In a high-stakes case pitting the U.S. government against Microsoft, a federal appeals court is wrestling with the question of whether a U.S. company can be forced to turn over customer data stored in an overseas location.

Microsoft is challenging a U.S. search warrant for customer emails stored in a data center in Ireland. The Justice Department is seeking the emails as part of a narcotics-trafficking investigation and a trial judge earlier this year held Microsoft in contempt for refusing to comply with the warrant.

At a hearing Wednesday, a U.S. government lawyer told a three-judge panel of the Second U.S. Circuit Court of Appeals that control over data, regardless of its location, dictates whether a U.S. company must produce it to the government.

One of the judges, however, noted that by that logic, a court in Germany could compel a German company to disclose customer email over which it has control, even if the emails were stored in the United States “But it should be of no concern to us?” Judge Susan L. Carney asked.

“This is the international norm,” the lawyer, Justin Anderson, conceded.

Microsoft attorney E. Joshua Rosenkranz warned that forcing the company to turn over the emails would signal to other countries that data held in the U.S. is within their reach. “We are talking about a global free-for-all,” he said.

As The Wall Street Journal reports, the case “could affect how privacy-conscious people outside the U.S. view American companies and their ability to safeguard customer data.”

Companies have rallied to Microsoft’s defense, arguing in court briefs that their image abroad has already suffered from revelations about U.S. spying and the cooperation of telecom companies in surveillance programs.

U.S. courts have enforced subpoenas issued to banks for business records held abroad, even when foreign law prohibited it. Microsoft contends emails are distinguishable from business records.

“A bank can be compelled to produce the transaction records from a foreign branch, but not the contents of a customer’s safe-deposit box kept there,” it said in a brief. “A customer’s emails are similarly private and secure and not subject to importation.”

, , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *