Slashdot Mirror
Does US Have Right To Data On Overseas Servers? We're About To Find Out (arstechnica.com)
Long-time Slashdot reader quotes Ars Technica:
The Justice Department on Friday petitioned the US Supreme Court to step into an international legal thicket, one that asks whether US search warrants extend to data stored on foreign servers. The US government says it has the legal right, with a valid court warrant, to reach into the world's servers with the assistance of the tech sector, no matter where the data is stored.
The request for Supreme Court intervention concerns a 4-year-old legal battle between Microsoft and the US government over data stored on Dublin, Ireland servers. The US government has a valid warrant for the e-mail as part of a drug investigation. Microsoft balked at the warrant, and convinced a federal appeals court that US law does not apply to foreign data.
According to the article, the U.S. government told the court that national security was at risk.
The request for Supreme Court intervention concerns a 4-year-old legal battle between Microsoft and the US government over data stored on Dublin, Ireland servers. The US government has a valid warrant for the e-mail as part of a drug investigation. Microsoft balked at the warrant, and convinced a federal appeals court that US law does not apply to foreign data.
According to the article, the U.S. government told the court that national security was at risk.
When isn't it national security?
I don't recall the details of the case and can't be bothered to read up on it, but according to the summary it's a drug investigation. It's a pretty far leap from there to national security.
Also, four years. If nothing's happened yet based on the information in those emails it's VERY unlikely anything is going to happen ever. That alone should rule out a national security issue.
-=This sig has nothing to do with my comment. Move along now=-
...but it seems rather reasonable that if a court of law orders you to submit something, the fact that you had stored in another country shouldn't be much of an excuse for not doing so.
Rome taught me patience and assiduous application to detail. Virtues which temper the boldness of great, general views.
It should be illegal for US companies to outsource jobs and host servers in places like Europe. Those are jobs that could go to Americans, but now they're going toward Europeans. Furthermore, those companies store data on foreign servers and put money in foreign accounts. Microsoft shouldn't be operating servers in Ireland or anywhere in Europe. The jobs of operating servers should come back to the United States where they belong. Europeans should not be taking jobs away from Americans. Europeans have started the two biggest wars of the past 100 years (WWI ended in 1918 so it still counts) and the United States gave them tremendous amounts of aid after the second world war. It's time that we stop letting Europe mooch off of us, not observe their obligations to NATO, and take our jobs away. Let Europe collapse into a socialist hell where everyone pays ridiculous taxes to the state while the United States prospers. Europeans are incredibly smug and rude. It's time we give them the boot and the middle finger they've deserved for decades.
What we *will* find out is the opinion of an American court, which has no international power. The proper place for this request is the international court of justice in the Netherlands. Unfortunately the US is the only non-dictatorial country that doesn't recognize this court.
Does China, Russia, Germany have a right to your data if you are in the USA but using a such a country's service? Because this is the gate being left open
Does anyone have a right to data privacy, whether a private citizen, a vassal of an authoritarian nation-sate, or a government institution/employee?
Because what this is really setting the precedent for is a free for all of data confiscation, destruction, and jurisdictional blurring.
No doubt intended I am sure.
The US court is issuing an order to the Microsoft US corporate entity, which is constrained by US laws, to produce data that the Microsoft US corporate entity previously told the court it could produce. However, the Microsoft US corporate entity at some point handed the data off to the Microsoft IE corporate entity, which is constrained by IE laws. It turns out that the Microsoft IE corporate entity is constrained by IE laws for sending that data back to the Microsoft US corporate entity to comply with the US court order.
Imagine if you were a customer of the Microsoft US corporate entity and stored some data with them that they they then handed of to the Microsoft IE corporate entity. If it was data that IE laws prohibited the Microsoft IE corporate entity from sending back to the Microsoft US corporate entity when you wanted to retrieve the data, would you shrug it off or would you sue the crap out of the Microsoft US corporate entity?
Multinational companies reap benefits by having various corporate entities in various jurisdictions to a degree infeasible for lesser companies. This is reasonable as long as they are also willing to pay the costs of having these various corporate entities, among which are keeping track of the overlapping obligations. No one makes these companies operate like this.
What can a US brand sell as data hosting or cloud services?
All data will be encrypted and 100% kept in the nation of origin?
