Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Privacy Cloud Government Microsoft United States

Microsoft Continues To Resist US Warrant For Irish Data 195

Bruce66423 writes: Microsoft is back in court over the claim by the U.S. authorities that because it is a U.S.-based company, it can be ordered to ignore the rules of the countries it's operating in. "If the U.S. government is permitted to serve warrants on tech companies in the United States and obtain people's emails in any country, it will open the floodgate for other countries to serve warrants on tech companies for the private communications of American citizens that are stored in the United States in a data center owned by a foreign company," said Microsoft general counsel Brad Smith. Apple and other tech companies are fighting back as well. Actually, the U.S. firms may be missing a trick here; because the U.S. government charges a far higher rate of corporation tax than others do, U.S. companies are at a disadvantage. So it seems to make sense for the tech firms in the firing line to use this harassment as an excuse to move their domicile overseas... nothing to do with the tax advantages, honest! We're making a principled stand to resist government encroachment.
This discussion has been archived. No new comments can be posted.

Microsoft Continues To Resist US Warrant For Irish Data

Comments Filter:
  • by MitchDev ( 2526834 ) on Wednesday September 09, 2015 @11:57AM (#50487097)

    ... just how many of these "hacker" groups actually work for the governments of the world and are getting what they want through the the hackers...

  • by tlambert ( 566799 ) on Wednesday September 09, 2015 @12:01PM (#50487123)

    I agree with Microsoft here. On this issue, they are fighting the good fight.

    • by Roger W Moore ( 538166 ) on Wednesday September 09, 2015 @12:07PM (#50487159) Journal
      True but I expect that there is a strong financial incentive behind it. If the US government compels them to turn over the data in contravention of local laws it will not absolve their responsibility and culpability under those laws. Hence they will also most certainly get sued for damages by the people whose data they have illegally turned over as well as end up facing criminal fines for violating privacy laws.
      • by gstoddart ( 321705 ) on Wednesday September 09, 2015 @12:27PM (#50487349) Homepage

        Pretty much that.

        The US has decided they have the right to have extra-territorial laws.

        They also seem to think they can force Microsoft to ignore the laws in other countries -- or at least that if they get forced to comply with the law that's Microsoft's problem to deal with.

        Nothing the US government can ever do can absolve Microsoft from being subject to the laws in the countries where they do business. And the US is demanding information about citizens in another country.

        If the belief is the US can do this and no other country can .... then America has really gotten themselves an over-inflated sense of self. But then again, I'm sure a lot of people will exactly that; it's OK to spy on other people, but if you do it to us it's an act of war.

        Microsoft has no choice but to fight this. Because if they break the law in countries like Ireland they're pretty much going to get into really deep troubles and possibly lose the ability to do business in those countries.

        This has always been the problem with the PATRIOT Act, in making American companies part of the spy apparatus, they essentially make it so that other countries simply cannot do business with American companies, because they can't trust American companies.

        • There are good arguments on both sides of this issue. One thing that should be understood is that the idea that US citizens have to obey the laws of the US does NOT require them to break the laws in other countries. The argument that this puts companies in an impossible position is deeply flawed, because it's actually the same as this argument :

          I want to murder someone.
          It's illegal the murder someone with poison.
          It's illegal to murder someone with a knife.
          It's illegal to murder someone with an ax. ...
          Oh

          • What WOULD be legal would be to have an exclusive contract with a spinoff company called MsCloudEU , which operates in the EU and follows EU laws.

            See, Microsoft has incorporated separate legal entities in those countries. They pretty much have to.

            And, guess what? They still have to follow the same damned laws.

            But that wholly owned subsidiary incorporated in Ireland for the sweet tax laws? It's subject to the damned laws of Ireland.

            What the US is claiming is that Microsoft Ireland is under the legal juris

            • by RingDev ( 879105 )

              So if I make a business, and I HQ it out of Ireland, but I don't have anything but a PO Box and tax filings in Ireland. My servers are in the US. My staff is in the US. I am in the US. My revenue is generated in the US. My customers are in the US. My packaging and distribution is in the US, etc...

