American Judge Claims Jurisdiction Over Data Stored In Other Countries 226
New submitter sim2com writes: "An American judge has just added another reason why foreign (non-American) companies should avoid using American Internet service companies. The judge ruled that search warrants for customer email and other content must be turned over, even when that data is stored on servers in other countries. The ruling came out of a case in which U.S. law enforcement was demanding data from Microsoft's servers in Dublin, Ireland. Microsoft fought back, saying, 'A U.S. prosecutor cannot obtain a U.S. warrant to search someone's home located in another country, just as another country's prosecutor cannot obtain a court order in her home country to conduct a search in the United States. We think the same rules should apply in the online world, but the government disagrees.'
If this ruling stands, foreign governments will not be happy about having their legal jurisdiction trespassed by American courts that force American companies to turn over customers' data stored in their countries. The question is: who does have legal jurisdiction on data stored in a given country? The courts of that country, or the courts of the nationality of the company who manages the data storage? This is a matter that has to be decided by International treaties. While we're at it, let's try to establish an International cyber law enforcement system. In the meantime."
If this ruling stands, foreign governments will not be happy about having their legal jurisdiction trespassed by American courts that force American companies to turn over customers' data stored in their countries. The question is: who does have legal jurisdiction on data stored in a given country? The courts of that country, or the courts of the nationality of the company who manages the data storage? This is a matter that has to be decided by International treaties. While we're at it, let's try to establish an International cyber law enforcement system. In the meantime."
Slightly misleading... (Score:2, Insightful)
The judge said that the warrant served on Microsoft is valid, meaning that Microsoft, which has control of the servers in Dublin, can be required to use its access to its own servers to turn over information within its control. Nothing Earth-shattering here.
Re:American company (Score:4, Insightful)
Re:American company (Score:4, Insightful)
Then the company is going to have to choose which country's laws to break, and suffer the consequences. In the extreme case, this will result in companies deciding that it's not worth operating in particular sets of countries.
Re:American company (Score:2, Insightful)
They don't hide their money, that is illegal. What they really do is use evey tax loophole they can to shift money around to the most favorable spot on he planet for tax purposes. They report every red cent to the US agencies, and use every trick they lobbied to put into the book to say "Neener neener its legal and you can;t have any."
Been this way for about 20 years or more now, thank you Reagan.
Re:American company (Score:4, Insightful)
Right - that's why AMS-IX opened 'their' NY location as a separate company, so that U.S. jurisdiction can't touch their Dutch operations.
https://ams-ix.net/newsitems/1... [ams-ix.net]
Or so their lawyers are interpreting anyway - probably nothing a stroke of the pen in the U.S. can't make disappear.
Re:No jurisdiction (Score:4, Insightful)
In what appears to be the first court decision addressing the issue, U.S. Magistrate Judge James Francis in New York said Internet service providers such as Microsoft Corp or Google Inc cannot refuse to turn over customer information and emails stored in other countries when issued a valid search warrant from U.S. law enforcement agencies.
Emphasis mine. I read this to mean that if you use any US owned mail provider the FBI can subpoena anything they want through a US judge. That just seems horribly wrong and would put the world wide operation of any company at the mercy of the jurisdiction where they're headquartered. By this logic the NSA can get a subpoena to demand all US companies turn over any information they got anywhere in the world. You could never trust a foreign company to follow local laws. If this stands it's a horrible precedent.
Re:No jurisdiction (Score:4, Insightful)
Microsoft does not own the information; they as a third party own the server on which someone else's information resides, a server which is held and taxed as a foreign asset outside US regional jurisdiction. It's one thing to compel Microsoft as a transnational company to produce one of their corporate records regardless of where they have stored it: agreeing to subject themselves to the US judicial system is part of incorporating in the US. It's entirely another when they are being told their foreign offices are actually territory of the US government and anyone or anything which resides there must submit to the pleasures of the US judicial system.
If I had written a letter in Britain and put it in a British safety deposit box I don't think the court would have the guts to demand it, even if the bank were jointly owned in the US. But scan that letter and store on the server and suddenly it's free game. Why? Because now it's easy to sneak the data out of the country without bothering the local authorities? Good news for people torrenting.
I suppose if you live in other countries you should doublecheck that any web companies you do business with do not also have a US presence because if they do any of your data could be subject to requisition by the US government even if it's data which has never left your country.
Re:American company (Score:4, Insightful)
Data is legally owned and controlled by somebody, and that's the one getting the subpoena.
Read it again. Even the /. summary covers it properly.
They did not get a subpoena, which would have forced Microsoft to turn it over. The used a search warrant, which allows the (unspecified) government to swoop in and seize the servers. Located in Ireland. Using a US's renound paramilitary law enforcement. In Ireland. Seizing Irish equipment from an Irish branch of the company, used by Irish people and defended by an Irish police force.
The (unspecified) US government agency requested the ability (and the judge authorized) to enter the Irish facility and take the machines by force if necessary -- that is how search warrants work.
The fact that they even requested it is troubling. The fact that the agency was granted it is fairly terrifying. If this doesn't get taken down in an appeal, the article and summary are correct, it means the US government is basically declaring sovereignty over the world even more than before. This isn't Afghanistan or Iraq, but Ireland they would be using force against.