Making Cloud SLAs readily usable in the EU private sector
Microsoft vs US Gvmt: a victory for Cloud Customers & Industry
The tech industry has welcomed Microsoft’s victory in its challenge to the US government’s demand to hand over emails stored in Ireland.
The long-awaited decision by the Second US Circuit Court of Appeals came on 14 July 2016, in favour of Microsoft, making it a landmark ruling for protecting the privacy of cloud services, and has also been welcomed by civil liberties groups.
US authorities issued a warrant in December 2013 to access emails the US government believed to be linked to narcotics trafficking that were stored in Microsoft’s servers in Dublin, Ireland.
In July 2014, a US federal judge ruled Microsoft had to comply with the data access request, as a US company in control of the data.
But Microsoft appealed, arguing that the emails belonged to its customers and that the servers were outside US jurisdiction.
Microsoft is one of several large US tech companies that have called for the reform of surveillance reforms because of concerns that public loss of trust in technology will harm their businesses.
The Appeals Court said the US Congress did not intend the Stored Communications Act warrant provisions to apply extraterritorially and that the focus of those provisions is protection of a user’s privacy interest.
The ruling means US law enforcement agencies must respect European citizens’ digital privacy rights and the protection of their personal data. It makes clear that the US government can no longer seek to use its search warrants on a unilateral basis to reach into other countries and obtain the emails that belong to people of other nationalities.
Implications of the ruling
This ruling is a major affirmation that the rights we enjoy in the physical world continue to apply in the digital world. By declaring that a US warrant cannot reach communications content stored abroad, the court ruled strongly in favour of privacy and national rule of law. The Appeals Court has sent an important message to technology users that privacy protections and the rule of law apply online just as they do in the physical world.
While this ruling helps clarify an important question about the privacy of data stored in the cloud, more reforms are still needed to prevent negative consequences from this decision.
By working to create a global intergovernmental data access pact, the US can reassure people at home and abroad that it respects privacy and civil liberties, while also allowing the US tech sector to thrive and not diminishing legitimate law enforcement capabilities.