That removes the profit from the scale of really cheap hosting in the USA.
Why would any person, lawyer, company or nation risk any US brand that will just give any/all data to any open US court setting?
For the US security services?
US Special crimes?
Drug crimes?
Any US crimes?
US SJW want to report or ban something?
Civil claims in the US?
Consider hosting in your own nation, with your own local brands and their much stronger data protection.
A risk with some freedom of speech issues but good lawyers can a least keep your data safe from other nations random global judicial activism.
Domestic spying is now "Benign Information Gathering"
A subsidiary is a local company established under local laws and subject to all local laws. It will have its own board of directors - who may well all be employees of the owning company, but still have a separate duty to obey the law. If such a subsidiary breaks the local law, it is a criminal offence and the directors become liable. If they are outside the country, the assets of the company may be seized.
If MS sets up the Irish subsidiary to own and operate the servers, it will be impossible for that subsidiary to obey the US order - because it is a separate legal entity which the US courts have no jurisdiction over.
Between those two legal doctrines, the case is clear. If MS DIDN'T vest ownership in its Irish subsidiary, then it is an idiot. This appears to be part of the story here...
I'll come and do something to your arse,you pig ignorant lard arsed yank,but it will mean the use of my chainsaw.
What makes you think we want hordes of Muslim (or other )scumbags ?
We deal with them by housing them in tower blocks,which them mysteriously catch fire..
Let's resettle the Muslims into my ass where they can be with their fellow refugees, where they belong. Meanwhile, Europeans should pucker up and laugh their asses off.
FTFY
Well, they can always do it like EU and put the said companies under investigation if they won't comply with every single stupid demand they do (e.g right to be forgotten).
That's a double edged sword.. it also means that that US would have to give information to foreign governments stored on US servers.
I mean.. we wouldn't want to be hypocrites now would we?
When will mandatory brain scans be required from all the world's population, not just US citizens?
What astonishes me the most about this case is that the feds even bothered to *get* a warrant for overseas data in the first place.
With all the rhetoric about warrantless laptop searches at the border one would think the feds think our constitutional rights only apply on US soil.
As for my armchair lawyer analysis:
Data stored on servers located on foreign soul isn't even subject to US jurisdiction to begin with, so presumably the warrant in question would need to issue from a court of the nation in question, and not a US federal court.
You are misrepresenting the legal issue. The problem is giving the data to someone who doesn't own it. Microsoft and or have no problem giving the data to the owner.
The proper way to handle it then is to forbid them from exporting data that might be necessary for US retrieval (well, forbid them from deleting it from US servers -- I realize that caching and such would require copying across initially,) rather than waiting until after the fact and then trying to walk all over a sovereign country's laws.
Of course, unless there's some apriori definition of "necessary for US retrieval," this amounts to having to retain local copies of all data on US servers. Though I can't really fathom much reason to store US data (exclusively) on non-US servers except to try and skip around US data (anti-)protection laws.
UK stores its Parliament data in Microsoft's cloud (in Ireland for what its worth).
This would let the FISA court grant USA access to UK Parliamentary comms, and would let Trump get access to that data, and let Trump's Russian friends get access to those comms.
So when UK Parliament discusses Russian interference in elections, that would be accessible to everyone involved in that interference and everyone who benefitted from that help.
So NO, USA does not have global reach.
Put the servers in one country with encrypted data and then have the only people able to access it be in another country.
And when Russia passes the same law, and demands the same data access from US Corporations that operate within the Russian border?
If USA law 'Trumps' EU Privacy law, then Russian law can too. Hence it grants free access to everyones data to China and Russia and pretty much every rogue nation on the planet.
How would you like Putin reading Republican Congretional emails, without even having to hack their email server first? Because USA law has backdoored any privacy right.
If the data is local to the jurisdiction no matter where in the physical world it is, cyberterrorism and spying over the internet doesn't exist, since what they do remains within their jurisdiction.
Of course, the merkin government only means for them to do this. Because fuck you, world.
This is where the fiction of corporate personhood becomes very valuable. See, a US corporation is, and must be, subject ot US laws. If they are not, then they become frree of all accouuntability. So, yes, I expect that VW to be subject to German law, and that a German court be able to compel them to present data hidding in a server in the US. I expect the Chinese goveernment to maintain accouuntability of corporations registered in China. I expect the Russian government to properly tax Russian corporations. (well, not really the last, but you get the point.)