              Then I should be exempt from US laws?

              It would take some more digging, but giving the clearly biased summary, I'd wager there is more to this than just the Federal government trying to run roughshod over Irish law.

              -

              • by lgw ( 121541 ) on Wednesday September 09, 2015 @02:34PM (#50488587) Journal

                Microsoft operates a major data center in Ireland, like all the cloud providers do, and l'd bet they have a large tech support presence there as well, as many major tech companies do. It's not like they just have a PO Box: quite a bit of their EU business really is done from Ireland. It's the mix of low labor cost and tax incentives that works for many companies.

              • That's not the situation here though. The Feds are asking Microsoft to order Irish based employees of Microsoft Operations Ireland Ltd to break the law in their own country. Those employees are obliged to refuse to carry out that instruction, and could claim damages from MS Ireland in the local courts.

              • by dave420 ( 699308 )

                According to Microsoft:

                Microsoft first opened its doors in Ireland in 1985 with a small manufacturing facility employing just over one hundred people. Since that time, Microsoft Ireland has grown to encompass four distinct operations at its campus in Sandyford in Dublin, employing over 1,200 full time employees and 700 full-time contract staff.

                Microsoft's operations in Ireland include software development and testing, localisation, operations, finance, IT, HR and sales & marketing, both here in Ireland

            • Yes, for a wholly owned subsidiary, a part,of Microsoft which is fully controlled by Microsoft headquarters in the US, the US government has a potential claim. A separate spin-off company which has an exclusive contract with Microsoft, but isn't directly owned and controlled by Microsoft, would be in a much stronger position.

              Microsoft CAN order the employees of a Microsoft subsidiary to turn over the data. They have no authority to order a separate, contracted company to do so.

              A separately owned compa

              • You are right, the mother company can order its employees abroad to hand over the data. The employees in said country can not comply however, since they would break the law in the country they reside.

                To make a silly, but perfectly apt, analogy - a wholly owned subsidiary of a Saudi Arabian company could order a qualified employee in the US to stone a female employee to death for adultery. The employee of the US subsidiary could not comply within the law of the location where he is though. Laws are limited t

          • I want to murder someone.
            It's illegal the murder someone with poison.
            It's illegal to murder someone with a knife.
            It's illegal to murder someone with an ax. ...
            Oh poor me, they've made it so there is no legal way to do what I want to do!

            The obvious answer is of course "don't murder at all".

            That's the same kind of thinking that gives us a police state - assume everyone is guilty and act accordingly.

            The "obvious" answer is one that allows ownership of poisons, knives, and axes, without having the s

            • > Microsoft is put into a catch-22, where they must either violate U.S. law or violate EU law
              > to avoid the catch-22 is to do business in the U.S. or the EU, but not both. That's why the U.S. government's position on this is stupid.

              The position of the US government in this particular case may be stupid. Or not. That depends on more specific facts than are generally considered on Slashdot.

              It's NOT an impossible situation, not a catch-22. As you admitted, one way to follow the laws is to complete

      • by ArmoredDragon ( 3450605 ) on Wednesday September 09, 2015 @12:30PM (#50487385)

        What really gets me is the US has a law called the Foreign Corrupt Practices Act that makes it illegal in the US for a company to break certain laws overseas. For example, in a lot of foreign countries, giving somebody a gift at a business meeting is obligatory and considered polite, whereas in the west it's considered a bribe. So US corporations are held to observing the laws in whatever country they're doing business with (i.e. if it's considered a bribe there, then the US will punish them.)

        But then on this issue, the DOJ does a 180 and tells them that they MUST violate the law of the foreign country that they're doing business in.

        • by AmiMoJo ( 196126 )

          The goal is to get US companies to move their data centres to the US, where the US government can easily access them. Since Snowden a lot of data has moved out of the US for security and privacy reasons, as well as for performance reasons.

          If the DOJ can place Microsoft in an impossible situation they will be forced to move that data back to the US in future... Or at least duplicate it so that it is accessible under US jurisdiction. Or Microsoft will leave the US, but I can't see that happening.

          • If the DOJ can place Microsoft in an impossible situation they will be forced to move that data back to the US in future... Or at least duplicate it so that it is accessible under US jurisdiction.

            Which still won't get them clear of the laws where the data was collected.

            Which means Microsoft has one option left: stop doing business in those countries.

            No matter how much the US blusters, they can't bypass the local laws. Either Microsoft complies with them, or they face the consequences. What they can't do

          • If the DOJ can place Microsoft in an impossible situation they will be forced to move that data back to the US in future... Or at least duplicate it so that it is accessible under US jurisdiction. Or Microsoft will leave the US, but I can't see that happening.

            If push came to shove, I could. You'd end up in a situation where they're forced into either following US laws and effectively only being allowed to work in the US with practically all foreign revenue cut off, OR, they could just relocate overseas and just silo their US operations. They wouldn't have to leave Redmond entirely, rather they'd basically just transfer their flag. That would involve something like creating a new company on a foreign stock exchange, having that become the parent company, and sell

            • by c ( 8461 )

              That would involve something like creating a new company on a foreign stock exchange, having that become the parent company, and sell all non US assets and ALL intellectual property assets to that company.

              It's nice in theory, but I suspect a foreign sale of MS would probably hit a very, very solid "contrary to the national security or foreign policy interests of the United States" wall. Granted, it might depend on where they decided to set up shop (the EU, maybe).

              • As I mentioned, Finland.

                • by c ( 8461 )

                  Yeah, Finland, Ireland, etc... I still think it wouldn't pass a "national interest" smell test, but it wouldn't be as much of a slam dunk as China.

                  • They could give every Microsoft shareholder a share in Microsoft Europe for every Microsoft Inc share they currently own. Vodafone / Verizon did that the other way round so Verizon is no longer the US division of the British Vodafone.

          • Since Snowden a lot of data has moved out of the US for security and privacy reasons, as well as for performance reasons.

            Which countries respect privacy?

      • True but I expect that there is a strong financial incentive behind it.

        Does this even matter?

        • Yes because their motivation will determine the type of solution they might seek or accept. For example if there is some loop hole they can find in Irish law which would allow the disclosure then they may go for that if money is their prime motivation (unless they are concerned that any disclosure would hurt then financially). Whereas if they were fighting this on principle they would not accept any solution that would force them to disclose data about non-US citizens which is not held in the US.
      • Besides financial issues, there are ownership problams and legal penalties to worry about.

        it's perfectly plausible that at least the Irish courts will find that Microsoft doesn't own the customer's data, but merely controls it. Under that interpretation, they have a legal responsibility to protect it. In US judgements thus far, they're the owners and can use it for anything they feel like, but can also be ordered by a court to produce it.

        They really want the US courts to say they don't have to produce

      • The EU Data Protection Directive 95/46/EC makes it a criminal offence to disclose personal private data, this does include email.

        The penalty is £500,000 per individual, this would rapidly mount up when applied to multiple people.

    • what will you say when they move overseas and start violating US law in the US?

    • I'm cheering for Microsoft, too.

      Leave it to the DOJ to turn Microsoft into the good guys.
    • I agree with Microsoft here. On this issue, they are fighting the good fight.

      I don't. If MS wins, we will now have established corporations that are above any law, who can shift data around as convenient. I understand and agree with various /.'ers opinions on wanting privacy and the government to be forced to follow due process, as well as the government's possibly unconstitutional level encroachment of the 5th amendment. I don't give two shits about the "war on drugs" either. This is not the right soluti

      • by FlyHelicopters ( 1540845 ) on Wednesday September 09, 2015 @01:31PM (#50487887)

        Your reply tells me you don't understand the current issue.

        This is Irish data, physically localed in Ireland, that the U.S. Government wants.

        The U.S. Government is asking MS to break EU laws to give them what they want.

