On the heels of The CLOUD Act being passed by the U.S. Congress, the U.S. Department of Justice is going after Microsoft again for emails it has been protecting as part of an ongoing data privacy case.
Last Friday, the Justice Department was granted a new search warrant meant to force Microsoft to turn over the emails in question.
Microsoft officials repeatedly have said they were in favor of legislation, not legal action, in settling these kinds of matters. Though it seems contradictory, Microsoft actually backed The CLOUD (Clarifying Lawful Overseas Use of Data) Act, which stipulates that cloud providers comply with court orders for data regardless of whether the information is located in the U.S. or not.
Microsoft President and Chief Legal Officer Brad Smith reiterated today that Microsoft backed The CLOUD Act because it sets the stage for governments to establish the international agreements between them to establish a framework for these kinds of cases.
Today, April 3, Microsoft also filed its brief responding to the DOJ’s new motion from Friday.
According to Microsoft’s brief, the government said it didn’t intend to pursue the original warrant that was at the heart of the case, and they also made clear that Microsoft retains a right to challenge to U.S. warrants – including new warrants – on comity grounds.
Microsoft plans to review the new warrant before deciding if the company believes it is obliged to comply. Microsoft isn’t objecting to the government’s motion to make the original case moot.Microsoft officials have said their goal in backing The CLOUD Act is to avoid repeated court visits and legal battles and to establish new international privacy rights rules. Microsoft execs claim that The CLOUD Act gives cloud service providers added legal rights to protect privacy under these kinds of international agreements.
“More than anything, we now need governments to move forward quickly to put new international agreements in place. … The ultimate goal – one that is likely to take some additional years to achieve — is a set of agreements that create an accepted model and establish clear international legal rules that satisfy law enforcement and privacy advocates alike,” said Smith in his blog post today.
Microsoft’s data-privacy case began in 2013 over emails from a drug trafficking investigation suspect stored in Microsoft servers in Dublin. A federal judge in New York issued a warrant for the emails, and Microsoft decided to challenge the order in court.