, FedEx would need to return it as long as it is still in their possession.
  Or, lets say two child pornographers both store the pictures they have taken in the US (so US law is broken) on Google's servers and one of the pornographers pictures happen to reside on a server under Google's control in Ireland and the other on a server under Google's control in the US. Is guy who had the luck of his data being routed to Ireland off scott free while the other guy goes to jail, when both of these accounts and servers are under Google's control? While the courts haven't answered this question, they have done so with banking and found that US banks must still turn over seized assets of US bank holders even if those assets are now held in foreign countries. Most other countries also have the same laws, too.
  So, the question really is whether or not a criminal should be able to use a US company to hide it's data just because the US company has a server farm somewhere other than the US?
15. Re:customer-centric by MightyYar · 2014-08-30 14:34 · Score: 2
  
  It wouldn't matter - any company with a presence in the US would be at risk, no matter where they hoard their earnings.
  
  --
  W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
16. Re:customer-centric by theshowmecanuck · 2014-08-30 14:40 · Score: 2, Funny
  
  Europeans, when push comes to shove, are generally useless when it comes to standing up for what is right. So even though these are foreign, presumably European emails, residing on European servers, once the appeal process finishes Microsoft will start downloading the data to US servers. And then the EU nations will promptly call a summit, bicker amongst themselves till the download is complete, whine a lot, but ultimately do nothing. Just like they are doing with Ukraine. Given a choice of doing something meaningful that needs doing but might cause some discomfort and conflict, they would rather rationalize why they don't do anything. Kind of like Obama too (and I am not a Republican/conservative or libertarian... I'm independent).
  
  --
  -- I ignore anonymous replies to my comments and postings.
17. Re:customer-centric by whoever57 · 2014-08-30 15:11 · Score: 2
  
  Imagine that someone overseas has deposited something in a box held (overseas) by the subsidary of a US bank. Should the hypothetical US bank comply with the demand of a judge to make the contents available to a US law enforcement authority?
  
  --
  The real "Libtards" are the Libertarians!
18. Re:customer-centric by ShanghaiBill · 2014-08-30 15:13 · Score: 4, Interesting
  
  A judge is demanding a United States company to play by the rules of the United States?
  NO! This ruling is not limited to only American companies. It also applies to anyone doing business in America. So if America wants banking records of a German citizen, living in Germany, they could compel Deutschbank to provide them. Likewise, if the Chinese government wants records for an American citizen's account at Bank of America, then America will have no reason to protest since BofA has offices in China, and the principle of extra-territorial subpoenas has been established. If Microsoft loses this case, it will be a terrible precedent, and a victory for oppressive governments all around the world.
19. Re:customer-centric by Demena · 2014-08-30 17:33 · Score: 3, Informative
  
  Excuse me but you appear to be mistaken. it is written in the US constitution that international treaties become part of US law. Where that introduces contradictions the treaty law applies. And judges have to repeat this. It may not apply in this particular case but it remains true.
20. Re:customer-centric by Demena · 2014-08-30 17:39 · Score: 2
  
  Because the US constitution requires that international treaties become part of US law when signed.
21. Re:customer-centric by nabsltd · 2014-08-30 19:10 · Score: 5, Informative
  
  But if it was an American, residing on European soil, there would be extradition procedures to follow. And those would involve having the local (EU) police generate their own warrant and make their own arrest based upon a formal request.
  If you had followed this case, you would know that this is exactly what the US tried to do.
  The US asked an Irish court to issue a warrant to force production of the data. The Irish court refused to issue the warrant. So, the US issued a subpoena to Microsoft, who rightly told the US that although the data was on a Microsoft computer, the data was owned by a customer of Microsoft, therefore a warrant would be required. The US court then issued a warrant for Microsoft to produce the data. Microsoft refused, noting that the data was in a foreign country, and warrants are only valid when issued by a court that has jurisdiction over the location of the requested object/data/person. No US court has jurisdiction over Irish soil, thus we end up at today's story.
  The actual point of Microsoft's appeal is that the US wants to have a court to be able to issue an order that has the all the advantages of both a warrant and a subpoena, while ignoring their limitatations. The problem with this is that subpoenas are allowed to be fairly vague and apply to anything that is "owned" by the target of the subpoena, regardless of where it is located. Warrants, OTOH, can force the target to hand over something they don't own but over which they have control, but can only request very specific items/data, and have to be issued by a court that has jurisdiction over where the item/data is located.
22. Re:customer-centric by Bert64 · 2014-08-30 20:41 · Score: 3, Informative
  