        • Why then is MS implicated at all, their Irish subsidiary should be involved and simply say "cannot comply, talk to Ireland", why is MS-US implicated? Admittedly TFA was shit, and I can't tell anything other than "narcotics" was involved and the data is located in Ireland. Details on this are very important.

          Where the data is physically located may be irrelevant. If MS-US owns the data, and the data incriminates MS-US (which isn't how that usually works), then it could hide behind the 5th amendment. In any ot

          • But the fact that MS-US is responding, suggests that it does in fact own the data

            The US Government has filed suit against MS-US. MS-US MUST respond, it can't just ignore it.

            The US Government is not filing suit against MS-Ireland, they have no standing to do so.

            The servers in Ireland are owned by a separate company from MS-US, but that company is likely wholly owned by MS-US.

            It is a legal mess, not really MS fault since they have to deal with laws in a hundred different countries, many of which conflict.

            Sadly, one of the easiest solutions to this would be to move their headquarters to t

            • Actually, the US authorities do have standing to file suit in Ireland under the Mutual Assistance Treaty, and the Irish Government have filed an Amicus Brief to say so.

              • Let me be more clear...

                Does the US government have the right to sue an Irish company for information on Irish citizens held on servers located in Ireland?

                More importantly, does the US Government have the right to sue a US company for that information?

                • by Zumbs ( 1241138 )
                  No, but they *do* have the right to ask the Irish government to get an Irish company to hand over data on an Irish server. Depending on the validity of the US request, the Irish courts may or may not issue a court order for the data. There is no legal mess here. Just the US government trying to claim jurisdiction over a sovereign nation.
                  • The key word there is "ask", not order...

                    They can ask the Irish anything they want... they can't "order" the Irish to do anything...

                    What seems to be the problem here is that the DOJ is going after MS-US, not MS-EU or MS-Ireland.

                    My understanding is that MS-US has said, "that isn't our data, we don't have the rights to it, you're asking the wrong company". The DOJ has replied, "we don't care, provide it anyway".

                    More or less...

                • IANAL, but:

                  Does the US government have the right to sue an Irish company for information on Irish citizens held on servers located in Ireland?

                  Based on what I know of similar cases, the answer is yes. The typical response is nothing, but if one of the heads of MS-Ireland flies into the US, he can then be held in contempt.

                  More importantly, does the US Government have the right to sue a US company for that information?

                  Of course it does. Technically the US Government (or anyone) could so a US company (or anyone else) to give it the names and location of all extraterrestrial aliens it knows about, or all meetings they have had with Santa Claus. It's the judge who decides how to interpret the request, including throwing it out as be

              • And then the Irish government tells them to piss off. Of course they're not going to do that. It would be a waste of time.

                They want the data---even better if it sets a precedent that gives them more access in the future.

                It's a long shot, but why not go for it? It only costs tax dollars. /s

                • They would if they would give the data to the Garda (Irish police) in similar circumstances, and in this particular case, they almost certainly would.

      • My contracts are with Skype Communications S.A.R.L in Luxembourg and Microsoft Ireland Operations Ltd in Ireland, both within the EU. They can't change that at will.

        • And that's great. If you live within the US, and are the person under investigation, then it should be between you and Uncle Sam as to whether you should be compelled to hand over that data, and possibly with whatever laws and diplomatic ties exist between the US and those countries as to whether it can be obtained without your consent. In my opinion if that data incriminates you, you should be within your rights to say no and not be held in contempt (but at least a couple rulings have run against that, whi

    • by ttsai ( 135075 )

      Yes, Microsoft et al. should be allowed to shelter not only their hard earned money overseas but also the data describing that hard earned money.

      Of course, Microsoft et al. should really investigate the idea of collecting money from individual citizens and sheltering that money abroad. The profits from that venture would probably be greater than their current efforts. Why can't we also share in the tax shelters? If corporations can be people, why can't people be corporations?

