Court Denies US Government Appeal in Microsoft's Overseas Email Case

An equally divided federal appeals court refused to reconsider its landmark decision forbidding the U.S. government from forcing Microsoft and other companies to turn over customer emails stored on servers outside the United States. From a report: The U.S. Court of Appeals for the Second Circuit, in a 4-4 decision Tuesday, declined to rehear its July decision that denied the DOJ access to the email of a drug trafficking suspect stored on a Microsoft server in Ireland. Microsoft has been fighting DOJ requests for the email since 2013. The DOJ has argued that tech companies can avoid valid warrants by storing customer data outside the U.S. Judges "readily acknowledge the gravity of this concern," but the 31-year-old U.S. Stored Communications Act (SCA) doesn't allow worldwide search under a U.S. warrant, wrote Judge Susan Carney. "We recognize at the same time that in many ways the SCA has been left behind by technology," Carney wrote in Tuesday's decision. "It is overdue for a congressional revision that would continue to protect privacy but would more effectively balance concerns of international comity with law enforcement needs and service provider obligations in the global context in which this case arose."

Read as:

DOJ butt hurt about ruling continues to.seek unfettered access to all data regardless of where it is or who owns it.

Re:Read as:

[saloomy]

The DOJ is butt-hurt. But too bad. The US can't just decide that their warrants are valid EVERYWHERE, just because a company operates in the US as well. What happens when China wants data stored by Boeing in the US, because Boeing has offices in China, and there is a law-suit? There is a reason why the laws are written like this. If the drug traffickers data was so instrumental to the case, and the justification for the warrant is so compelling, then the US attorney should contact authorities in Ireland and seek the Irish courts to issue a warrant to MS.

If there is anything fishy, they won't go that route, and if there isn't, an extra set of judicial eyes on the facts of the case can't hurt.

Another solution

[Okian+Warrior]

So, is US congress now going to change the law so a US judge can permit the US DOJ to access foreign servers? May we assume reciprocity, so that other countries can then serve warrants to providers in the USA and legally demand access to data stored on US soil?

I think not..

Another solution is to pass a law saying that all US citizen data has to be kept in servers in the US.

The benefit is that foreign countries don't get to access our citizens' data as easily (Russia, China, Canada).

The *real* solution is that E-mail and other data should be encrypted end-to-end, where the provider and location don't matter. Proton mail and Lavabit come to mind.

I remember when DropBox first came out, it required a driver to install (in WinXP) to synchronize the data to the cloud, and asked whether they had any plans to add encryption. Their response was "Oh, we'll never add encryption! That's the end-user's responsibility, and besides... it's haaaaaard!"

We need turn-key solutions. If good security is a checkbox "make my messages private", more people would use it.

Work at the White House

[Okian+Warrior]

USA is all that matters, the rest of the world can go fuck themselves.

You should apply to work at the White House - I hear they're hiring.

Re:Work at the White House

He's probably not rich enough to be accepted.