  The data belongs to a US company, and is on servers which US based employees have access to. Those employees are beholden to US laws, and should retrieve the data if directed to do so by a US court.
  Also the Irish company is a subsidiary of the US company. The Irish employees don't have to obey US law, but they do have to obey their bosses who in turn do have to obey US law.
  So long as the data is stored on servers operated by an organisation which has a chain of command extending upwards in the US, they are beholden to the demands of the US government. The opposite probably wouldn't apply, as the Irish employees wouldn't have seniority over the US and thus couldn't compel them to do anything.
  If they don't like it, the Irish part could be spun off as an entirely separate entity free of US control.
  
  --
  http://spamdecoy.net - free throwaway anonymous email - avoid spam!
23. Re:customer-centric by Bert64 · 2014-08-30 20:46 · Score: 2
  
  That assumes that the US division of Deutsche Bank actually has access to the banking records of German citizens. If the chain of command is set up correctly within the company, then the US division should be unable to get access to German records without the agreement of someone sufficiently senior in Germany.
  Employees located in a different country would not be subject to the laws, but they are still subject to the hierarchy of their own business - that is if their boss is located in the US and compelled by US law to do something, the less senior employee would also be so compelled not directly by US law, but by the internal rules of the company.
  
  --
  http://spamdecoy.net - free throwaway anonymous email - avoid spam!
24. Re:customer-centric by gnasher719 · 2014-08-30 22:00 · Score: 2
  
  European servers owned and managed by a US company. While there may be local employees in the EU, they are ultimately answerable to more senior US based employees within their own company and therefore to US law.
  Data stored in Europe. Which may only be surrendered if someone gets a warrant that is valid in the European country. It doesn't matter who owns the company. If Ireland issued a warrant for the data, then Microsoft couldn't say "we are a US company", they would have to obey an Irish warrant for data in Ireland. If the USA issues a warrant for data in Ireland, then Microsoft has no right to surrender the data. Again, doesn't matter whether Microsoft is a US country or not.
25. Re:customer-centric by Rich0 · 2014-08-30 22:31 · Score: 2
  
  I'm not a Microsoft fan in any way, but MS is dead right on this one. A US judge does not have jurisdiction over foreign e-mails. He can claim jurisdiction all he wants, butwishing will not make the world bend to his black-robed will.
  Well, whether this survives appeal is anybody's guess. However, if the US Supreme Court upholds it then MS will end up turning over the data. This isn't about making the world bend to his "black-robed will" - this is about making Microsoft bend to it. Once the appeals are exhausted they'll be told to produce the data. If they refuse then they'll be fined a million dollars a day, and the fines will be increased if that doesn't seem to be enough. Eventually Microsoft either goes out of business, or it capitulates.
  Sure, after it happens the EU can then start fining them millions or billions of dollars if they want to. But, the only way around something like this is for a company to not own property or assets of any kind in both the US and EU. Courts can seize assets, which basically puts you in your jurisdiction no matter what your principles might otherwise dictate.
26. Re:customer-centric by Yoda222 · 2014-08-31 03:44 · Score: 2
  
  The Irish employees don't have to obey US law, but they do have to obey their bosses who in turn do have to obey US law.t compel them to do anything.
  Not if what the US bosses ask them something which is forbidden by Irish law.
Customer-centric? by DarkFencer · 2014-08-30 12:06 · Score: 2