      But, I'm glad we all support

      • But, I'm glad we all support the right of Microsoft et al. to fight US government oppression. We support it here on slashdot with comments, and we support it with the extra taxes that we gladly and patriotically pay to offset the missing tax revenue from our esteemed corporations. Money well spent.

        I'd be happy to change over that offset to "funds not spent invading countries like Iraq and Afghanistan", if you really want that tax money to be in the U.S. instead of foreign countries...

      • by Qzukk ( 229616 )

        Microsoft et al. should really investigate the idea of collecting money from individual citizens and sheltering that money abroad

        I think they call that "MSFT"

  • >> Microsoft Continues To Resist US Warrant For Irish Data

    Spoiler: every tenth word is "Guinness"

  • From the article, the Feds maintain that ""With the benefits of corporate citizenship in the United States come corresponding responsibilities..." Now to me "corporate citizenship" sounded like an odd concept. But I guess in this day and age when Corporations are treated like other citizens (can vote with their wallet) then maybe it's not so alien a concept. It's interesting that the Feds focused on the corporation's citizenship, rather than say the citizenship of the C-level executives or other employees
    • by sribe ( 304414 )

      From the article, the Feds maintain that ""With the benefits of corporate citizenship in the United States come corresponding responsibilities..."

      So, are they really claiming that they can compel citizens to commit felonies in other countries? My, what a novel legal argument!

      • by unrtst ( 777550 )

        From the article, the Feds maintain that ""With the benefits of corporate citizenship in the United States come corresponding responsibilities..."

        So, are they really claiming that they can compel citizens to commit felonies in other countries? My, what a novel legal argument!

        While I don't agree with the concept of corporations as people, the concept isn't all that difficult. Where there is a conflict of laws, those need resolved one way or another. For an easy example, US citizens weren't allowed to go to Cuba, so when you go there, you were already breaking the law... what else gets done there is further breaking the law.

        Microsoft had the choice of whether or not to put data centers in Ireland. If those laws contradict US laws in ways that affect their doing business there, th

    • what *are* benefits of being a "corporate citizen" of the US? It's not for the low taxes, as others have pointed out.

      if you are a bank or a car manufacturer or an airline, you don't have to care about anything, you can just run your business into the ground and the taxpayer will be there to pick up the pieces

      yes indeed the benefits of being a corporate citizen of the US is that you get to write the laws so you always win

      • if you are a bank or a car manufacturer or an airline, you don't have to care about anything, you can just run your business into the ground and the taxpayer will be there to pick up the pieces

        No. This is wrong. During the financial crisis, the bailouts, funded by American taxpayers, went to plenty of non-American companies. They just needed to have sizable American operations. One of the biggest recipients of American bailout money was Deutsch Bank.

        • >No. This is wrong. During the financial crisis, the bailouts, funded by American taxpayers, went to plenty of non-American companies. They just needed to have sizable American operations. One of the biggest recipients of American bailout money was Deutsch Bank.

          these corporations are all members of the "do business in the USA" club, where the chairman happens to live is irrelevant

          • these corporations are all members of the "do business in the USA" club, where the chairman happens to live is irrelevant

            Deutsch Bank certainly does business in America, but it is not an American company, and does not pay the punitive extra-territorial taxes levied on companies that are based in America.

        • by dave420 ( 699308 )
          You seem to be a tad confused. AIG (a US company) received bailout money, and some of that went to Deutsche Bank. Since then, AIG have repaid their bailout with profit, meaning the government (and so the tax payers too) made money from this particular bailout.
    • For fuck's sake, there's probably an entire course in Corporate Citizenship in any Sociology, Poli-Sci, Economics, and almost certainly somewhere along the MBR track.

      Wikipedia's article is called "Corporate social responsibility", you can start there, read the references, and stop waxing philosophical. Just because you haven't heard of something doesn't mean that raftloads of undergraduates haven't been exposed to it. do at least a little reading before wondering aloud what something is, pretty please you

  • by houghi ( 78078 ) on Wednesday September 09, 2015 @12:25PM (#50487331)

    They should start selling beer in the US to 16 year olds and say "We are a Belgian company, so we abide to the Belgian laws, now fuck off."

