This article is more than 1 year old
If Europe is against US's Irish email grab, it must pipe up now
European Commission still silent despite Ireland's plea
Analysis The European Commission is running out of time to wade into the battle between US prosecutors and Microsoft over servers in Ireland. Uncle Sam's lawyers want the American company to hand over emails stored in the Emerald Isle, and everyone but the EC is piling in with their 2p.
Before Christmas, the Irish authorities filed an amicus brief – third-party report – in the warrant case, which is being heard in a New York district court in the US. Ireland more or less supported Microsoft's resistance to handing over the messages.
The warrant for the emails was issued in the US in December 2013 and ordered Microsoft to hand over the inbox of an alleged drug trafficker. The tech behemoth’s appealed, arguing that an American court cannot rubber-stamp a search warrant against something thousands of miles away. However, US district judge Loretta Preska ruled in July that the location of the data was immaterial since US-based Microsoft had "control" over it.
Ireland, in its brief, decided to flex its muscles, reminding the New York court that: “Ireland is an internationally recognised sovereign nation state. The United States recognises and maintains diplomatic relations with Ireland.”
It further added that the state “does not accept any implication that it is required to intervene into foreign court proceedings to protect its sovereignty.”
The crux of the problem is that there exists an international agreement that the US could have used to contact Irish cops to gain access to the emails through legal means: it's called a Mutual Legal Assistance Treaty (MLAT). But American prosecutors instead decided to cut the Irish out of the equation.
Since the warrant orders Microsoft to produce material held in the Euro nation, “Ireland has a genuine and legitimate interest in potential infringements by other states of its sovereign rights with respect to its jurisdiction over its territory,” the brief reads.
Ireland follows a long line of companies and organisations queuing up to support Microsoft, presumably because this case has far reaching implications and not just for Redmond, which stores its European customers' email in Irish data centres.
Almost 30 technology companies including Verizon, Apple, Amazon, Cisco, Salesforce, HP, eBay, Infor, AT&T and Rackspace, have directly or indirectly (via trade organisations such as the Business Software Alliance, the Application Developers Alliance, the US Chamber of Commerce and the National Association of Manufacturers) weighed in on the side of Microsoft. Civil liberties organisations, 17 news and media outfits, and 35 science professors have added their voices. Even a Member of the European Parliament has supported the tech giant.
Unsurprisingly the companies and trade orgs are worried about economic damage. They all point out that it will undermine consumer and business confidence, and thus hurt the bottom line of US firms that provide remote data services or any sort of cloud computing.
Verizon went further, saying that a loss for Microsoft in this case would “harm American business, violate international understandings, subject American companies. to potential liability abroad, and invite foreign governments to unilaterally obtain data of Americans in the United States.”
The civil-rights groups including the Center for Democracy & Technology, the American Civil Liberties Union and the Electronic Frontier Foundation have focused on constitutional privacy rights. While the media companies – ranging from The Guardian to Fox News – say that the court’s interpretation that the emails are the “business records of Microsoft” rather than personal, private records of its customers, could undermine freedom of the press and protection of sources.
Boffins, meanwhile, note that although information may be stored “in the cloud”, it is still stored as a series of bits on at least one discrete physical storage device “not unlike the hard drive in a personal computer,” and as such is not a new storage technique that's incompatible with the MLAT.
Finally, MEP Jan Philipp Albrecht, vice-chair of the European Parliament’s Civil Liberties Committee and the man in charge of coordinating the Parliament’s position on data protection, said the EU and US have very different attitudes to privacy.
“The protection of privacy and personal data in EU law is not intended to stop the use and exchange of data. Its purpose is to regulate the transfer and storage of data, preserving the ability of the data subject to control his personal data. Interference with that control is limited to circumstances where it is necessary, proportionate, and subject to effective oversight. The decision of the District Court effectively permits this carefully constructed regime to be sidestepped,” he said.
All this naturally makes Microsoft very happy. “Collectively these briefs make one conclusion unmistakably clear. This case involves not a narrow legal question, but a broad policy issue that is fundamental to the future of global technology,” wrote Microsoft’s general counsel Brad Smith in a blog post.
The only party (that is presumably interested) not to have given a position so far is the European Commission – despite entreaties from businesses and the Irish Government.
If the EC plans to do so, it will need to move rapidly: the US government's brief in defence of its warrant is due in early February. Microsoft will then have to reply by mid-March. ®