I don't see them as customer-centric as much as self-serving. There is definitely a trend of non-US companies moving or thinking of moving their data off US servers. Moving them off US company/subsidiary servers in other countries is a huge threat to Nadella's cloud-focused Microsoft.
It is a rational self-interested decision that may be good for consumers.
Re:More accuratly "self preservation" by queazocotal · 2014-08-30 12:20 · Score: 3, Insightful

By a not too unreasonable extension of the theory that allows the judge to compel microsoft to deliver things they control on a computer in another country - I see no reason exactly the same would not apply to compelling them to deliver a personalised update to one particular computer and deliver access to that computer - wherever in the world it was, and whoever owned it.
Re:More accuratly "self preservation" by arbiter1 · 2014-08-30 12:24 · Score: 3, Insightful

Well its not just MS, ANY company. Google, Apple, etc would be effected by this as well.
And on a side note... by MindPrison · 2014-08-30 12:45 · Score: 4, Insightful

...anyone who seriously store sensitive information on a cloud service like free-email, should be spanked with a trout over and over again.

--
What this world is coming to - is for you and me to decide.
re I don't care by jelizondo · 2014-08-30 12:48 · Score: 5, Informative

Frankly, I don't care if MS is standing up out of self-interest or for some other cause, the tyrants in D.C. need to be stopped. Period.
You can't apply U.S. laws to the world at large, regardless of your 'legal' standing.
Many U.S. organizations have presence and pay taxes in many different jurisdictions, making them subject to that particular territory's law. Will the U.S. allow some other country to violate U.S. laws because the subsidiary is present, in say, Aman and thus, by extension, the entire organization is subject to Aman's Law?
The answer is no, because jurisdiction is territorial. You can't apply Ireland's law to MS in the U.S. simply because they have a corporate office there, thus the reverse is true too: you can' t apply U.S. law to a subsidiary in Ireland.
Who owns it is irrelevant; corporations are legal entities of their own, regardless of ownership. Ships owned by, say Americans (most cruise ships for example), are registered in Panama, thus bypassing U.S. Labor laws because who owns them is irrelevant.
Trust me, you don't want to go there: it will open lawsuits against U.S. firms, under U.S. laws, against the owners of such ships and other corporations that use underage labor, exceed working hours / conditions, etc. in other countries.
It would basically make International Law obsolete as we know it.
It appears that the U.S. Government is bent in destroying the American economy while 'preserving' American security.

--
Be very, very careful what you put into that head, because you will never, ever get it out. - Cardinal Wolsey
Globalization by jmd · 2014-08-30 12:51 · Score: 3, Insightful

I'm suspecting the zeal MS is showing in challenging the US gov't has more to do with laying the groundword of "nation-states" being neutered. This is about power in the future. If they win against the US gov't this is just one more nail in the coffin of the battle to make governments useless. This goes hand in hand with the Trans Pacific and other trade agreements. These things are designed to strip power from government.
This is just one more step in the march of capitalism that will likely destroy civilization in the long run.
1. Re:Globalization by Anonymous Coward · 2014-08-30 12:56 · Score: 2, Interesting
  
  I would imagine it is laying groundwork for tax inversion.
2. Re:Globalization by rsborg · 2014-08-30 13:27 · Score: 4, Interesting
  
  I would imagine it is laying groundwork for tax inversion.
  I already replied in this argument, but this is probably the most insightful comment I've seen on this story. Setting up a very good reason why they should relocate their HQ for tax purposes (i.e., privacy of their files) seems a good PR move to offset any public outcry.
  
  --
  Make sure everyone's vote counts: Verified Voting
This is huge ... by CaptainDork · 2014-08-30 12:53 · Score: 4, Interesting

People and businesses and governments everywhere will be watching this one.
If America can force Microsoft to reach out to Ireland for data, then Germany (etc.) can force Microsoft to tunnel into America, right?
And, as mentioned, people, businesses and governments are already skeptical of the cloud, anyway.
People, businesses and governments may force "data nationalism" to become the norm.