    They should start doing that in dry counties.

    • I don't think Ireland is asking the US to adhere to Irish law in the US but the US is asking Ireland to adhere to US law in Ireland. Quite different.
      • More accurately ... either the US government are idiots who are prepared to let Microsoft violate the law in other countries and deal with it on their own ... or the US government are morons who think they can absolve Microsoft from the law in other countries.

        If the legal argument comes down to "because we're America and we can do anything we fucking want", then the answer has to be an overwhelming "fuck you" in the form of seizing corporate assets, and throwing company officials in prison.

        Unless the US wan

  • They'll never get me pot o gold!!!
  • Even a corporation were to move their domicile overseas, the US government could still argue that the corporation should be subject to US laws because they operate in the US (as well). However, if complying with law in the US means violating data protection laws of another country, we have a problem. The legal avenue that the US govt should really be pursuing is entering some sort of "data extradition" treaty with Ireland. Stop harassing the corporations, dammit!
    • They already have such a treaty, but they don't want to use it, because it requires an Irish judge to approve it. The Irish judge probably would approve it in this case, but they don't want to set a precedent for other cases.

  • Are they protecting the privacy of their end-users or aren't they? Or is it that they don't want anyone else to abuse the personal data of their end-users? On the one hand they install spyware as parts of their OS, and on the other hand we have this.
    • Without touching the privacy and spyware discussions, the problem here is straightforward: the data in question is physically in Ireland, involves foreign (European) people, and is subject to local (European) data protection laws. It is *ILLEGAL* for Microsoft Ireland to turn over that data, no matter what their corporate overlord (Microsoft here in the US) might say. Of course, the US has no jurisdiction in Ireland, and thus can't serve a warrant on Microsoft Ireland, so they served it on the company here

  • by ledow ( 319597 )

    If they don't comply, the US authorities will sue them.
    If they do comply, the EU and the rest of the world's authorities will sue them.

    That's an impossible legal situation that should never arise, ever. That's why jurisdiction exists.

    And they have the cheek to say that China etc. are overbearing and overstepping the mark to spy on their citizens...

  • I *would* agree with Microsoft on this one, except that it's a lousy test case, and likely to set a bad precedent.

    What would be good to test in the courts -- and have protected by case law -- would be something like: Can a US court demand access to data generated by Notamericastan clients using a US-based software service that stores their logic in datacenters in Notamericastan. In this case, *some* of the data makes a roundtrip through US circuits, but generally the US company is providing logic for non-U

  • Does anyone really think that Microsoft is coming to the aid of everyday people and championing their right to privacy? MS cares about one thing and one thing only...money. This decision is all about money. If users get the feeling that MS is not standing up for them they will take their business (i.e. money) elsewhere.

    Money. It's the same reason that corporations set up business in far off places so they can avoid paying their fare share of taxes. Taxes that support the rule of law that makes the US such a

    • You actually still missed the point, though the point you're making may also be valid. It is illegal for Microsoft Ireland to turn over that data. The US court doesn't have jurisdiction over MS IRE, the Irish and EU courts do. Per EU law, that data cannot be given up. The US government needs to go through the local (in this case, Irish) government to get a warrant there.

      This is like a state trooper in California getting a warrant to search my home (in Washington) for marijuana (which is legal here), on acco

      • I suppose it remains to be seen whether or not it is illegal. There was a very similar situation several years ago when the US government was able to convince Swiss Banks to turn over information pertaining to numbered accounts for American citizens. It seemed to me that Swiss banks ought to be governed by Swiss laws and that if they wanted to keep secret the identities of their customers that should be their right to do so. And yet some amount of political arm twisting convinced the banks to turn over the

  • by jonwil ( 467024 ) on Wednesday September 09, 2015 @05:51PM (#50490445)

    If the data is stored in a data centre in Ireland, why cant they use Irish law (and work with Irish law enforcement if necessary) to get this information?

I owe the public nothing. -- J.P. Morgan

Working...