When they can scale up the technology enough that it will cope with larger brains and more nuanced thought.
Governments do not typically have laws that give Sovereign Rights to other governments. Other jurisdictions are largely ignored and not talked about. If a company wants to do business in America it follows American laws, in some cases even if the law breaking happened entirely out of the country(victims, data, server) it can still either comply or flee the country entirely.
Troll is not a replacement for I disagree.
If the server only serves, no the US doesn't have any rights to what is on the server. BUT, if the server accepts any data such as from web forms or in ecommerce, the US should have rights to any transactions originating in the US. The EU claims this same right. Then they abuse it to harass Google and other companies so they can shake them down for money.
Re-read the headline, replacing US with your favourite enemy.
Does it still hold?
If not, then the answer is "no".
US is not special in international law in any way.
Redneck 1) Don't you go trying ta bring yer foreign laws here. No Sharia law!
Redneck 2) We can enforce our laws in other countries!
Redneck 3) yea, cause dey took r jobs!
If the election has taught me one thing, it's that the America public if far more ignorant than I'd thought it was.
Why? "It's a matter of national security."
Does the US think they have the right to data on overseas servers: fixed it for you.
... US tech companies should leave the country.
Realize that if this flies and the US can force any US corporation to surrender their data, no matter where that data is stored on the planet, nobody in their sane mind would use a US company to store their data. Or process it.
MS has every good reason to fight this tooth and nail. And Amazon would have every reason to put money behind them. If the verdict goes in favor of the US government, pretty much any US cloud provider is dead in the water. Because then even US companies would rather store their data in, say, Iran than with an US company.
Why does the US government hate the US industry?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
I doubt that a ruling that the American government can seize data from overseas servers would have any power outside the borders of the USA, but it will cause a lot of headaches for companies operating inside the USA, and a LOT of headaches for American companies operating in foreign countries. The minefields are numerous, and a ruling favoring the American federal government is going to be bad for privacy in general, everywhere.
Make love, not reality television.
Ordinarily I think these national boundary constraints would limit the reach of US courts and warrants, but with the "national security" flag raised I think it stops being solely a question of legalism and jurisdiction and then escalates into diplomacy, where there are other tools available to gain compliance.
Microsoft may say to the US government, "No, your warrant doesn't work because MS IE has to follow IE law."
All this will mean is that ultimately the State Department gets involved and begins negotiating with the Irish on what data they want and how Ireland should let them have it. If the national security apparatus wants it bad enough, State will use diplomatic leverage to obtain it. The entire point of the State Department is to obtain agreements with other countries, either by compromise negotiation or leverage.
A US warrant only has jurisdiction in the US. It cannot cover any other country. How can the US complain that Russia has hacked US computers and then want to hack other people's computers?
I love stacking my barbecues in the shed at the end of summer - you can't beat a bit of grill on grill action.
Stop trying to trick us into actually thinking there could be a debate about this. Clearly no.
I karma to burn
In a nutshell, the US government claims it should not matter where the data is stored. What matters is whether the company can access that data in the US.
I have to agree with this, if the data is accessible to the US and it is a US based Company then I think the warrant should be valid. BTW, they have a warrant so I think they are following laws anyway.
Of course over the past few years the US is doing everything it can to give companies incentives to leave, so what is 1 more :)
...what would the US' reaction be if a Russian court wanted data stored on American-based servers?
Yeah.....
What we are about to find out is whether it _thinks_ it does have that right, which is a bit different. As we already see companies not storing data from European customers in their own systems but outsourcing that to European companies bound by European data protection laws, I guess id does not matter that much. US arrogance and greed already cost the US economy significantly.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Take a look at this propaganda piece against Scaleway (that they're somehow inferior for obeying the speed of light).
At this point, I quite don't see a rational person hosting their data in the US or at a company with US presence. Because, you see, you got the 4th Amendment, we don't, right?
The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
I see everyone is ignoring the fact its the stated opinion that US law applies worldwide to all US citizens.
hence why the IRS demands tax from US citizen in resident in other countries. This also applies to US courts.
Also why any company that does business in the US has make sure its worldwide operations are fully compliant with US law otherwise they would get there ass sued.
