The U.S. Department of Justice should back off its request for Microsoft to turn over a suspect's digital documents stored on a server in Ireland, or be prepared for other governments demanding documents stored on U.S. servers, the company's general counsel said.
The DOJ's ongoing search warrant for email and other documents stored at a Dublin server farm risks exposing U.S. records to foreign law enforcement agencies and foments distrust around the world in U.S. tech companies, Microsoft Brad Smith and a group of allies in the Irish search warrant fight argued.
"Everybody wants to have their rights protected by their own law," Smith said at a Microsoft-sponsored event in New York City Monday. "Try telling an American that their rights are no longer going to be protected by the Constitution, they're no longer going to be protected by U.S. law; they're going to be protected by Irish law or Chinese law or Brazilian law."
Smith called on the U.S. Congress to pass rules protecting the privacy of email stored in the cloud. The U.S. government and technology companies can find a workable solution to a significant legal issue that pits criminal investigations against personal privacy, he said.
"We recognize that it is a conversation that is not about one side being right and the other side being wrong," Smith said. "It's about safety and privacy. I think most of us would share the view that we want to live in a world that values both and finds a way to develop new solutions."
Microsoft has been fighting against the search warrant for months, and it's lost twice in court, with a district court judge ruling in July that the company must turn over the emails. Microsoft has appealed the district court ruling to the U.S. Court of Appeals for the 2nd Circuit, and last week, the company filed a brief arguing there is "no way" the U.S. government would allow other countries to seize documents on U.S. servers.
On Monday, allies of Microsoft in the search warrant case filed 10 amicus briefs with the appeals court. Among the companies signing onto the briefs were Amazon.com, Apple, AT&T, eBay, Verizon Communications and several media organizations. More than a dozen trade groups and 34 computer science professors also signed onto briefs supporting Microsoft.
The DOJ declined to comment on Microsoft's event and the amicus briefs. The agency has argued that if Microsoft's interpretation of the law is upheld, email providers could move content around the world in an effort to avoid law enforcement requests.
The DOJ's position is disturbing because of the international implications for search warrants, but also because the agency has suggested that personal emails and other documents stored in the cloud are business records owned in part by the cloud providers, not the sole possession of the account holder, Smith said.
Digital documents are not just property, but they are part of a person's "digital self," said Nuala O'Connor, president and CEO of the Center for Democracy and Technology. "It's not just going to be email," she said. "Ten years from now ... every thought and every communication and every transaction I do will be online. That's not a business record -- that's my life."
Instead of serving a search warrant on Microsoft, the DOJ should work through its mutual assistance agreement with the government of Ireland to gain access to the records, Smith argued. Microsoft will comply with a legal request from Ireland for records stored in an Irish data center, he said.
The technology of global storage may change the way search warrants work, suggested retired TV anchor Charlie Gibson, who served as a moderator at Monday's event. "This is a whole new world" since Congress passed the Electronic Communications Privacy Act in 1986, Gibson said. "Nobody has to go to Ireland to get it. It can be retrieved by a simple keystroke."
While the technology has changed, long-held privacy principles should not, said Andrew Pincus, a partner at the Mayer Brown and an advisor to the U.S. Chamber of Commerce and other trade groups. If a U.S. bank had a branch in Ireland "no one in the world" would think that a search warrant would allow U.S. investigators to demand document stored in a safe-deposit box in the Irish bank, he said.
"The question is, should that change in technology automatically, without anyone thinking about it, effect a huge expansion of the U.S., government's power at the expense of other nations?" Pincus said.
Internet users' information is stored with many companies, Gibson noted. He suggested people may need to trust the government they elected "to be judicious" about the information they try to collect. "We basically have to put our faith in somebody, don't we?"
Panelists pointed to the widespread surveillance by the U.S. National Security Agency leaked by former contractor Edward Snowden.
"There have got to be rules, and rules have got be followed," the Center for Democracy and Technology's O'Connor said. "Just because the technology allows us unfettered access into voluminous amount of data that's out there about people's lives does not mean [the government] should have unfettered access to it."
Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is email@example.com.
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.