Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Communications Microsoft Privacy United States Technology

Microsoft: Feds Are 'Rewriting' the Law To Obtain Emails Overseas 100

An anonymous reader writes: The Electronic Communications Privacy Act was written in 1986. It's incredibly outdated, yet it still governs many internet-related rights for U.S. citizens. Microsoft has now challenged Congress to update the legislation for how online communications work in 2015. The company is currently embroiled in a legal battle with the government over a court order to release emails stored in a foreign country to U.S. authorities. In a new legal brief (PDF), Microsoft says, "For an argument that purports to rest on the 'explicit text of the statute,' the Government rewrites an awful lot of it. Congress never intended to reach, nor even anticipated, private communications stored in a foreign country when it enacted [the ECPA]." In an accompanying blog post, Microsoft general counsel Brad Smith wrote, "Until U.S. law is rewritten, we believe that the court in our case should honor well-established precedents that limit the government's reach from extending beyond U.S. borders. ... To the contrary, it is clear Congress's intent was to ensure that your digital information is afforded the same legal protections as your physical documents and correspondence, a principle we at Microsoft believe should be preserved."
This discussion has been archived. No new comments can be posted.

Microsoft: Feds Are 'Rewriting' the Law To Obtain Emails Overseas

Comments Filter:
  • Fooled ya!

  • by idontgno ( 624372 ) on Friday April 10, 2015 @02:52PM (#49449127) Journal

    Once upon a time, we expected our intelligence agencies to spy overseas but leave our local privacy alone.

    Now, spy agencies tap every domestic communications channel, but apparently spying overseas is bad.

    • by DarkOx ( 621550 ) on Friday April 10, 2015 @03:16PM (#49449279) Journal

      This isn't about spying its about compliance with records requests and privacy laws. EU has all kinds of (frankly downright crazy) privacy laws around email. That make it difficult to hand records to anything third party (that isn't an EU or member nation organ) and still be in compliance with the letter of the law; the US government is arguing that our courts etc have the power to subpena records on overseas servers.

      This puts companies like Microsoft between a rock an hard place, they essentially can't follow both sets of rules if US jurisdictional rules are not limited in scope to well, the US.

      I am not sure what the right answer is here, but it is a problem.

      • by Anonymous Coward on Friday April 10, 2015 @03:24PM (#49449337)

        The right answer would be to move all corporate operations outside of the US, as they no longer have to comply with both US and EU laws.

        Really, a company this large threatening to actually up & move would make the US fold so fast it would be comical.
        Wow, can't believe I'm actually rooting for MS here. How times have changed.

      • by Anonymous Coward

        The answer is not to use (online) services from parties also based in the U.S. Even if the company really wants to protect your data, the U.S. government might force them to give it up anyway. Choose local providers, or better yet, host your own data.

        • This is exactly what MS is afraid of, and why they fight it tooth and nail. If the US government gets its way, any US company can wave good-bye to any data storage plans outside the US.

      • by IamTheRealMike ( 537420 ) on Friday April 10, 2015 @04:56PM (#49449923)

        This isn't about spying its about compliance with records requests and privacy laws.

        Two sides of the same coin, isn't it? The government wants data about foreigners, from a foreign place. They want, in short, to spy. Their chosen method of attack is to pressure people in the USA who happen to have access to that data, as opposed to e.g. placing a mole inside a foreign organisation, but the tactic used does not change the goal of the mission.

        EU has all kinds of (frankly downright crazy) privacy laws around email

        EU privacy regulators don't have a great reputation I agree, but perhaps once the most productive parts of America have been ruled for decades by a totalitarian communist state that has informers in every street, you might not see the rules as all that crazy.

        • by DarkOx ( 621550 )

          Two sides of the same coin, isn't it?

          No its not. A records request in accordance with some kind of due process that is public information and established before the event, is decidedly not spying.

          You are welcome to consider such a process bad law, and objectionable for any number of reasons but its a very different animal. At least someone is accountable for it, whether its a judge who signed a warrant and legislator who signed the law authorizing record sharing with $AGENCY. There is a (theoretically) functional political process by whic

        • by Kjella ( 173770 )

          Two sides of the same coin, isn't it? The government wants data about foreigners, from a foreign place. They want, in short, to spy. Their chosen method of attack is to pressure people in the USA who happen to have access to that data, as opposed to e.g. placing a mole inside a foreign organisation, but the tactic used does not change the goal of the mission.

          Replace USA and Ireland with China and USA respectively and ask yourself if you think it's okay for the Chinese government to subpoena a Chinese company to provide data from a US subsidiary about US citizens, stored in the US. My guess is that most Americans would strongly object to their data being handed over to foreign governments that way, particularly without the US legal system getting a say. In particular, to a court not bound by the 4th amendment or any other protection that data might have had unde

      • by Anonymous Coward

        This isn't about spying its about compliance with records requests and privacy laws. EU has all kinds of (frankly downright crazy) privacy laws around email. That make it difficult to hand records to anything third party (that isn't an EU or member nation organ) and still be in compliance with the letter of the law; the US government is arguing that our courts etc have the power to subpena records on overseas servers.

        This puts companies like Microsoft between a rock an hard place, they essentially can't follow both sets of rules if US jurisdictional rules are not limited in scope to well, the US.