Naturally every other country thinks this is retarded. But hey.
This is already happening. For example, the MS cloud in Europe is outsourced to Deutsche Telekom, exactly to make sure MS does not have any customer access. This also means a major part of the revenue goes to Deutsche Telekom and not to MS. The reason for that many prospective European customers would not use this service otherwise due to very shaky legal ground.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
"... U.S. government told the court that national security was at risk..."
Lemme see here, U.S. government, U.S. national security, U.S. court?
Umm, were does the law of the U.S. apply to other nations?
Only after an invasion and conquest and state hood does it apply.
Terribly complicated stuff.
This would undoubtedly drive business away from US companies that provide information services to users overseas, we is precisely what we need for economy. Make America Great Again(tm)!
Joking aside, how is a drug investigation a matter of national security? If you're going to claim you need some power for national security reasons, then only use it for national security reasons. Don't then turn around and use it to prosecute drug offenses.
Any US company with data stored in the EU can choose between violating US law by following EU law, or violating EU law by following US law. The outcome would be that US companies won't store any data in the EU anymore. And EU data won't be stored on servers of US companies. US companies face a huge loss of revenue while creating a great oppotunity for EU companies providing cloud services. The next question will be if the US government is going to ask US carriers operating in the EU to wiretap communications inside the EU, which would be also illegal by means of EU laws. Side note: I woudn't be surprised if they already do. It's time that some governments understand that there are borders and they can't enforce their laws on foreign countries. They can ask other countries for support to get data/evidences, but violating their sovereignty is an absolute no-no.
If the US has the right to data on foreign servers then all other countries have the right to data on US servers.
Has the right? No. The US has the right to ask and the other country has the right to acquiesce or tell the US to fuck off.
I'm pretty sure if you get a warrant to search someone's laptop or computer in one jurisdiction, and it turns out the laptop is currently in another jurisdiction, they can't make you go get the laptop and bring it back - they need to get a warrant for the jurisdiction it's in.
The issue is the limit of the judicial district. If you want to search something in a particular place, you get a warrant from a judge in that place. The warrants in question are claiming that since you can access the information anywhere, then the warrant is good for anywhere the information is stored.
VPNs might muddle the issue further, since you could argue it's one large logical network anyways.
My Other Computer Is A Data General Nova III.
Though I can't really fathom much reason to store US data (exclusively) on non-US servers except to try and skip around US data (anti-)protection laws.
And that, right there, is the one question that everybody seems to be ignoring. If the data refers strictly to US customers, why is it being stored only in Ireland? Unless Microsoft can come up with an answer for that that doesn't include trying to dodge around US laws, they should be subject to whatever sanctions are appropriate for their actions. (IANAL, so I don't know the right terminology for this.)
Good, inexpensive web hosting
This could be easily resolved by giving Irish courts jurisdiction over data stored in the US too. These things are only a "problems" if you don't want to play fair.
If I understand this correctly.
Microsoft US is in possession of data US Govt wants.
Microsoft demands Data from MSUS.
MSUS says "Shucks, we just transferred that data overseas, guess you are out of luck."
The legal question for the US supreme court "Is this a defensible position for a US company to hold"
If it IS a defensible position, then the US Govt cannot penalize MSUS for failure to turn over the data.
If it is NOT a defensible position, you will see court ordered sanctions against MSUS (Probably something along the lines of heavy daily fines) until the data they want is handed over.
A precedent like that would trigger what is effectively a trade war, with other countries making laws that if you want to do business in their country you must not do business in the US
Nobody will pass laws like that they will just enforce the laws they already have. If Microsoft share the data stored in the EU with the US government I expect this will put them in violation of the EU data protection laws. The result will be fines and probably civil damage cases from those affected. This will severely damage large, global US companies making them far less competitive with local companies and also certainly lead to the US's current idiot in charge making wild accusations about the EU and others discriminating against US companies when, in reality, it's the direct consequence of the US trying to impose its laws on others backfiring and taking out US companies abroad.
Why is Microsoft protecting drug traffickers?
The only answer that makes sense to me is that Microsoft is also engaging in the drug trade.
Contribute to civilization: ari.aynrand.org/donate
Ask the court in the other country to help in that matter.