--
It little behooves the best of us to comment on the rest of us.
Stop the US-centric crap already by msobkow · 2014-08-30 13:01 · Score: 5, Insightful

The US needs to wake up to the fact that they are not "world law." Their law ends at the boundaries of the US.
It doesn't matter if the email account in question is owned by an American. It doesn't matter if the servers are indirectly owned by an American company.
They are in a foreign jurisdiction and the US government needs to go through the judicial and legal processes of that jurisdiction if they want access to the data.
Quite frankly, fuck the "war on terror", the "war on drugs", and every other tired old excuse the US government and it's subservient courts use to try to justify shoving the US legal system down the world's throat.

--
I do not fail; I succeed at finding out what does not work.
1. Re:Stop the US-centric crap already by msobkow · 2014-08-30 13:07 · Score: 2
  
  The US could take a page from the Russians on the whole issue of legal jurisdiction. The Russians have mandated that all corporate and personal data hosted by "the cloud" must be on servers on Russian soil so there is no question of legal jurisdiction when they're trying to investigate and prosecute a case involving a Russian entity.
  The US and every other nation should be doing the same thing: mandating that the data owned by their citizens and corporations be hosted in country so that it can't be "hidden" by legal loopholes of the jurisdiction where the data resides.
  But, hey, the US cloud operators don't want to invest in that many offshore nodes/clusters, and they're the ones paying off Congress and the Senate, so I doubt we'll see such sane legislation passed in my lifetime. Far easier to try to shove your legal system down international throats, eh?
  Pffft. I fart towards the south...
  
  --
  I do not fail; I succeed at finding out what does not work.
2. Re:Stop the US-centric crap already by quenda · 2014-08-30 15:13 · Score: 2
  
  No it doesn't. Microsoft is a US entity. They aren't European.
  
  MS is a multi-national. They could move their HQ to Ireland next week, for tax purposes, and not much would change.
  
  The USA doesn't shove their laws down other countries throats. You don't want USA law don't buy USA products.
  As slashdot readers should know, the USA frequently shoves its copyright laws for a start. The problem is not so much in buying USA products, as
  "If you want to be able to sell anything in the US market, here are a bunch of laws we need you to adopt before getting our 'free' trade agreement. "
3. Re:Stop the US-centric crap already by msobkow · 2014-08-30 15:25 · Score: 2
  
  Nonsense. Microsoft is a multi-national conglomerate with seperate corporations/business entities scattered around the world. Those seperate entites are not US businesses, though they are owned by a US business, they are subject to the laws of the jurisdictions they operate in, not US law.
  
  --
  I do not fail; I succeed at finding out what does not work.
4. Re:Stop the US-centric crap already by quenda · 2014-08-31 01:30 · Score: 2
  
  They would lose all the USA government contracts.
  You think they do not get gov't contracts in other countries now? And there would still be a US subsidiary for that purpose if needed.
  
  That doesn't apply to much to Europe as Europe has reasonably copyright laws.
  You'd think "life plus 50 years" would be reasonable enough, but the US has been strong-arming countries to extent copyright 20 years. (until the next extension)
They are not defying an order by debrain · 2014-08-30 13:11 · Score: 5, Informative

Notwithstanding some really rare cases (e.g. interlocutory), which this does not appear to be, an order is unenforceable while under appeal.
Doing what an order asks is grounds for dismissal of an appeal, notwithstanding cases where acts are made explicitly with the agreement of the parties and sometimes affirmation of the court to be without prejudice to the right of appeal. However in cases of disclosure of information, the disclosure is generally a form of prejudice (since it cannot be undone) that undermines appellate entitlement.
So it is wrong to say they are are defying an order. They are doing what everyone does on appeal.
If they were to defy an order they could be held in contempt of court. That would be an interesting story.
1. Re:They are not defying an order by Dcnjoe60 · 2014-08-30 14:13 · Score: 4, Informative
  
