Google has been ordered by a federal court in Pennsylvania to comply with search warrants and produce customer emails stored abroad, in a decision that is in sharp contrast to that of an appeals court in a similar case involving Microsoft. Magistrate Judge Thomas J. Rueter of the U.S. District Court for the Eastern District of Pennsylvania ruled Friday that the two warrants under the Stored Communications Act (SCA) for emails required by the government in two criminal investigations constituted neither a seizure nor a search of the targets' data in a foreign country. Transferring data electronically from a server in a foreign country to Google's data center in California does not amount to a seizure because "there is no meaningful interference with the account holder's possessory interest in the user data," and Google's algorithm in any case regularly transfers user data from one data center to another without the customer's knowledge, Judge Rueter wrote. He added that when Google produces the electronic data in accordance with the search warrants, and the government views it, the invasion of the account holder's privacy - the searches - will take place in the U.S. In the Microsoft case, which was cited by Google, the U.S. Court of Appeals for the Second Circuit in New York quashed a warrant that would have required the company to disclose contents of emails stored on a server in Ireland. The court said in its opinion that the SCA under which the warrant was served "does not authorize courts to issue and enforce against U.S.‐based service providers warrants for the seizure of customer e‐mail content that is stored exclusively on foreign servers."
Microsoft has cited new European data protection rules in support of its claim that the U.S. government should use inter-governmental agreements rather than a warrant to force the technology company to provide emails stored in Ireland that are required for an investigation. The General Data Protection Regulation was adopted last week by the European Parliament with an aim to provide an unified data protection regime across member states. It was earlier adopted by the Council of the EU, and is to come into effect in a little over two years after its publication in the EU Official Journal. The legislation will replace the EU Data Protection Directive, which dates back to 1995. In a filing in the U.S. Court of Appeals for the Second Circuit, Microsoft's lawyer E. Joshua Rosenkranz referred to Article 48 of the regulation, which states that any "judgment of a court or tribunal and any decision of an administrative authority of a third country requiring a controller or processor to transfer or disclose personal data may only be recognised or enforceable in any manner if based on an international agreement, such as a mutual legal assistance treaty....." This rule sits well with Microsoft's own position in the dispute.
Many new PCs used to come with Microsoft Office pre-installed. SAN FRANCISCO -- In a ruling that could have important data security implications, a court ruled Thursday that Microsoft can't be forced to give the government e-mails stored in Ireland even though they're part of a U.S. drug investigation. "This is an an incredibly important ruling, one of the most important in a long time," said Craig Newman, who heads the data privacy practice at the New York law firm Patterson Belknap. The case dates back to 2013, when U.S. prosecutors demanded that Microsoft turn over emails linked to a drug-trafficking case. The emails were stored only on Microsoft servers in Dublin.
A U.S. appeals court will not reconsider its groundbreaking decision denying Department of Justice efforts to force Microsoft to turn over customer emails stored outside the country. The U.S. Court of Appeals for the Second Circuit, in a 4-4 decision Tuesday, declined to rehear its July decision that denied the DOJ access to the email of a drug trafficking suspect stored on a Microsoft server in Ireland. Microsoft has been fighting DOJ requests for the email since 2013. The DOJ has argued that tech companies can avoid valid warrants by storing customer data outside the U.S. Judges "readily acknowledge the gravity of this concern," but the 31-year-old U.S. Stored Communications Act (SCA) doesn't allow worldwide search under a U.S. warrant, wrote Judge Susan Carney. "We recognize at the same time that in many ways the SCA has been left behind by technology," Carney wrote in Tuesday's decision.
Many new PCs used to come with Microsoft Office pre-installed. SAN FRANCISCO -- In a ruling that has important data security implications, a court ruled Thursday that Microsoft can't be forced to give the government e-mails stored in Ireland that are part of a U.S. drug investigation. "This is an an incredibly important ruling, one of the most important in a long time," said Craig Newman, who heads the data privacy practice at the New York law firm Patterson Belknap. The case dates back to 2013, when U.S. prosecutors demanded that Microsoft turn over emails linked to a drug-trafficking case. The emails were stored only on Microsoft servers in Dublin.