The problem is that this can't work because what the US court wants is illegal under EU data protection laws. It would be like country X asking to extradite someone in the US because they criticised their leader. The US court would refuse, regardless of any extradition treaty, because it would be an illegal violation of free speech rights.
However, the US does have intelligence sharing agreements so I would have expected that the better route to this data would be to use those by having the local intelligence forces request the data locally and then have them share the pertinent details with the US - this is how it seems to work in Canada and the UK. The fact that they did not go this route suggests that their need for the data probably does not hold up to scrutiny.
Any employee of this local subsidiary can simply refuse to comply with the order (I expect every single country has a law that allows employee to refuse employer order to break the law). [...]
It depends on how things are structured though.
I worked for a many software company for several years ("SoftCo"). The parent company ("SoftCo Inc.") had its headquarters in California, and I technically worked for "SoftCo Canada" (i.e., that is who my contract was with). But my team lead was in Europe, I had a team mate in Singapore, another in California, and my manager was also in California (though a different city).
We all had SSH access to the same servers.
So even though some systems were located in Canada (or the EU, or SG, etc.), if a warrant would have ever come down, it would go to HQ Legal, and my manager would get the order. Now I could tell the US court to go fsck itself, but my manager could order my US team mate to execute it--even though a system was in Canada.
So unless a company, and its IT infrastructure, is organized such that the US parent company (and its employees) do not have access, then warrant could be served on US employees.
That might expose them to a civil lawsuit in Ireland but that would probably be easier to deal with than the 800 pound gorilla that is the US federal govt.
It's more likely to be a criminal lawsuit and expose them to the 850 pound gorilla that is the EU commission. The EU has a slightly larger economy than the US (by some measures) and an established record of swingeing fines on large US companies which ignore EU laws. Microsft itself has already been fined 1.3 billion euros.
Your naive proposal is exactly what Microsoft did in this case. The government where the main company is located has claimed: "it's your subsidiary therefore you can and will order them to comply."
If the courts don't smack this down, there will be no way to operate cross borders except with truly independent companies -- no financial benefit or control possible by either side. You think CEOs are gonna stand for not being able to grow their control or profits outside their own borders?
You approach the "overseas", provide enough evidence, ask for a warrant.
Then the authorities, usually a judge, judges the evidence and issues a warrant.
Then you get what you want.
A company like FB/MS or any other can not simply provide data from a german server to an US authority. Regardless what the US man with the gun thinks.
Privacy and data is the holy grail in Europe, like your free speech. If a company would simply send data to the US without a court ruling/warrant here in Europe it would break so many laws it likely would run bankrupt.
How an US lawyer/congress/governor can come to the dumb idea he has a chance to make it law that his warrants are valid world wide is beyond me.
Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
Well, m$ is a USA company. they have stuff in other countries, but in those countries, the "stuff" still belongs to m$.
if we assume that m$ company policy is that all employee emails, written by employees, with m$ owned domain-endings,
written during office hours belongs to m$ then ofc they have to hand them over if there's a court order from their home country.
however, if the email uses m$ domain names (and servers) but the sender is not an american citizen, then it can swing either way, :)
depending on what EULA the private user agreed to (if the m$ EULA says that they will hand over all emails if asked for by "any"
court order from "anywhere" the user probably deserves this "hanging out to dry" treatment.)
on the other hand (don't drink coffee now!), m$ could vigorously fight for the users privacy and kindda extend the american-rights like a blanket for "less free humans" from repressive regime countries.
MUAHAHAHA, see i told you not to drink coffee
it is thus funny, that iceland gave up a thor server, for fbi agents traveling on a silk road : )
funny as in: "we own 80% (or so) of the desktop computer market. heck even your freaking court order was probably written with on OUR (black box)
OS with OUR office document suits. it's non of your business if one of our star-programmers needs a coke or pepsi hit once in a while, so go piss in the wind.
by the way, there's probably a EULA clause somewhere, were you agreed to not use our software for detrimental causes to us "the company" (that includes writing subpoenas)."
by the way, if you USA company wanna make cheap stuff, then use children and/or if don't want to costly clean-up toxic manufacturing by-products, ...
please do it in other countries
Can you imagine the response by this same "justice" department if the same kind of request was made by a foreign government regarding US companies/connected individuals? A few years back Mitch McConnells inlaws (which have given him insane amounts of money by the way) had one of their cargo ships searched and found millions of dollars of cocaine on it destined for Europe, want to guess what would happen if something similar happened today and European nations were hunting for email data via similar demands?
