Are your law firm’s blogs running on a proprietary CMS (Content Management System), or for that matter matter, any CMS other than WordPress? If so, you may want to think again.
A three-judge panel of the U.S. Court of Appeals for the Second Circuit today unanimously reversed a lower court’s denial of Microsoft’s motion to quash a warrant seeking the content of emails for a customer of its Outlook.com email service. The decision is surprising in that that U.S. courts, including the Second Circuit, have traditionally enforced government process seeking documents … Continue Reading
The Second Circuit today issued a much-anticipated ruling holding that U.S. firms are not required to turn over user data stored overseas, even in the face of a government warrant. This decision arose from Microsoft’s December 2014 appeal of a civil contempt ruling against the tech giant for refusing to turn over the personal data… Continue Reading
The post 2nd Circuit: Government Cannot Force Companies to Hand Over Communications Data Stored Overseas appeared first on Data Law Insights.
The US Second Circuit Court of Appeals, overturning an earlier court ruling from a lower court, has held that the US Government cannot compel Microsoft to hand over emails stored on a server in Dublin in a narcotics case. The decision is a milestone victory for privacy rights and will be greatly welcomed by US technology companies storing data abroad. It should also provide reassurance to European citizens that their data will be protected by European data protection laws and the US legal system will respect their privacy rights.
A previous decision from the Southern District court of New York had denied Microsoft's motion to quash a search warrant issued under the Stored Communications Act (the SCA), and held Microsoft in contempt of court for refusing to execute the warrant on the Government's behalf. Microsoft had challenged the order on the basis that it would need to obtain customer consent in order to import the data into the US for delivery to the federal authorities.
The Court, finding in favour of Microsoft, held that Congress did not intend the SCA's warrant provisions to apply extraterritorially, citing a presumption against extraterritorial application of US statutes absent a clear contrary intent. It emphasised that "the SCA’s focus lies primarily on the need to protect users’ privacy interests."
Microsoft's Chief Legal Officer, Brad Smith described the judgment as "a major victory for the protection of people’s privacy rights under their own laws rather than the reach of foreign governments".
Support for Microsoft's legal challenge
Over 80 amicus curiae briefs supporting Microsoft's appeal had been filed by leading technology and media companies, trade associations, advocacy groups, computer scientists, and the Irish Government itself.
The significance of the judgment notably turns on the rising concerns amidst the technology sector of a "free for all", giving law enforcement authorities extensive powers to seize data stored outside their jurisdiction. The decision secures privacy protections for companies moving the data they hold to cloud systems outside the US. It remains to be seen whether the US government will appeal the decision to the Second Circuit en banc or the Supreme Court.
A push to modernise a 30 year-old law
Judge Lynch, concurring with the judgment, recognised the many problems of Internet privacy that the SCA does not address, and called for Congress to clarify and revise the "badly outdated statute". In underlining the prosecution's argument that the law as it stands allows companies like Microsoft to impede law enforcement efforts, he said that it was Congress's role "to strike a balance between privacy interests and law enforcement needs".
This case is of particular significance for companies holding data in Ireland as it provides some level of assurance that the US courts will not for now assist US authorities to circumvent the existing Mutual Legal Assistance Treaty (MLAT) process. MLTA provides for bilateral mutual legal assistance between EU and the US authorities in relation to the provision of information necessary for public security and criminal investigation and has inbuilt procedural safeguards.