  Notwithstanding some really rare cases (e.g. interlocutory), which this does not appear to be, an order is unenforceable while under appeal.
  Doing what an order asks is grounds for dismissal of an appeal, notwithstanding cases where acts are made explicitly with the agreement of the parties and sometimes affirmation of the court to be without prejudice to the right of appeal. However in cases of disclosure of information, the disclosure is generally a form of prejudice (since it cannot be undone) that undermines appellate entitlement.
  So it is wrong to say they are are defying an order. They are doing what everyone does on appeal.
  If they were to defy an order they could be held in contempt of court. That would be an interesting story.
  Actually, the judge lifted the freeze on the court order, so Microsoft is in fact defying it. Microsoft states they plan to appeal, but until they do appeal, they are still defying it.
Thoughts by DaMattster · 2014-08-30 13:16 · Score: 2

This isn't altruistic of Microsoft but I'm happy they are putting up a fight just the same.
Since when did Microsoft become a EU company by rsborg · 2014-08-30 13:24 · Score: 2, Informative

The US legal system starts and ENDS at the US borders.
Microsoft is headquartered and incorporated in the US and thus subject to US law. QED.

--
Make sure everyone's vote counts: Verified Voting
1. Re:Since when did Microsoft become a EU company by bloodhawk · 2014-08-30 13:50 · Score: 2
  
  The question is not about whether they are subject to US law, they are, it is whether US can tell a US based company to ignore another countries laws. The argument here is that what the US court is demanding isn't legal and the US doesn't have the legal authority to do.
2. Re:Since when did Microsoft become a EU company by TubeSteak · 2014-08-30 16:13 · Score: 2
  
  Microsoft is headquartered and incorporated in the US and thus subject to US law.
  
  The data in dispute is not subject to US law.
  Microsoft Ireland Operations Limited leases and operates the data center in question.
  A US judge has no jurisdiction.
  QED
  
  --
  [Fuck Beta]
  o0t!
3. Re:Since when did Microsoft become a EU company by drinkypoo · 2014-08-30 16:15 · Score: 3, Insightful
  
  Microsoft is headquartered and incorporated in the US and thus subject to US law.
  Yep. That's completely true. So if there were some data held on a server in the EU, and a judge decided it was relevant to a lawsuit and demanded that it be presented, they could reasonably hold some representative of the corporation to be in contempt of court until such time as they produced the data in question. However, it would not actually establish any entitlement to that data, nor make it not a violation of various laws if they were to seize it be force.
  
  QED.
  QED, what you have said is irrelevant.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Profit centric, not customer centric by Antique+Geekmeister · 2014-08-30 14:13 · Score: 2

> Let there be no doubt that Microsoft's actions in this controversial case are customer-centric.
Nonsense. It is protecting their millions, even billions of dollars of international business, especially for their hosted email services, to make a public display of fighting this court order. It also helps protect their US business: publicly refusing a US order helps provide a history of customer privacy awareness when they try to resist a Chinese or Russian or EU court order for US held data.
And this is not an NSA "Patriot Act" order, which don't require judges and can be far, far broader than a typical search warrant or subpoena.
code reviews are perfect and impossible ? by raymorris · 2014-08-30 15:49 · Score: 4, Insightful

> Russian FSB has actually wrung Windows code reviews out of Microsoft so if they didn't find any back door in that code I'd say there are none to find...
So it's entirely possible to do a code review of an entire operating system and be sure that there are no vulnerabilities?
Of course, you can't be sure that something as simple as an ssl library is safe, but an entire OS is no problem. Despite the fact that there's no way to know if the code you're reviewing matches the installed binaries.
> there is always the option of doing a personal code review of what is it now, 200 million plus? lines of Linux source code and then compiling your own Slackware
Yep, that'd be even easier than the Windows code review, especially since thousands of other people have already done some initial review for you. You can then compile it yourself and know that the source code matches the binary, unlike Windows.
(The trojaned compiler attack is fairly trivial to defeat, so don't bother going there .)
1. Re:code reviews are perfect and impossible ? by raymorris · 2014-08-31 00:30 · Score: 4, Interesting
  