Sorry, the rest of us just feel that you should grow up and get over being scared of the boogiemen.
Might makes right. Anyone disagreeing should expect a cruise missile or drone strike. End of debate. Failure to comply would be... Unwise.
We've already broached this issue a number of times within legal circles where someone within the US would like to impose US legalities or authority over other sovereign territories. The problem which arises are numerous; If the US does not respect the sovereignty of other nations, then other nations will stop recognizing the sovereignty of the US. Any attempt to circumvent diplomatic relations runs the risk of damaging relations between the US and other nations. If the US has a right to seek data in other nations, then it stands to reason other nations will begin to demand data from US sources. There is also the issue of applicable international law, which is generally more protective of rights than the US is. Just scratching the surface of the issue, attempting to assert any sort of right to data which is not natively hosted is a can of worms. Rather than trying to force a legal right, this is the sort of thing which belongs within the domain of diplomacy.
When a government of some country wants something from a company that practices business there, and the company does not provide it (not because they cannot, but because the will not), why doesn't the government just suspend the company's license to practice business in that country until they cooperate?
They are, after all, the fricken government.... the data might not be under US jurisidction, but those who are within the USA certainly are... unless they can show that it is not feasible for them to obtain the data remotely without express cooperation by parties over which the USA has no jurisdiction, or that they otherwise do not possess the lawful authorization to retrieve the data from the other country, I don't know how they have any choice in the matter.
File under 'M' for 'Manic ranting'
Further to this, there's one thing I'm sure of, on these legal matters:
The US government has the right to kiss my ass.
Where are we going and why are we in a handbasket?
Aww, did poor whitey get offended? waaaaaa
Ironically, I am seriously fucking white. But I'm not seriously in denial.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
A subsidiary is a local company established under local laws and subject to all local laws. It will have its own board of directors - who may well all be employees of the owning company, but still have a separate duty to obey the law. If such a subsidiary breaks the local law, it is a criminal offence and the directors become liable. If they are outside the country, the assets of the company may be seized.
If MS sets up the Irish subsidiary to own and operate the servers, it will be impossible for that subsidiary to obey the US order - because it is a separate legal entity which the US courts have no jurisdiction over.
Between those two legal doctrines, the case is clear. If MS DIDN'T vest ownership in its Irish subsidiary, then it is an idiot. This appears to be part of the story here...
The court simply has to find that the Irish company is not actually a separate entity. And it's not. It's a shell set up to dodge the law (primarily to not pay taxes). They don't even try to hide it. It's trivial to trace it to actual US citizens. Declare the "Irish" subsidiary to be a shell under the actual ownership and control of Americans (because it is), then throw them in jail for hiding tens of billions from the IRS and breaking tons of other US laws (because they are).
I'm sure we all have many concerns about this case and the privacy of our data. Here are my thoughts and questions:
1.) If it's really National Security, why didn't it go through the FISA courts? Or, why hasn't the NSA/CIA simply covertly recovered the data for them?
2.) If MS won't give you the data because you're in the US, why don't they contact the Ireland courts with their warrant and request some international assistance? Perhaps they'll issue a warrant for the data in Ireland and release it to the US DoJ?
3.) Let's take this to the next [il]logical step - If a big company like MS, takes over an unclaimed island and becomes its own sovereign country, then places data centers there that store massive amounts of personal data from various countries; they make personal privacy their highest law; how do other countries retrieve data from there for court-ordered cases, when the data is clearly in a pro-privacy country? Do they use trespass on their sovereignty and use cyber-tactics to extract the data?
While this case has been running around for 4 years, a federal court has ruled, so the Supreme Court may simply let that ruling stand. They aren't obligated to hear the case. Plus, it might not be a Pandora's Box they want to open. Imagine then that Russian/Chinese/North Korean/Whatever courts could request data from US servers for companies that are doing business in/with Russian/Chinese/North Korean/Whatever jurisdictions. This could effectively set precedence how the DoJ would have to respond to foreign powers. That's really beyond the scope of the courts, isn't it?
