Apple, Amazon, Cisco, HP, eBay, AT&T & Verizon join Microsoft in cloud privacy fight

Microsoft's rivals and other tech giants will support its legal battle by filing 10 amicus briefs explaining why the U.S. government should not be able to issue a warrant to access emails stored on Microsoft-owned servers located in Ireland.

Privacy door
Cory Doctorow (Creative Commons BY or BY-SA)

Microsoft’s general counsel Brad Smith called today a milestone in Microsoft’s “litigation concerning the U.S. Government’s attempt to use a search warrant to compel Microsoft to obtain and turn over email of a customer stored in Ireland.” That’s because even Microsoft’s competitors, including Apple, have become the company’s allies in this legal fight.

In fact, Smith said, “Today’s ten briefs are signed by 28 leading technology and media companies, 35 leading computer scientists, and 23 trade associations and advocacy organizations that together represent millions of members on both sides of the Atlantic.” Amazon, Apple, Cisco, HP, AT&T and Verizon are but a few tech companies listed (pdf) as supporting Microsoft.

Tech and media supporting microsoft data privacy legal battle Microsoft

Last December, the U.S. government issued a warrant to get a hold of private emails stored on a Microsoft-owned server located in Ireland. Despite Microsoft trying to quash the warrant, since the data was stored outside of the U.S., the court ruled in favor of the government and claimed that the warrant’s validity was “a question of control, not a question of the location of that information.” Microsoft has been embroiled in a legal battle over the case ever since then, twice losing its appeals.

Too often, courts don’t grasp technical issues very well, yet it doesn’t take a tech expert to grasp Microsoft’s opening brief (pdf). It begins with:

Imagine this scenario. Officers of the local Stadtpolizei investigating a suspected leak to the press descend on Deutsche Bank headquarters in Frankfurt, Germany. They serve a warrant to seize a bundle of private letters that a New York Times reporter is storing in a safe deposit box at a Deutsche Bank USA branch in Manhattan. The bank complies by ordering the New York branch manager to open the reporter’s box with a master key, rummage through it, and fax the private letters to the Stadtpolizei.

The U.S. Secretary of State fumes: “We are outraged by the decision to bypass existing formal procedures that the European Union and the United States have agreed on for bilateral cooperation, and to embark instead on extraterritorial law enforcement activity on American soil in violation of international law and our own privacy laws.” Germany’s Foreign Minister responds: “We did not conduct an extraterritorial search—in fact we didn’t search anything at all. No German officer ever set foot in the United States. The Stadtpolizei merely ordered a German company to produce its own business records, which were in its own possession, custody, and control. The American reporter’s privacy interests were fully protected, because the Stadtpolizei secured a warrant from a neutral magistrate.”

No way would that response satisfy the U.S. Government. The letters the reporter placed in a safe deposit box in Manhattan are her private correspondence, not the bank’s business records. The seizure of that private correspondence pursuant to a warrant is a law enforcement seizure by a foreign government, executed in the United States, even if it is effected by a private party whom the government has conscripted to act on its behalf.

This case presents a digital version of the same scenario, but the shoe is on the other foot.

The government has until March to file its argument, but it has previously claimed that a win for Microsoft would harm law enforcement’s ability to fight crime. Yet Microsoft disagrees, pointing out that if the government wins, then governments of other countries will follow suit. The end result, according to Microsoft’s brief – “As foreign countries increasingly assert unilateral jurisdiction over data stored in the United States, the primary objective of ECPA—protecting U.S. citizens’ most private electronic information—will be thwarted.”

In fact, Smith said “the U.S. Government’s unilateral use of a search warrant to reach email in another country puts both fundamental privacy rights and cordial international relations at risk.” Of course, privacy rights are less likely to be the one big factor that helped bring tech rivals together on this case; ever since the Snowden revelations, potential customers of all the tech giants are fleeing and instead purchasing services from providers located outside the U.S.

Microsoft argues that if the U.S. government wins, then other governments – “be they friend or foe – can raid Microsoft offices in their jurisdictions and order them to download U.S. citizens’ private emails from computers location in this country. That would put all of our private digital information at risk, not just emails, but everything else we store on remote computers collectively called ‘the cloud’ – a veritable ‘cache of sensitive personal information’ saturated with the highest constitutional privacy rights.”

No matter how you feel about Microsoft, you should root for the software giant in this case if you care about privacy.

Copyright © 2014 IDG Communications, Inc.

Subscribe today! Get the best in cybersecurity, delivered to your inbox.