The US government's reach got a little bit shorter Thursday when the Second Circuit Court of Appeals reversed a lower court decision and ruled that the US government can't force Microsoft to hand over customer emails stored on a server in Ireland.
The court's ruling at least temporarily capped a long-running legal battle between the tech giant and the federal government, effectively ordering a District Court to quash a warrant for the data and vacating an order that held Microsoft in contempt for its refusal to yield to the government's demands.
Privacy advocates hailed the ruling as a victory for Microsoft and, if it holds, will likely inspire confidence among privacy advocates and European privacy regulators who worried about the fortitude of the US's privacy posture.
“It's a big win for Microsoft and other tech companies pushing back against government information requests,” Joseph G. Falcone, partner at the law firm of Herbert Smith Freehills New York LLP, told SCMagazine.com.
“The ruling really puts the US on an even playing field with other governments and will help in future conversations on privacy,” former White House senior director for cyber-security Ari Schwartz, now managing director of cyber-security services at Tenable LLP, told SC via email.
The court flatly said that Congress didn't intend for warrant provisions in the Stored Communications Act (SCA), its basis for making such data requests, to apply in other territories.
Indeed, “the focus of those provisions is protection of a user's privacy interests," Second Circuit Court Judge Susan L. Carney wrote, noting that the SCA “does not authorise a US court to issue and enforce an SCA warrant against a United States‐based service provider for the contents of a customer's electronic communications stored” on overseas servers. Stay tuned for next report....!!!