Awk! Pieces of eight. Pieces of eight. Pieces of seven... ERROR: General Protection Fault. [Paroty Error.]
Send me your subpoenas and court warrants. I'll make sure to put it to a good use. As toilet paper. Cheers from EU
Multi-nationals are de jure guilty of conspiracy to avoid prosecution and other actionable crimes when they conspire to withhold legally obtainable information. Unfortunately, it always seems to have to go all the way to the Supreme Court to assert such things. When served with the associated penalties, the companies will most likely cease from such illegal conspiracies.
"Ordinarily I think these national boundary constraints would limit the reach of US courts and warrants"
Please note I am not making any claim that the US Court has any authority outside of the US national boundary. My point is that the US Court is not trying to assert any such authority and those claiming that the US Court is claiming that authority are wrong.
Fuck - the USA is special in international law in a major way.
United States withdrew from compulsory jurisdiction in 1986 to accept the court's jurisdiction only on a case-by-case basis.-
Despite the fact that the USA enjoys a permanent spot for an ICJ court judge.
Complete and pure hypocrisy.
America: We reserve the right to cast judgement upon the WHOLE WORLD, and no one has the right to impose similar upon us.
That said, I agree with you that nobody should be "special" in the way you suggest.
Problem is, the USA has already carved itself exemptions and will NEVER capitulate to international oversight.
NEVER.
Right, it's the corporation claiming its non-US subsidiary is just following local (non-US) law to not allowing access to data.
The involvement of State would come to convince IE or whatever foreign government it is to recognize that US process was followed and that parent company is playing the border game and to encourage local subsidiary to follow court order.
My guess is that most EU countries would be pretty tepid about defending a US multinational holding US data in their country. There's a point at which dealing with US diplomatic leverage isn't worth the headache when they have marginal intrinsic interest in the data.
They may be less compliant if it was their own nationals data that was being held and requested and the claim to the data was solely that the local subsidiary was a subsidiary of a US multinational.
So, we've had a previous ruling that companies are people. For the sake of discussion, let's say an American citizen hides money in an offshore account. Can a court compel that person to do something with those funds?... Answer: Yes. My question to legal scholars would be, how does this differ if an American company does something similar with data?
Disclaimer: I'm a privacy advocate, and don't agree with the companies = people ruling.
Just another day in Paradise
The court simply has to find that the Irish company is not actually a separate entity. And it's not. It's a shell set up to dodge the law
A shell company is a non-trading entity with no significant assets other than cash. What exactly do you think they do with their roughly 2000 staff? Do server farms count as assets in your book?
And in another part,
So, either the US government has started lieing, or stopped lieing and started telling the truth ; same difference for their shredded credibility.
Not that they've had any credibility for decades anyway. That probably went with Tricky Dicky (though I know enough people who distrusted them before Tricky became president).
Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
They might be discussing the matter of having right to oversea servers data, but they already have them anyway. National Security my arse.
The answer is: NO. THEY. F'N. DON'T!!!
Oh, I understand that some in the US will want a court ruling on the matter. I also understand that there are clear inter-jurisdictional issues at play. I understand that to various bureaucrats, extra-jurisdictional access would help them and make their lives easier. I understand that law enforcement has needs. I even understand that the US can throw their weight around and get stuff just by being big and intimidating and using pressure tactics.
Still: NO. THEY. F'N. DON'T!!!
We still live in a world where national boundaries are sacrosanct. Jurisdictional lines are sharp, clear and ever-present. You want data from a foreign country? Approach their local authorities and negotiate a release. You may want a data sharing agreement, or an extradition treaty, or other legislative framework to make the whole thing easier and above-board.
However the US has been one of the key barriers to international legal and governance organizations. The World Court? The US has resisted. The UN? The US has resisted (in actions more than words, though often words too). The IBRD/IMF/World Bank? The US has resisted.
These idiots are trying to have their cake and eat it too. And don't bother lecturing me on the problems with all the above cited organizations; I pretty much know the drill. Look up the definition of 'hypocrisy' if you want clarification as to what the problem here is.
It's called https://en.wikipedia.org/wiki/...
Casteism
According to the article, the U.S. government told the court that national security was at risk.
The big two: "for the children" and "national security".
There are others, but these two shut down thinking faster than anything.
There's no time like the present. Well, the past used to be.