        The answer is for the DoJ to make a mutual legal assistance request to the Irish government and get a valid Irish court order for the material held in Ireland. I understand this case is about alleged drug smuggling, which is a crime in both countries so the Irish court is unlikely to create many difficulties.

        This is the way these cases were always previously handled. In fact, there is an explicit treaty [state.gov] confirming this.

      • The right answer is actually very simple. The US government should be following well established international conventions and request the information it wants through the appropriate courts, which in this case is Irelands court. There is no grey area, The US government are trying to stomp on the laws of other countries so they can avoid due process.

      • Advice from one of my mentors, treat email like a postcard, assume everybody along the delivery route can read it, if they choose to do so.

    • This is not meant to defend, but rather to explain. Pretty much two things have happened:

      The first is that everything is standard now, because everyone's running the same stuff. To spy on the Nazis, the Polish and British had to break the "Enigma" devices that the Germans were using. Nobody in Britain was using these, let alone anywhere but Germany and its allies. Same for Imperial Japan, the Soviet Union, etc. The US breaking the Japanese codes to gain advance knowledge of the attack on Midway couldn't ha
  • This whole thing is just a way for Microsoft to try and generate a smokescreen of FUD around the fact that they are just like Apple, Google and Yahoo in that they actually give the NSA access to whatever they want, and have been doing so since at least December 2007.

    http://www.theguardian.com/wor... [theguardian.com]

    http://www.theguardian.com/wor... [theguardian.com]

  • by jonwil ( 467024 ) on Friday April 10, 2015 @04:08PM (#49449631)

    The feds cant use a warrant obtained in the USA to require a US based company to hand over physical documents stored in a foreign company, why should they be able to do it for electronic documents?

    If the feds REALLY need this data so badly, why dont they just go to Ireland or wherever the data is being held and get a warrant from there?

    • Irrelevant. Microsoft US already stipulated that they could aces the records.

    • by DarkOx ( 621550 )

      The feds cant use a warrant obtained in the USA to require a US based company to hand over physical documents stored in a foreign company, why should they be able to do it for electronic documents?

      What are you smoking. Sure the feds can't use a warrant obtained in the US to go kick in a door on foreign soil, they have to ask the local government their nicely to do it for them (unless its in the Middle East than we just do it anyway); but they certainly can subpena records.

      You think for example during the Enron trials if they had just said "gee SEC we don't have to comply with these subpenas for records because we do all out accounting out of our Mexico City office", the feds would have responded "

  • uhh.. (Score:4, Funny)

    by SuperDre ( 982372 ) on Friday April 10, 2015 @04:33PM (#49449795) Homepage
    You can change your law no matter what, your laws don't extend beyond your own borders.. US laws are not valid in say United kingdom or sweden..
    • Funny that you should mention these two countries of all the possibilities. I know someone [wikipedia.org] who might wonder whether this is true.

  • by richrz ( 1624799 ) on Friday April 10, 2015 @04:39PM (#49449833)
    Film at 11. This will really hurt MS's credibility overseas, what little it has. It will drive people to move off Hotmail, Live, and God forbid their Microsoft Account (which is used to login to Windows machines now!!! Can you imagine if BUSH were doing this? I can't stand either Bush or Obama in this area so you partisan hacks know that up front. Only hope is Rand Paul or Ted Cruz at this point (unless you know of others?? I'm seriously open to anyone right now, please respond!). Gay marriage, universal healthcare, yadda yadda.. etc..all are trivial compared to this issue of humongous government that is treating us like subjects not like their bosses.
    • The name of MS is actually still in pretty high esteem where it counts: Big companies. I doubt that MS cares too much whether Joe Randomuser dumps his Hotmail account in favor of ... uh ... hmmm... well, anyway.

      What they care about is losing "cloud" business. They invested quite heavily in the whole cloud service crap and if the US gov presses this one, this may well falter before it even started to take off. Who'd want to store their data with someone who has to hand it over to their government at little m

    • by DarkOx ( 621550 )

      Richrz,

      I feel you but I am really afraid that Rand simply isn't his father. I am not sure who Rand or Ted Cruz really are. They don't seem very consistent to me, and in Rands case I don't see much evidence that once faced with 'the realities of the office' he would utterly bend over and just pick up with Bush and Obama left off.

      Who we need is someone like this:
      http://en.wikipedia.org/wiki/G... [wikipedia.org]
      who has announced he is going to run in 2016.

  • by swell ( 195815 ) <jabberwock@poetic.com> on Friday April 10, 2015 @08:56PM (#49451011)

    Every American manufacturer and service provider is suspect because of these government demands. Digital equipment may have back doors for the convenience of government spies. Cloud services are probably being watched. Software may have embedded spyware.

    If you were a foreign company or government would you trust anything coming from the US? Even a US company or individual can't trust our own companies. Our government is making us non-competitive worldwide. (Open source products may be safer.)

  • Would you be willing to pay Microsoft US to store you data if one day they could say "whoops, we gave it to Microsoft Ireland and now it is illegal to get it back. Here's your bill"?

  • You wouldn't want the IRS using these laws to get to your overseas accounting records, would you?

Fast, cheap, good: pick two.

Working...