A search warrant commanding Microsoft to turn over certain customer email data that is currently stored overseas was unfrozen late this week. The company declined to comply.
In a statement, Microsoft said that it “will not be turning over the email and plans to appeal.” This protest act by Microsoft, arguing that domestic warrants should not be able to command access to data stored abroad, has picked up support from other technology companies.
Profits are at risk. Modern technology companies vend cloud-based services to a global user base — if any one country can use domestic warrants to command access to the data of all companies that are headquartered within its borders, regardless of where the information in question is physically stored, no company can protect the data of users who hail from other countries from its own government. That would harm the company’s ability to sell services to those potential international customers.
More to the point, why a United States search warrant would apply to a datacenter in Ireland holding data of a person that may not be a United States citizen is somewhat suspect.
The ability to segregate data away from the reach of the United States government matters all the more in the current technological climate, living as we are in the wake of the NSA revelations that showed the world precisely how far the reach of the country’s surveillance powers actually are. If using the technology product of a United States-based firm leaves your data at the whim of the United States government, wouldn’t you consider using a rival product from a firm that doesn’t share the weakness?
It would be nice to live in a world where companies could use geographical distance to protect the data not just from the United States government’s hands, but from the hands of all governments. The long gist here is that legal precedent commanding more user data privacy is good, and should be sought after.