  Pick two or three compilers from different sources. It's okay if they are all trojaned.
  Compile each compiler with the other two compilers. Unless they are all trojaned in precisely the same way, including exactly the right cross-trojans for each other, you can see which one(s) can be trusted.
  https://www.schneier.com/blog/...
  Other defenses are also available. If you don't have the source to the compiler, you write a loop that automatically builds up the program line by line from "return 1". If adding one line of ansi C code adds several kilobytes of binary, there's a problem. Inspect the newly added portion using your choice of tool.
US laws ---- vs the world and blowback by doginthewoods · 2014-08-30 16:46 · Score: 4, Informative

The US is in a weak position, because in order to create a uniform standard of international law to address this sort of thing, the US will have to work as an equal with other countries who are already suspicious of US motives. The US knows this, which is why they are trying to bulldoze their way through this. The issue here is international law, and the laws of other countries involved. The HUGE problem is this: If MS is forced to turn over the data that is in another country (and possibly causing MS to violate the laws of that country) , then another country, using exactly the same ruling, could force a US company to obey its laws. Here's and example: Russia finds a worm , virus, whatever in some software that it's government is using, and that their data was stolen. Russian law allows confiscation of all computer hardware and the people involved held in jail until trial in Russia. The Russian government decides that the infection was present in software that was on the computer at the time of purchase, and as a result that company must have Russia's data, so now Russia can send its enforcers over here and confiscate..... Ooops. What MS is doing is trying to prevent a very shortsighted US ruling of opening a Pandora's box that can be used against the US.

--
Republican leadership = Idiocracy
However... by Demena · 2014-08-30 18:03 · Score: 2

Microsoft US does not control the data. A separate company (Microsoft Ireland) does. Now it may be a fully owned subsidiary but it is still a separate legal entity. The question here is not what people think it is. Does the judge have the right to demand that Microsoft US instruct Microsoft Ireland to break Irish law. The answer to is no because the data is not in the possession or control of Microsoft US. If Microsoft US were to make the request of Microsoft Ireland the correct (and required) response from Microsoft Ireland would be "Sorry, we cannot do that even though you own us.". So since Microsoft US does not control the data the request from the judge would be invalid. Microsoft US cannot comply with the directive since they do not have direct access in their own right.
They still need to orchestrate a show and tell ! by Taco+Cowboy · 2014-08-30 23:04 · Score: 2

Doesn't Parallel Construction cover this already?
http://en.wikipedia.org/wiki/P...

True
But they (meaning NSA + Microsoft + US Department of Justice) still need to orchestrate a very public show and tell, something that the whole world can see, something that tells the whole world that Microsoft has BIG AND STRONG BACKBONE, so much so that they dare to stand against the US Department of Justice, the NSA, and so on ...

From TFA---

"Let there be no doubt that Microsoft's actions in this controversial case are customer-centric. The firm isn't just standing up to the US government on moral principles. It's now defying a federal court order "
Ain't you so glad now that Microsoft has finally becomes a company with "MORAL PRINCIPLES"???
TFA is nothing but a propaganda piece, and /. has become a willing partner in the act of spreading Pro-Microsoft propagandum

--
Muchas Gracias, Señor Edward Snowden !
Maybe MS Should Ask... by BlueStrat · 2014-08-31 00:39 · Score: 2

...Who is John Galt?
Along with many other US companies and businesses as the US becomes an ever-more hostile and expensive place to base your business in.
Maybe MS will join the "inversion"-stampede of businesses fleeing the US for friendlier locales.
Once again the US government loads up the trusty foot-gun with its' hubris.
Strat

--
Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.
Re:They still need to orchestrate a show and tell by anyGould · 2014-09-01 08:46 · Score: 2

Ain't you so glad now that Microsoft has finally becomes a company with "MORAL PRINCIPLES"???
Technically true, though - if you define "protecting next-quarter profits" and "not wanting every country they do business in demanding the same favors" as moral principles.
From Microsoft's chair, they have no choice but to fight this - how many non-US countries and corporations are going to subscribe to Office365 and other MS-cloud services if it's publicly known that MS will give your information to a foreign government?